buzzstormer.com Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Submission: On January 23 via manual (January 23rd 2024, 10:00:17 pm UTC) from US — Scanned from US

Summary HTTP 131 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 1 countries across 19 domains to perform 131 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is buzzstormer.com. The Cisco Umbrella rank of the primary domain is 192468.

This is the only time buzzstormer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
2	37.19.207.34 37.19.207.34	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:5870	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
1	34.218.186.96 34.218.186.96	16509 (AMAZON-02) (AMAZON-02)
5	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
8	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c19::9a	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
1	2a02:6ea0:e20... 2a02:6ea0:e200::2	60068 (CDN77 ^_^) (CDN77 ^_^)
24	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2 4	142.251.16.149 142.251.16.149	15169 (GOOGLE) (GOOGLE)
2	72.21.81.64 72.21.81.64	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
2	138.197.58.184 138.197.58.184	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.69.221.163 104.69.221.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:100:a005... 2620:100:a005::14	19750 (AS-CRITEO) (AS-CRITEO)
1	23.61.11.164 23.61.11.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.225.195.81 13.225.195.81	16509 (AMAZON-02) (AMAZON-02)
2	107.20.21.71 107.20.21.71	14618 (AMAZON-AES) (AMAZON-AES)
10	23.33.180.52 23.33.180.52	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:269... 2600:9000:269f:4800:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1402:880... 2600:1402:8800::1728:cdc2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c07::95	15169 (GOOGLE) (GOOGLE)
2	44.215.30.123 44.215.30.123	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
5	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
131	33

13 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

buzzstormer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 37-19-207-34.bunnyinfra.net

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5870 (United States)

ASN13335 (CLOUDFLARENET, US)

trkrcom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.218.186.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-186-96.us-west-2.compute.amazonaws.com

rtb-lb-event-adcloud-prod-us-west-2-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

displayf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
statsf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:e200::2 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)

video.om-meta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.16.149 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.81.64 (United States)

ASN15133 (EDGECAST, US)

playtime.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.197.58.184 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rtb.om-meta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.69.221.163 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-221-163.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a005::14 (United States)

ASN19750 (AS-CRITEO, US)

rtb.da.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.61.11.164 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-11-164.deploy.static.akamaitechnologies.com

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-81.yul62.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.21.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-21-71.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.33.180.52 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-33-180-52.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:269f:4800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1402:8800::1728:cdc2 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.215.30.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-30-123.compute-1.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3202 csm.us.criteo.net — Cisco Umbrella Rank: 3277	340 KB
16	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 954 d9.flashtalking.com — Cisco Umbrella Rank: 1742 cdn.flashtalking.com — Cisco Umbrella Rank: 1296 ad-events.flashtalking.com — Cisco Umbrella Rank: 1404 stat.flashtalking.com — Cisco Umbrella Rank: 1445 secure.flashtalking.com — Cisco Umbrella Rank: 2387	262 KB
13	buzzstormer.com buzzstormer.com — Cisco Umbrella Rank: 192468	171 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163	63 KB
10	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	39 KB
6	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3066 data.ad-score.com — Cisco Umbrella Rank: 2906	161 KB
6	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 3179 cat.va.us.criteo.com — Cisco Umbrella Rank: 3347 rtb.da.us.criteo.com — Cisco Umbrella Rank: 9644	110 KB
6	everesttech.net rtb-lb-event-adcloud-prod-us-west-2-tm.everesttech.net — Cisco Umbrella Rank: 14240 displayf-tm.everesttech.net — Cisco Umbrella Rank: 7079 statsf-tm.everesttech.net — Cisco Umbrella Rank: 5475	7 KB
5	gstatic.com fonts.gstatic.com	135 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	259 KB
3	om-meta.com video.om-meta.com — Cisco Umbrella Rank: 144506 rtb.om-meta.com — Cisco Umbrella Rank: 5104	235 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473	29 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	10 KB
2	tubemogul.com playtime.tubemogul.com — Cisco Umbrella Rank: 7280	22 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 9632	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	27 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1669	63 KB
1	trkrcom.com trkrcom.com — Cisco Umbrella Rank: 184255	695 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
131	19

	Domain	Requested by
24	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
13	buzzstormer.com	buzzstormer.com
10	imageproxy.us.criteo.net	ads.us.criteo.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	buzzstormer.com googleads.g.doubleclick.net
6	cdn.flashtalking.com	ajs-assets.ftstatic.com cdn.flashtalking.com
5	data.ad-score.com	js.ad-score.com
5	fonts.gstatic.com	fonts.googleapis.com
4	ad.doubleclick.net	2 redirects ads.us.criteo.com
4	statsf-tm.everesttech.net	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	stat.flashtalking.com
3	csm.us.criteo.net	ads.us.criteo.com
2	pagead2.googlesyndication.com	www.googletagservices.com
2	ad-events.flashtalking.com
2	d9.flashtalking.com	ajs-assets.ftstatic.com d9.flashtalking.com
2	rtb.da.us.criteo.com	googleads.g.doubleclick.net
2	servedby.flashtalking.com	blank
2	rtb.om-meta.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.us.criteo.com
2	playtime.tubemogul.com	displayf-tm.everesttech.net playtime.tubemogul.com
2	cat.va.us.criteo.com	ads.us.criteo.com
2	ads.us.criteo.com	googleads.g.doubleclick.net
2	plausible.io	buzzstormer.com plausible.io
1	secure.flashtalking.com
1	s0.2mdn.net	cdn.flashtalking.com
1	code.createjs.com	cdn.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	video.om-meta.com	googleads.g.doubleclick.net
1	displayf-tm.everesttech.net	googleads.g.doubleclick.net
1	rtb-lb-event-adcloud-prod-us-west-2-tm.everesttech.net	googleads.g.doubleclick.net
1	trkrcom.com	buzzstormer.com
1	fonts.googleapis.com	buzzstormer.com
131	35

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
plausible.io R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
buzzstormer.com E1	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.tmogul.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2024-06-11`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2024-04-12`	3 months	crt.sh
1059254316.rsc.cdn77.org R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-25` - `2024-02-22`	3 months	crt.sh
*.tubemogul.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-14` - `2024-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-22`	3 months	crt.sh
rtb.om-meta.com R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.da.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-14` - `2024-04-11`	3 months	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-10-22`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Frame ID: 5367B307F85FA17A50CB5E536D79E991
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: 85C951D71F2F8D319C136B648CE638BF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: B4719E8413A85960113843D51484FC7A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: 8B2AD4F32DB335E86609B60E206491C6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: 31BB7964119638921F5E2745915B53B3
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbA26wAC8oUGdgIRAAhFtGqgf1YoIiAPTpDChw&u=%7CozVjAiLAVsFWaYHD5X4c8sEYqUCkFT89K%2BdDpEk6%2BtA%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3hSdb39GT3zCuL_e9vqUNcG0hrO1QpU9y_mNU5WD_YhfXEaFvcD5YbQymFnQizgY3iXinh_LcCgaE6Y-jcfBi-Ksv1eN_dJ6h6TXvSiSX4Pn4rkqlJId8EGWP4XZXji_2SBEfhfTixzUGLp5mE3FCfepmeq6VVbZ4C2onZTINI3kUIQU6JOCjaR0DvRSl0uLUzFe24c4UInG3eCkqLoh5ILVtU3OnIfm4KM0HOBgxrb03Mfbv_DXO4lpMHwSRGFA5nxXuOETTjlNBet5233X8HuoMo3rzFINl-tjTIl9r0aSkHKHi7wsKHILv823IRTpjuZ_KZQrLDzWv5fRlC8SXKDUw_mQvIPtHE50miRdlJWnkdnKy1rEEzrRsqioJnPn2SwBmq7ENOrNt5CfuW2D8Rn3SFPPMHlnZTi5FSTH2TzFzFmtug99aqkEp8P9mmaTW4o8iVDu_nsDcPPCii1h_ajJt1SFOkzUrEl22ylbbXb7hgZGkQnI_AZfGDMIewWfuLu9bkwkBfTFBbqXTsEeGNIaDD7ca1glJyJx3pY_uTmoXbF7azahVd83vlM1GOM5vF2XpPlHW5r3o5pyNprX14Exp9DUaZR33&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZTQW6zawZYXlC5GE2OMPtIuhoA-cge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0HooTjhPU3fVZNu56g4FNTXTBnLZBoeww0-jynChPW9f3eJLcb1ptAQdRn_NUeva7S9zVAwzIGnOPRasDCN5NsPoIq6J69l-9CX6UC4-kdJmvm86fHFqenS5kmsgPHxA55wilCIdq3-MhMomXUdZELlDiZx7dgbp9p5iSBgZk252QsczhuixYNh8qs_S4Pl1Mzd3LmzXc0_GfNWwEOBFse-Vz090iEKPDDvt093Wycmh2L-DrrKefJP4NtqS-OFWsw59yE_Cakay1brPo9rDWp9VGHwm2hVoGgO5p_XGSNiM8oAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljI4_aPwfSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AwS2pjqEIxYNwdXMtOM9YT9b44g%26client%3Dca-pub-7820916800218761%26adurl%3D
Frame ID: 1FFBEC852DFE21F79C78AA71933A01C0
Requests: 25 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbA26wAC5CoD595eAAUreAuEDUg9dMrgc7YJfw&u=%7CozVjAiLAVsHG2w9BG4WILfZxt4hjm2ApZuXkGzg5S%2B8%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78caHAes9ER6OpE37HOUFIoYiymCEWOeJu-Y46DI3xgN-6M67if9r-d4XGq_qb19NA9p7eX3UwxV66JwSNtvOstv3r-FQv_gvW0eKba9wf5Rqspbh4GE5tu3AgAJCQimEnpbG2rYQ1NCIbF3unGhDaaK10Av4bmHLhZ3NtEIu3LkfXoGmO9LktskCPCq_jBI_qwwtyC77V7wNVO2Pg48u84GcM6qLUWEDLLzKnGPOzTZ7JKvPGuamGJ_0kIz6NyLWDT8Uzk7lXcXchC4EdU0YtszuAO2ErCBSe9-jHmGzW9OJ5J7DHVTCNL2Ae3SZGLvT4bBrc2MMt78a5_WJf6KdgKBqlQWM57ZT3QCLS_dRhHR1QAEGnMMNKTBipEueC3OxZKb9tvne6KVWspKMm-rRaZwndAPc-Qsi2ucvZ0m5ozmka5stmLI2lv4pQ25yTdUY0h0IOcNGaHlrvb3fJGJYLVCWpHOnX7akn6d1CK6tyn5uyueVtSWEn9L1PMa9Mu_m4BQJDe5_rkqBa1XuxdkSIdoBicNzat1bKWiigY38N4_g_3pRQRLB-2o12Tu-cFUXXJV7pi39K47iOrdiHWrmXY0yM_aeEx_UCTMXqFM2-g6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeScA6zawZarIC968n88P-NaU8Aicge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BqO4VF3J3waulwth0yJv0dt-2dxHBj2FKZYdw-chuffePiIy1RBWRiVE4e91KYuU9yLyKXDKwSXsxquQG7CeSnHnfYClr_UQK_y4h_nEAyhdUVpzWALJPfGAQNJZAwkt61Uiqu73NYC3piiZgKKrxMH8n2BAwCL39nCopzp9kvbtz46tvnGE9WPE2teOT26meKbeIQBlPYGIqnVtTLhJ6tUzdgz4Jpxe-KG6O1iIkWQoeuklP5etiWHyFy0U72gS3kZHX2RQk4oKX4R5cX1FYkvOTdaPtbKTC3ly3xkx1TSuIAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliZz_aPwfSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hP9c6v-MxIIc1jcMzwzQpAFG53Q%26client%3Dca-pub-7820916800218761%26adurl%3D
Frame ID: CDD2D7BBDA7273E102F6859270890C16
Requests: 20 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB
Frame ID: 4AE2E002176B26BC5DCB66DC1B9C3F3A
Requests: 5 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/8/225407;8026169;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN160x600/?ft_custom=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&us_privacy=${US_PRIVACY}&ftClick=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SnkT4mvCRZONkhMfRF5S&sessId=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&seller_id=pub-7820916800218761&psId=HM0m9MWSkXJ9ZTd6IN2t&sId=0&dur=15&date=&auth=&did=&didtype=UNK&stch_id=&conn=ethernet&env=site&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&PG=F&s=H4sIAAAAAAAAAAEAAf_-svy0vUYuHT26h2XpPUxLYxfavz2DUrdqvvbpnCychKPmOc9V0UMJ9GUiP6zmUNLNMXe2z1FoPx8ImdMvl1OQcXoI5sesO7bNpJUVqD1IGLlXjRARn_5fxAxPl7UNxXnmoykScW-qdpYpPhDeimCfPVmJMxz2q2OTGwZu7np9nyq0fVbXJCnpvXuyf93Vbcn_d_KfFnq0-R8bEpwoWI1c5NoPd3j4SANFxl8fSoDGdm6Y6049TM_YhZplZ29TOzYYB5YI_59bdsd5vDWdKhCDeA3BT3zeK9fJB7TdUehFvh77q_8IbLdLbszWDEW4rpsGM41Qt2DIG93boZd-OzBbGGk_NjMAAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-uiu6zawZafSC6Wl2OMPjtaKiAu835z0XK6C25dSwI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0IW_k8ChybpIhlZl7VqVUyeH6PbQYa4eU2wm_ONsdBQd4qx09crCoaugc0_rVMxXA-QwR9n3cLS7z_Jx87jtPBDuifYwrG7X7iGh3QjPPwBAcNOBajljLKskcB0clBsJvzxZMGpKb9guMxteX59qGF3PQFMVjdHzlYIByUKdPBenp1hSTSsPuKBck4xUj9ovDkEEfCAQoUje5M-J5FA2eOkoOIprP1CdBPImnZvNQS_9yO1PUQQ1Kqf1AB8gvy47G6HvlnFChHg8lj17J7mRll93-RfJtdBLzXpGgMKJymxS6YAGv-GZiP6-lvR5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKXU9o_B9IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0I3UPJaoSnsI_-UDIEv467UceAvQ%26client%3Dca-pub-7820916800218761%26adurl%3D&ft_partnerimpid=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&site_url=lolwot.com&cachebuster=437564.0099130651
Frame ID: D9742E08B20F86FDF54033F41BB104A1
Requests: 26 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html
Frame ID: CD7CBA6879CE38D3C7FC15AEDC8B0ADB
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 15A52663248F256A09AAE460565C691C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rummage Through Your Basement – You May Be Sitting On A Baseball Card Treasure Chest! – BuzzStormer

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

88 %
HTTPS

53 %
IPv6

19
Domains

35
Subdomains

33
IPs

1
Countries

1938 kB
Transfer

4290 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036ea35ee0b43ee5cd8516d8ddbf9;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CJfcopDB9IMDFXwuiAkdrE0JJw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036ea35ee0b43ee5cd8516d8ddbf9;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 64

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036eb1bf0809167201dc76f8afac8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CMfUppDB9IMDFb4NaAgdMJQJgw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036eb1bf0809167201dc76f8afac8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

131 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/ 66 KB
14 KB 499ms
453ms Document
text/html 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: a8a24d49b555dc6f18bcdb6c270e3c575611bc45a2c35952cd5e20ef89075e50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84a34ed5acdc398d-YYZ
Cache-Control: max-age=600, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Jan 2024 22:00:10 GMT
Link: <https://buzzstormer.com/wp-json/>; rel="https://api.w.org/" <https://buzzstormer.com/wp-json/wp/v2/posts/16796>; rel="alternate"; type="application/json" <https://buzzstormer.com/?p=16796>; rel=shortlink
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
X-Cache: HIT: 2
X-Cache-Group: normal
X-Cacheable: SHORT
X-Pingback: http://buzzstormer.com/xmlrpc.php
alt-svc: h3=":443"; ma=86400
cf-edge-cache: cache,platform=wordpress
x-powered-by: WP Engine

GET
H2 200 css
fonts.googleapis.com/ 54 KB
3 KB 115ms
44ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion%20One%3A400%2C700%7CWork%20Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen%20Sans%20Condensed%3A300%2C700%7COpen%20Sans%3A400%2C700%2C800%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&display=swap

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2187439774ebd6e0d1f4c1b6a100a34f6bd6f28a90bd48d50b894b9b92651e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jan 2024 22:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 22:00:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jan 2024 22:00:10 GMT

GET
H/1.1 200
OK style.min.css
buzzstormer.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 655ms
653ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 05 Nov 2023 19:40:32 GMT
Server: cloudflare
ETag: W/"6547efb0-1add3"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed88a1e398d-YYZ
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK styles.css
buzzstormer.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 47ms
29ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 25 Nov 2023 14:23:29 GMT
Server: cloudflare
Age: 2831
ETag: W/"65620361-b4e"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8aeab4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
buzzstormer.com/wp-content/themes/click-mag/ 82 KB
14 KB 52ms
34ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/style.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d8ba3f70422ccb7ae935a2eec8300a0d50eae89c28d6f8f8b607947e592725

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 25 Nov 2023 14:05:39 GMT
Server: cloudflare
Age: 2830
ETag: W/"6561ff33-14931"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8aa034bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK reset.css
buzzstormer.com/wp-content/themes/click-mag/css/ 1 KB
1 KB 478ms
459ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/css/reset.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 27 Sep 2023 13:03:36 GMT
Server: cloudflare
ETag: W/"65142828-434"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8a81ea204-YYZ
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK all.css
buzzstormer.com/wp-content/themes/click-mag/font-awesome/css/ 72 KB
14 KB 47ms
29ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/font-awesome/css/all.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 27 Sep 2023 13:03:36 GMT
Server: cloudflare
Age: 2831
ETag: W/"65142828-11f69"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8afed4bd5-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK media-queries.css
buzzstormer.com/wp-content/themes/click-mag/css/ 48 KB
5 KB 492ms
474ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/css/media-queries.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4acc7ff03019c152c16ddbbe3e5fc6e351fbbebbdc5824d7f898f33846caf066

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 27 Sep 2023 13:03:36 GMT
Server: cloudflare
ETag: W/"65142828-c164"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8af7e39d5-YYZ
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
buzzstormer.com/wp-content/themes/click-mag-child/ 15 KB
4 KB 70ms
25ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag-child/style.css?ver=2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a6d44f7420fa491c7af252f08b57de4ac1c9cdae68032fcec67c304719e604

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 11 Dec 2023 12:50:08 GMT
Server: cloudflare
Age: 2830
ETag: W/"65770580-3beb"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8decd4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jquery.min.js Show response
buzzstormer.com/wp-includes/js/jquery/ 86 KB
31 KB 27ms
26ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 28 Aug 2023 17:14:23 GMT
Server: cloudflare
Age: 2830
ETag: W/"64ecd5ef-15601"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8d84e4bd5-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 118ms
36ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

37-19-207-34.bunnyinfra.net

Software

BunnyCDN-ASB1-925 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 925
cdn-cachedat: 01/23/2024 18:03:44
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.3
alt-svc: h3=":443"; ma=2592000
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: 7973bdd27578bc6aeb3e46a111bf7278
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK lazyload.min.js Show response
buzzstormer.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 25ms
24ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 25 Nov 2023 14:24:07 GMT
Server: cloudflare
Age: 2830
ETag: W/"65620387-22bc"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a34ed8ea264bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 6b9438e029a212f3d01de48e6a0ddcce.js Show response
buzzstormer.com/wp-content/cache/min/1/ 159 KB
51 KB 76ms
29ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://buzzstormer.com/wp-content/cache/min/1/6b9438e029a212f3d01de48e6a0ddcce.js
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0919ad2985025ead5321f5f125c138ec80dbf6037c35402e2b37ff4eb37c31

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 02:00:20 GMT
server: cloudflare
age: 2830
etag: W/"659ca8b4-27a0d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84a34ed91d6e6aed-BUF
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efa7044b61673336fe621b90c74f48402854cde97bac5256680d8fadb8359510

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 167ms
100ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion%20One%3A400%2C700%7CWork%20Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen%20Sans%20Condensed%3A300%2C700%7COpen%20Sans%3A400%2C700%2C800%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 06:51:55 GMT
x-content-type-options: nosniff
age: 54496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 06:51:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 129ms
62ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 15:56:19 GMT
x-content-type-options: nosniff
age: 21832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 15:56:19 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 98ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:04:56 GMT
x-content-type-options: nosniff
age: 46515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:04:56 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 155ms
90ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 04:19:33 GMT
x-content-type-options: nosniff
age: 63638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 04:19:33 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 141ms
76ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 15:07:06 GMT
x-content-type-options: nosniff
age: 24785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 15:07:06 GMT

POST
H2 202 event Show response
plausible.io/api/ 2 B
519 B 205ms
132ms XHR
text/plain 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://buzzstormer.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
cdn-edgestorageid: 925
cdn-cachedat: 01/23/2024 22:00:11
cdn-pullzone: 682664
application: 10.0.1.2
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-request-id: F60Y5keCZTVwwwUoImIK
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
x-plausible-dropped: 1
cdn-requestid: 3ce6bfc9c03dfb0449cf6e79f55ab85b
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200
OK d6048fc680606999ea95addd858beb72ebe52982_pv Show response
trkrcom.com/api/ 21 B
695 B 468ms
423ms Fetch
application/json 2606:4700:3037::6815:5870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://trkrcom.com/api/d6048fc680606999ea95addd858beb72ebe52982_pv
Requested by: Host: buzzstormer.com
URL: https://buzzstormer.com/wp-content/cache/min/1/6b9438e029a212f3d01de48e6a0ddcce.js
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:5870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03faea081300341c1ec3959c72d2b53b75562ee9870a3020829e2b1f14683c5d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:11 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95nxUGfR8YNsGNt1gmGT3ITQ08dtljMzIUhFKLUbHVSiTpqCiW54q%2B3PLhzz9kfw8hTD1mav1gS9tENVIjNjjOZxTTZKyQb5GgtTIeR3ktTrTdbmctzGuopE%2Fp2%2BVuceg%2FZg5RFvbWW0LA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 84a34edd49874bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-nav.png
buzzstormer.com/wp-content/uploads/2023/09/ 808 B
995 B 29ms
27ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buzzstormer.com/wp-content/uploads/2023/09/logo-nav.png
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14376c90b1f807adf65110e16fccb21e57f814a8ba20ef658841aade579a3c45

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
cf-cache-status: HIT
age: 114792
cf-polished: origFmt=png, origSize=1863
content-disposition: inline; filename="logo-nav.webp"
alt-svc: h3=":443"; ma=86400
content-length: 808
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Sep 2023 04:50:13 GMT
server: cloudflare
etag: "65150605-747"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84a34edd09a46aed-BUF

GET
H2 200 Rummage-Through-Your-Basement-You-May-Be-Sitting-On-a-Baseball-Card-Treasure-Chest.jpg.webp
buzzstormer.com/wp-content/uploads/2023/11/ 15 KB
15 KB 26ms
26ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buzzstormer.com/wp-content/uploads/2023/11/Rummage-Through-Your-Basement-You-May-Be-Sitting-On-a-Baseball-Card-Treasure-Chest.jpg.webp
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66974170914676bcda77d5f5087dba48899a24cc38d3fe3be1c6b6da33d2cbe

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
cf-cache-status: HIT
last-modified: Sat, 25 Nov 2023 04:01:27 GMT
server: cloudflare
age: 20564
etag: "65617197-3b9e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84a34edd09a36aed-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15262

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85C9 43 KB
17 KB 442ms
373ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cba78000e902f131db22afc994109f805333f2ba0e8a844bb769b70b81a38e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16755
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 22:00:11 GMT
expires: Tue, 23 Jan 2024 22:00:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B471 36 KB
15 KB 542ms
474ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cde83c9358339f294db7a412da02241ca7fff5fd8c347d838854d51a71e804a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14854
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 22:00:11 GMT
expires: Tue, 23 Jan 2024 22:00:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B2A 37 KB
15 KB 582ms
515ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e36ed29d3168c3e564027c6b1c42fc370a23dc38fdd4ae93d98bbb521666d4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14774
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 22:00:11 GMT
expires: Tue, 23 Jan 2024 22:00:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 31BB 36 KB
15 KB 426ms
359ms Document
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fc56ca067ce218fec3695db0eec1d7693a5f24e779627684b33e5e7a297b7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14839
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 22:00:11 GMT
expires: Tue, 23 Jan 2024 22:00:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e.png
rtb-lb-event-adcloud-prod-us-west-2-tm.everesttech.net/rtb/ Frame 85C9 85 B
236 B 316ms
94ms Image
image/png 34.218.186.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-lb-event-adcloud-prod-us-west-2-tm.everesttech.net/rtb/e.png?e=win&aid=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&cp=2651803&slot=1&x_price=ZbA26wAC6ScGdhKlAAKrDpoQuxrQEO_25emWBQ&ets=1706047211349&tz=America%2FNew_York&source=google&country=US&region=NY&mc=48&ap=0&ut=0&vis=UNKNOWN&site=HM0m9MWSkXJ9ZTd6IN2t&bp=37917&curr=USD&exr=1.0&fid=Xf6e2yqPYRavegdigOp6&c=4118352440&ccurr=USD&cuxr=1.0&a=456868&ca=724434&st=DISPLAY&sh=600&sw=160&rid=4212&mp=9&psk=HM0m9MWSkXJ9ZTd6IN2t&cfc=0&cfci=0&dur=-1&cityid=-1&metroid=26&countryid=232&postalid=5349&didtype=UNK&duration=180&v=1&auth=1rBiMRz16d37EBg38vwyNp0Z0WU&x_r=kn3fOg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.218.186.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-218-186-96.us-west-2.compute.amazonaws.com
Software: adobe /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:11 GMT
x-pt: P=204 0=0
server: adobe
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 placement.js Show response
displayf-tm.everesttech.net/feed/ Frame 85C9 26 KB
6 KB 99ms
46ms Script
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=456248555348679300&tm_auction_id=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&didtype=UNK&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGWSQWjTYBTHl2RrtyI6S0UpiHEItsOkSZp8bbbD7Lquc13a2qR02y1Nvnahab8s-bq2uwgDPainHScDBQ-ieBEPsot3TzIvsqN4EGE4dpwXu3WC4Du8w-P93vvzf28M_RqPPHr79ODK5weHufDeSGAS9xzI1hGq21B3LI81UDNWtUwTumzKVKG7Ad0SXG9DDwefjFz7MjwRWq4BKPTWiyslfQPWTatecEDk2eELQghl29DGOG0YClacmqT2KgZKfnj5_c2l2ZDaamhicyNdWi3kG2tKrTQvqdsEVtCmZdt6TGI5OlKxWibqeHReo3mO5abpfgGI03QXiFE65Tg2rMBqzsIxKZ5g44CO5BY0ZekObVsNSGeh0UBROr3moiaM8UJ_AAs4WWYFQaRVvaa71jm3Q9Ay4HRZSugJ0YRJTuITOjCgCPW4bHCiZAp7xPWuaGzqSwhkIOgxnVxK9rr5zfssz_CsMvuJoMr53D7hb7caLdRpHRD-zkD8T4If_bhzKxhaULimrFTUxvKivKqZ4F5ewOGAjewOwqc206Q8dBZHM8dEyGlXmURS4GQeJDlO4JMJwJ8QoVNSSosVrVVvaj1N66nKyhZ5GeI15CXjPOO4yGSQK2yT4y6uMoPLMTXL9fBrctizMHxHjva7oduC-JiMBv5Hg74BNXEhznKMmk8V1YWCtkXNBHyDvxjffUWGqbI6N3Gaon9FT1FW05m9Ot-3O9PF_QW6XXQtA2bPoOLYY2pohzofsUfdDpBlNUjmV8KUxIuTI7wocILgz2YK6cJcZsqXLRSyS5m7xD7li8dBEkjfqH-8-kE9J46or8MnlN-EXgMj5-Zu-eLi-xu_H_4B-KFdS9QCAAA*&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uiu6zawZafSC6Wl2OMPjtaKiAu835z0XK6C25dSwI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0IW_k8ChybpIhlZl7VqVUyeH6PbQYa4eU2wm_ONsdBQd4qx09crCoaugc0_rVMxXA-QwR9n3cLS7z_Jx87jtPBDuifYwrG7X7iGh3QjPPwBAcNOBajljLKskcB0clBsJvzxZMGpKb9guMxteX59qGF3PQFMVjdHzlYIByUKdPBenp1hSTSsPuKBck4xUj9ovDkEEfCAQoUje5M-J5FA2eOkoOIprP1CdBPImnZvNQS_9yO1PUQQ1Kqf1AB8gvy47G6HvlnFChHg8lj17J7mRll93-RfJtdBLzXpGgMKJymxS6YAGv-GZiP6-lvR5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKXU9o_B9IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0I3UPJaoSnsI_-UDIEv467UceAvQ%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: adobe /
Resource Hash: e4ce0be6cfd3fb394613fdf482f629273b41e87b373b187077b726885e1ce540

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
via: 1.1 varnish
x-pt: P=2556 0=0
x-cache: MISS
x-region: North-America
x-served-by: cache-yyz4540-YYZ
server: adobe
x-timer: S1706047212.588257,VS0,VE25
x-failover: none
vary: Accept-Encoding, User-Agent
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 85C9 3 KB
1 KB 104ms
43ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 85C9 20 KB
9 KB 93ms
32ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:41 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85C9 205 KB
65 KB 159ms
92ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:00:11 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 1FFB 210 KB
59 KB 187ms
113ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZbA26wAC8oUGdgIRAAhFtGqgf1YoIiAPTpDChw&u=%7CozVjAiLAVsFWaYHD5X4c8sEYqUCkFT89K%2BdDpEk6%2BtA%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3hSdb39GT3zCuL_e9vqUNcG0hrO1QpU9y_mNU5WD_YhfXEaFvcD5YbQymFnQizgY3iXinh_LcCgaE6Y-jcfBi-Ksv1eN_dJ6h6TXvSiSX4Pn4rkqlJId8EGWP4XZXji_2SBEfhfTixzUGLp5mE3FCfepmeq6VVbZ4C2onZTINI3kUIQU6JOCjaR0DvRSl0uLUzFe24c4UInG3eCkqLoh5ILVtU3OnIfm4KM0HOBgxrb03Mfbv_DXO4lpMHwSRGFA5nxXuOETTjlNBet5233X8HuoMo3rzFINl-tjTIl9r0aSkHKHi7wsKHILv823IRTpjuZ_KZQrLDzWv5fRlC8SXKDUw_mQvIPtHE50miRdlJWnkdnKy1rEEzrRsqioJnPn2SwBmq7ENOrNt5CfuW2D8Rn3SFPPMHlnZTi5FSTH2TzFzFmtug99aqkEp8P9mmaTW4o8iVDu_nsDcPPCii1h_ajJt1SFOkzUrEl22ylbbXb7hgZGkQnI_AZfGDMIewWfuLu9bkwkBfTFBbqXTsEeGNIaDD7ca1glJyJx3pY_uTmoXbF7azahVd83vlM1GOM5vF2XpPlHW5r3o5pyNprX14Exp9DUaZR33&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZTQW6zawZYXlC5GE2OMPtIuhoA-cge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0HooTjhPU3fVZNu56g4FNTXTBnLZBoeww0-jynChPW9f3eJLcb1ptAQdRn_NUeva7S9zVAwzIGnOPRasDCN5NsPoIq6J69l-9CX6UC4-kdJmvm86fHFqenS5kmsgPHxA55wilCIdq3-MhMomXUdZELlDiZx7dgbp9p5iSBgZk252QsczhuixYNh8qs_S4Pl1Mzd3LmzXc0_GfNWwEOBFse-Vz090iEKPDDvt093Wycmh2L-DrrKefJP4NtqS-OFWsw59yE_Cakay1brPo9rDWp9VGHwm2hVoGgO5p_XGSNiM8oAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljI4_aPwfSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AwS2pjqEIxYNwdXMtOM9YT9b44g%26client%3Dca-pub-7820916800218761%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d47f22f617e3865381cc1da5b8dbc1b9e083550fab1095a18b5352ca62d0aaa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 22:00:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=BWz51fGzaQQhAjp3z-MCKRdH316FUSulpTReXC1aHiLmi147EQCfVRSMKTxGxWj3aofNGV_txJ_sjv_pOwsQcTStt5y4FFOBknUHmtVD8fUhCfQmW6hP-gMNn534J-fNOTaW7N8O4Ica72db539ekLaRtwjkXULZ_JjoAYc46pWeZP9I2TOaNKqDE9pF7ww_w-nK1sG3CEtTCm8y4BWfy1J3NNFSmOW5YbR61FwOGNHC8NnQYxdiYRLA7ZE3JMG4SE7l8aoh7Iq0-pQG"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 64619608
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 31BB 3 KB
1 KB 112ms
41ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 31BB 20 KB
8 KB 106ms
36ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:41 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31BB 205 KB
65 KB 109ms
33ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:00:11 GMT

GET
H2 200 imp
statsf-tm.everesttech.net/stats/1/ Frame 85C9 85 B
360 B 100ms
41ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/imp?sessId=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SnkT4mvCRZONkhMfRF5S&psId=HM0m9MWSkXJ9ZTd6IN2t&burl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7820916800218761%26output%3Dhtml%26h%3D600%26adk%3D3209154675%26adf%3D4043039345%26pi%3Dt.aa~a.4236442960~rp.1%26w%3D160%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1681580591%26rafmt%3D1%26to%3Dqs%26pwprc%3D3548874890%26format%3D160x600%26url%3Dhttps%253A%252F%252Flolwot.com%252F10-easy-methods-to-make-extra-cash%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26adsid%3DChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE%26uach%3DWyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd%26dt%3D1681580591901%26bpp%3D2%26bdt%3D1456%26idt%3D-M%26shv%3Dr20230412%26mjsv%3Dm202304110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Df317d07e87cadccd-22695f1c2cdf0037%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw%26gpic%3DUID%253D00000bf4db70eedd%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1724404121286%26frm%3D20%26pv%3D1%26ga_vid%3D351234906.1681580587%26ga_sid%3D1681580591%26ga_hid%3D1124025909%26ga_fc%3D1%26u_tz%3D330%26u_his%3D1%26u_h%3D864%26u_w%3D1536%26u_ah%3D824%26u_aw%3D1536%26u_cd%3D24%26u_sd%3D1.25%26dmc%3D8%26adx%3D175%26ady%3D1052%26biw%3D1519%26bih%3D754%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44759842%252C44759876%252C31073770%252C44788443%26oid%3D2%26pvsid%3D232731587555987%26tmod%3D1357422795%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fwww.google.com%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1536%252C0%252C1536%252C824%252C1536%252C754%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26jar%3D2023-04-15-12%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3D1Vv6r9uXdy%26p%3Dhttps%253A%2F%2Flolwot.com%26dtd%3D6&w=160&h=600&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&price=ZbA26wAC6ScGdhKlAAKrDpoQuxrQEO_25emWBQ&PG=F&didtype=UNK&seller_id=pub-7820916800218761&campaignKey=9ZTd5C4WTngmTyTTySMY&bidderZone=ethos831-prod-or2&bidderGroup=rtb-bidder-first&env=site&conn=ethernet&s=H4sIAAAAAAAAAAGwAE__Qgp23zEvfrFi-8Y4SkV6Rp0u6NGI5Zg8KjVV3pb9uiezLbl9xIJlXoezOffClUUFFV-MW8FbQ8T8E6WFGRDVicPUwjuCtC4pN5MSBxVs4MjdF7f9QQCSUYJdzMTRQnCvFqg3o53XZxsuDNHphub7g8md7esK3P2Nq1jeFUFfYhKJjXKhUcnBt4zrH7UrBO5llIZAcjjFDwvUedGNP-WyiP6cez-TJraZbEY8wmapqyLpbGKvsAAAAA&date=1706047211350&auth=48e16674a37731ac9e174bd116f62846&vinst=t&rurl=http%3A%2F%2Fbuzzstormer.com%2F&wd=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 22:00:11 GMT
via: 1.1 varnish
x-pt: P=316
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4539-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 22:00:11 UTC

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame CDD2 161 KB
50 KB 156ms
155ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZbA26wAC5CoD595eAAUreAuEDUg9dMrgc7YJfw&u=%7CozVjAiLAVsHG2w9BG4WILfZxt4hjm2ApZuXkGzg5S%2B8%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78caHAes9ER6OpE37HOUFIoYiymCEWOeJu-Y46DI3xgN-6M67if9r-d4XGq_qb19NA9p7eX3UwxV66JwSNtvOstv3r-FQv_gvW0eKba9wf5Rqspbh4GE5tu3AgAJCQimEnpbG2rYQ1NCIbF3unGhDaaK10Av4bmHLhZ3NtEIu3LkfXoGmO9LktskCPCq_jBI_qwwtyC77V7wNVO2Pg48u84GcM6qLUWEDLLzKnGPOzTZ7JKvPGuamGJ_0kIz6NyLWDT8Uzk7lXcXchC4EdU0YtszuAO2ErCBSe9-jHmGzW9OJ5J7DHVTCNL2Ae3SZGLvT4bBrc2MMt78a5_WJf6KdgKBqlQWM57ZT3QCLS_dRhHR1QAEGnMMNKTBipEueC3OxZKb9tvne6KVWspKMm-rRaZwndAPc-Qsi2ucvZ0m5ozmka5stmLI2lv4pQ25yTdUY0h0IOcNGaHlrvb3fJGJYLVCWpHOnX7akn6d1CK6tyn5uyueVtSWEn9L1PMa9Mu_m4BQJDe5_rkqBa1XuxdkSIdoBicNzat1bKWiigY38N4_g_3pRQRLB-2o12Tu-cFUXXJV7pi39K47iOrdiHWrmXY0yM_aeEx_UCTMXqFM2-g6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeScA6zawZarIC968n88P-NaU8Aicge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BqO4VF3J3waulwth0yJv0dt-2dxHBj2FKZYdw-chuffePiIy1RBWRiVE4e91KYuU9yLyKXDKwSXsxquQG7CeSnHnfYClr_UQK_y4h_nEAyhdUVpzWALJPfGAQNJZAwkt61Uiqu73NYC3piiZgKKrxMH8n2BAwCL39nCopzp9kvbtz46tvnGE9WPE2teOT26meKbeIQBlPYGIqnVtTLhJ6tUzdgz4Jpxe-KG6O1iIkWQoeuklP5etiWHyFy0U72gS3kZHX2RQk4oKX4R5cX1FYkvOTdaPtbKTC3ly3xkx1TSuIAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliZz_aPwfSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hP9c6v-MxIIc1jcMzwzQpAFG53Q%26client%3Dca-pub-7820916800218761%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4c37cacefb55a4ae47be19c2ef5e44a5eb57fa81ae674c1b23de6ae5c00f2a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 22:00:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=8lbm9_GzaQQhAjp3wOHftKVNts0A6Ks3orCrWx7KurHf4AWKS-wb1Sg5w7tfMumCiMEUoeQjja6SNqXllYSB-PhXk4_JPhb2_eDipVM_kb3EdO1xD1BBckFwxhh3eslbZEeVqLQRj2YIK3tR1Br3i9UOQKx5zybH6bRhd3JuuEBX070yzFmWWHBHm4UVD3NpezF2ConJBxizHBfepWiSHamoCWoXrjUQ9sCT1iL5KrZrZwN6SVXB8BxbqgbYFWPfbphFytdEVJI2QaWj"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 66738752
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B471 3 KB
1 KB 44ms
42ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B471 20 KB
8 KB 38ms
37ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:41 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B471 205 KB
65 KB 103ms
101ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:00:11 GMT

GET
H2 200 9_3vXtGFwdjFFicd_9872.jpg
video.om-meta.com/ Frame 8B2A 234 KB
235 KB 196ms
61ms Image
image/jpeg 2a02:6ea0:e200::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.om-meta.com/9_3vXtGFwdjFFicd_9872.jpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 140252fcd2f1c5c6d61fa35921918b8ca7cded83d5cd8e3725096e11a9b3e38a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: ashburnUSVA
date: Tue, 23 Jan 2024 22:00:11 GMT
via: 1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-age-lb: 1303721
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704743490
content-length: 239483
x-77-nzt: EgwBJRPOBAH3qeQTAAwBnJI73wH3AQAAAA
x-amz-meta-datetest: 2024-01-08T19:51:00.551Z
x-accel-expires: @1736279489
x-cache-lb: HIT
x-77-age: 1303722
last-modified: Mon, 08 Jan 2024 19:51:01 GMT
server: CDN77-Turbo
etag: "b725f2e4ec382915c29b687dc970220a"
x-77-nzt-ray: 8e305f1ce2034a8beb36b06536f6d92f
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2EZqxowgdLOFbXKBmzICfMq5HViaNfyWpmnAmYMFh6olwxABsjQYcg==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8B2A 3 KB
1 KB 39ms
37ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8B2A 20 KB
8 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:31:41 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B2A 205 KB
65 KB 83ms
80ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:00:11 GMT

GET
DATA 200
OK truncated
/ Frame 85C9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fed019af50653e33c4315774e1cc61e6d387545c8643dffb270b9818453b86a5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 31BB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c146a14d35ea83f7c5ea0780ff64f62706ab88ed6943c0724284aea467da28b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B471 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5b5797ad436193794230d3b5e8d809d6b7b55098669a555f0e1648e10009d7d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8B2A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c74a60141e244b6dc8e69bc89302b0a58ed943887eabe4815fd3ac774c3e9b16

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1FFB 2 KB
1 KB 92ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbA26wAC8oUGdgIRAAhFtGqgf1YoIiAPTpDChw&u=%7CozVjAiLAVsFWaYHD5X4c8sEYqUCkFT89K%2BdDpEk6%2BtA%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3hSdb39GT3zCuL_e9vqUNcG0hrO1QpU9y_mNU5WD_YhfXEaFvcD5YbQymFnQizgY3iXinh_LcCgaE6Y-jcfBi-Ksv1eN_dJ6h6TXvSiSX4Pn4rkqlJId8EGWP4XZXji_2SBEfhfTixzUGLp5mE3FCfepmeq6VVbZ4C2onZTINI3kUIQU6JOCjaR0DvRSl0uLUzFe24c4UInG3eCkqLoh5ILVtU3OnIfm4KM0HOBgxrb03Mfbv_DXO4lpMHwSRGFA5nxXuOETTjlNBet5233X8HuoMo3rzFINl-tjTIl9r0aSkHKHi7wsKHILv823IRTpjuZ_KZQrLDzWv5fRlC8SXKDUw_mQvIPtHE50miRdlJWnkdnKy1rEEzrRsqioJnPn2SwBmq7ENOrNt5CfuW2D8Rn3SFPPMHlnZTi5FSTH2TzFzFmtug99aqkEp8P9mmaTW4o8iVDu_nsDcPPCii1h_ajJt1SFOkzUrEl22ylbbXb7hgZGkQnI_AZfGDMIewWfuLu9bkwkBfTFBbqXTsEeGNIaDD7ca1glJyJx3pY_uTmoXbF7azahVd83vlM1GOM5vF2XpPlHW5r3o5pyNprX14Exp9DUaZR33&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZTQW6zawZYXlC5GE2OMPtIuhoA-cge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0HooTjhPU3fVZNu56g4FNTXTBnLZBoeww0-jynChPW9f3eJLcb1ptAQdRn_NUeva7S9zVAwzIGnOPRasDCN5NsPoIq6J69l-9CX6UC4-kdJmvm86fHFqenS5kmsgPHxA55wilCIdq3-MhMomXUdZELlDiZx7dgbp9p5iSBgZk252QsczhuixYNh8qs_S4Pl1Mzd3LmzXc0_GfNWwEOBFse-Vz090iEKPDDvt093Wycmh2L-DrrKefJP4NtqS-OFWsw59yE_Cakay1brPo9rDWp9VGHwm2hVoGgO5p_XGSNiM8oAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljI4_aPwfSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AwS2pjqEIxYNwdXMtOM9YT9b44g%26client%3Dca-pub-7820916800218761%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1FFB 2 KB
1 KB 119ms
57ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1FFB 308 B
636 B 83ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1FFB 293 B
621 B 109ms
58ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 1FFB 43 B
348 B 96ms
33ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=7AoE3miUQPzdQT6Uf0yNYxKsiLOHtwC3zXJYtEz8wWJrb7RkMWnFCGWugiwqz_-Bs151IanERcRk_27mBnAd5qDJuJpncB4N5TtTeMg7hEpY0vnpJM_p-C3Vf1-0_TNs9z-A4X7iS3ub3J2Y5gunwhZ8WDcRte88KZJybVfFmd3RUx91O1teLG-8_xXXeEEiDQDoAurea9cK5p-u55wNtNrAl4u3oxjpFiV8052IvnpnOlMp8hAK6_Azocsk00qYnsYGqsRz0E5Fh1pcJO5Lg8fTXCLEm9GrUK-J9PmLjwfCe0v03z0Gt_KyrJ_g_sWTfPsDp6CuRrqrEvX7orMzrDqMjfTpp7fVibCJW8mvXOd5asShkm40RQVC6ZjnoZFhhKxEC7bzgXO67NyJOGZn3HnhIMEcyoh7tfg7nUmY2641ro-pFt0oDAJUPU6CT_bRAT0Rfg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2624258
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B24217808.274313803;dc_pre=CJfcopDB9IMDFXwuiAkdrE0JJw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036ea35ee0b43ee5cd8516d8ddbf9;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/ Frame 1FFB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036ea35ee0b43ee5cd8516d8ddbf9;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CJfcopDB9IMDFXwuiAkdrE0JJw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036ea35ee0b43ee5cd8516d8ddbf9;dc_la...

42 B
474 B

52ms
51ms

Image
image/gif

142.251.16.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CJfcopDB9IMDFXwuiAkdrE0JJw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036ea35ee0b43ee5cd8516d8ddbf9;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Protocol

Server

142.251.16.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CJfcopDB9IMDFXwuiAkdrE0JJw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036ea35ee0b43ee5cd8516d8ddbf9;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 displayproxy-20231031.js Show response
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame 4AE2 17 KB
17 KB 150ms
32ms Script
text/javascript 72.21.81.64
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB
Requested by: Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=456248555348679300&tm_auction_id=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&didtype=UNK&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGWSQWjTYBTHl2RrtyI6S0UpiHEItsOkSZp8bbbD7Lquc13a2qR02y1Nvnahab8s-bq2uwgDPainHScDBQ-ieBEPsot3TzIvsqN4EGE4dpwXu3WC4Du8w-P93vvzf28M_RqPPHr79ODK5weHufDeSGAS9xzI1hGq21B3LI81UDNWtUwTumzKVKG7Ad0SXG9DDwefjFz7MjwRWq4BKPTWiyslfQPWTatecEDk2eELQghl29DGOG0YClacmqT2KgZKfnj5_c2l2ZDaamhicyNdWi3kG2tKrTQvqdsEVtCmZdt6TGI5OlKxWibqeHReo3mO5abpfgGI03QXiFE65Tg2rMBqzsIxKZ5g44CO5BY0ZekObVsNSGeh0UBROr3moiaM8UJ_AAs4WWYFQaRVvaa71jm3Q9Ay4HRZSugJ0YRJTuITOjCgCPW4bHCiZAp7xPWuaGzqSwhkIOgxnVxK9rr5zfssz_CsMvuJoMr53D7hb7caLdRpHRD-zkD8T4If_bhzKxhaULimrFTUxvKivKqZ4F5ewOGAjewOwqc206Q8dBZHM8dEyGlXmURS4GQeJDlO4JMJwJ8QoVNSSosVrVVvaj1N66nKyhZ5GeI15CXjPOO4yGSQK2yT4y6uMoPLMTXL9fBrctizMHxHjva7oduC-JiMBv5Hg74BNXEhznKMmk8V1YWCtkXNBHyDvxjffUWGqbI6N3Gaon9FT1FW05m9Ot-3O9PF_QW6XXQtA2bPoOLYY2pohzofsUfdDpBlNUjmV8KUxIuTI7wocILgz2YK6cJcZsqXLRSyS5m7xD7li8dBEkjfqH-8-kE9J46or8MnlN-EXgMj5-Zu-eLi-xu_H_4B-KFdS9QCAAA*&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-uiu6zawZafSC6Wl2OMPjtaKiAu835z0XK6C25dSwI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0IW_k8ChybpIhlZl7VqVUyeH6PbQYa4eU2wm_ONsdBQd4qx09crCoaugc0_rVMxXA-QwR9n3cLS7z_Jx87jtPBDuifYwrG7X7iGh3QjPPwBAcNOBajljLKskcB0clBsJvzxZMGpKb9guMxteX59qGF3PQFMVjdHzlYIByUKdPBenp1hSTSsPuKBck4xUj9ovDkEEfCAQoUje5M-J5FA2eOkoOIprP1CdBPImnZvNQS_9yO1PUQQ1Kqf1AB8gvy47G6HvlnFChHg8lj17J7mRll93-RfJtdBLzXpGgMKJymxS6YAGv-GZiP6-lvR5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKXU9o_B9IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0I3UPJaoSnsI_-UDIEv467UceAvQ%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (cha/81C7) /
Resource Hash: 686e660739424dd896e22f46622a30e963c89df24864933df2a586ebfd5cacfa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
last-modified: Tue, 31 Oct 2023 12:11:00 GMT
server: ECAcc (cha/81C7)
age: 35315
etag: "3106171132"
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17475
expires: Wed, 24 Jan 2024 22:00:11 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1FFB 12 KB
5 KB 105ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5410126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lmYbfH5Jm0YqF%2BkAPBxfNHH%2FHQHIErvQUj0lPjkN20GPdQc41J8i8YZ%2BdCarpLclD9ZEbv89%2BWEN3VZMlC6jn6bp7lmBRXfmDFksLitYmkyNfaoLtsceAmH%2FGhZMLmbZMfGFxu33X7ubDLzwXqiCWvB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84a34ee22bfc4bc9-BUF
expires: Sun, 12 Jan 2025 22:00:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1FFB 12 KB
6 KB 77ms
35ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff
static.criteo.net/design/dt/ Frame 1FFB 24 KB
24 KB 128ms
63ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

e9fdc188060ed6e1f88c478d14ec18de88aa08f8a04920a03c707b158b91bb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Dec 2018 15:42:02 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c09434a-5e6c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CDD2 2 KB
1 KB 36ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbA26wAC5CoD595eAAUreAuEDUg9dMrgc7YJfw&u=%7CozVjAiLAVsHG2w9BG4WILfZxt4hjm2ApZuXkGzg5S%2B8%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78caHAes9ER6OpE37HOUFIoYiymCEWOeJu-Y46DI3xgN-6M67if9r-d4XGq_qb19NA9p7eX3UwxV66JwSNtvOstv3r-FQv_gvW0eKba9wf5Rqspbh4GE5tu3AgAJCQimEnpbG2rYQ1NCIbF3unGhDaaK10Av4bmHLhZ3NtEIu3LkfXoGmO9LktskCPCq_jBI_qwwtyC77V7wNVO2Pg48u84GcM6qLUWEDLLzKnGPOzTZ7JKvPGuamGJ_0kIz6NyLWDT8Uzk7lXcXchC4EdU0YtszuAO2ErCBSe9-jHmGzW9OJ5J7DHVTCNL2Ae3SZGLvT4bBrc2MMt78a5_WJf6KdgKBqlQWM57ZT3QCLS_dRhHR1QAEGnMMNKTBipEueC3OxZKb9tvne6KVWspKMm-rRaZwndAPc-Qsi2ucvZ0m5ozmka5stmLI2lv4pQ25yTdUY0h0IOcNGaHlrvb3fJGJYLVCWpHOnX7akn6d1CK6tyn5uyueVtSWEn9L1PMa9Mu_m4BQJDe5_rkqBa1XuxdkSIdoBicNzat1bKWiigY38N4_g_3pRQRLB-2o12Tu-cFUXXJV7pi39K47iOrdiHWrmXY0yM_aeEx_UCTMXqFM2-g6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeScA6zawZarIC968n88P-NaU8Aicge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BqO4VF3J3waulwth0yJv0dt-2dxHBj2FKZYdw-chuffePiIy1RBWRiVE4e91KYuU9yLyKXDKwSXsxquQG7CeSnHnfYClr_UQK_y4h_nEAyhdUVpzWALJPfGAQNJZAwkt61Uiqu73NYC3piiZgKKrxMH8n2BAwCL39nCopzp9kvbtz46tvnGE9WPE2teOT26meKbeIQBlPYGIqnVtTLhJ6tUzdgz4Jpxe-KG6O1iIkWQoeuklP5etiWHyFy0U72gS3kZHX2RQk4oKX4R5cX1FYkvOTdaPtbKTC3ly3xkx1TSuIAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliZz_aPwfSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hP9c6v-MxIIc1jcMzwzQpAFG53Q%26client%3Dca-pub-7820916800218761%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame CDD2 2 KB
1 KB 42ms
36ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CDD2 308 B
636 B 34ms
34ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CDD2 293 B
621 B 30ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame CDD2 43 B
347 B 36ms
35ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=d86SZrP9bPnmSqN9hdKVChPZUs3bWAeyOPzfnNz5RbjBIyRAfeMk9bEmAEaXgzc_hRlWYLUpWopVvXgkBDrONuIvFIkIFb6nhKQ4uuSfPz_JWdx_RJofRm0nxw3Uc9YPlP4e6T6QKX-lKmeQM2pUXOdiMxpZxyIzZYiLJ07JSD6E0xNQSkEBxiw9kdCykjie-lCt3QLLcaZwPr-7ELCNKGUP-_PkUZIfpJEfv4V_mTgAThYhSKnSFVXVNFLti6_Bznpyev5PSTc_B85yXxYKF6Ou54Be-itRqgTusd2hnT1L7OgPziTlCQ6dSmDjT2ZmySJvfik8jptWSHinzf7_bshHJ1r8FbyGHj0IMEvQ4-4JdMJwVpHzgCRuAgibDMSoJl4hxkC5pJ1m0Tyxjwz4SMiQUGiClXLAn8vnnqnj2Xm5ydWx29Evzp3EwJspiS2nP1hWCQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2931119
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B24217808.274313803;dc_pre=CMfUppDB9IMDFb4NaAgdMJQJgw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036eb1bf0809167201dc76f8afac8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/ Frame CDD2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036eb1bf0809167201dc76f8afac8;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CMfUppDB9IMDFb4NaAgdMJQJgw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036eb1bf0809167201dc76f8afac8;dc_la...

42 B
462 B

54ms
54ms

Image
image/gif

142.251.16.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CMfUppDB9IMDFb4NaAgdMJQJgw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036eb1bf0809167201dc76f8afac8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Protocol

Server

142.251.16.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CMfUppDB9IMDFb4NaAgdMJQJgw;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b036eb1bf0809167201dc76f8afac8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 1FFB 7 KB
8 KB 154ms
88ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=104&m=0&partner=25144&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F25144%2F200701%2F49c7fdefdb4a4feebd2bf14922e3bf51_relaterentals_core_logowht.png&v=3&w=596&rid=4&s=dxqRRiK5ho2AnQGeGM_mNfI_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7df592ee1935d16aaf56cdd0d35c5ce2b4b9b68e45a039cacdedd194f347fc4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7603
expires: Fri, 03 Jan 2025 02:19:21 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 1FFB 17 KB
18 KB 174ms
107ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2019-01%2Fliving3-one-back-bay-boston_7.jpg%3Fh%3Db394498a%26itok%3DwlOc1pAM&v=3&w=800&rid=4&s=HPTyv2eWvotqv3Coh4bUfTgH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4fbbee18d3f1f9a098c4504eb826dffb62f7e2536d7ac81420900d6d6cca846b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 17864
expires: Thu, 25 Jan 2024 20:40:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 1FFB 16 KB
16 KB 166ms
100ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2018-05%2Fone-back-bay-apartment-interiors2_0.jpg%3Fh%3Df778dbdf%26itok%3DW_sH9MsH&v=3&w=800&rid=4&s=4Rm7jL1pIafzJxKwEEweu0C7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9aeb13e1bb386a4538794616f85d1f5f995abb63f3e3566cc54015171e9e4986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 16532
expires: Thu, 25 Jan 2024 20:05:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 1FFB 16 KB
16 KB 181ms
115ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2019-01%2FOne-Bennett-Park-Chicago-05-Kitchen_4.jpg%3Fh%3D56d0ca2e%26itok%3DMnXBo3-Y&v=3&w=800&rid=4&s=Qp8VgCCbspIP6_LrIbGrH2mE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

88dabf68b3ba8a107aa894404ca7e6ef825b665eb0dd47d96cd0204b93bcc8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 16204
expires: Thu, 25 Jan 2024 02:48:10 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 1FFB 35 KB
35 KB 123ms
57ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2020-04%2F500LakeShoreDrive_1_4.jpg%3Fitok%3DNMKrjyUd&v=3&w=800&rid=4&s=IG8K6EzF933Mgi6QNuPCgNYp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

51986bfbad1a0c3bf7ba11f8768172d6477ba7dfa77aa59a844191cf918b603c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 35834
expires: Fri, 02 Feb 2024 21:01:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 1FFB 17 KB
17 KB 154ms
89ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2019-01%2FOne-Bennett-Park-Chicago-02-Kitchen_1.jpg%3Fitok%3DwGBqM2tp&v=3&w=800&rid=4&s=LYasrv60Cp5uyuYpLbqRhac9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

160dcb54eb94e021bc79bb2ccc46b521517c0a018480c81698d5b636bc7c152b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 17670
expires: Tue, 06 Feb 2024 20:09:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 1FFB 34 KB
35 KB 97ms
97ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2020-06%2FPH1D-190227_LJW-LivingRoom-01a_0.jpg%3Fitok%3DLALb1lP-&v=3&w=800&rid=4&s=0GRAw2_Wn1EUCv_le9fEp_Il&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7f863714ededfe425476edecf535035da0b4453ab9a2860c0540c9ccbc3f3346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 35278
expires: Wed, 31 Jan 2024 02:09:38 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1FFB 0
128 B 95ms
30ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=BWz51fGzaQQhAjp3z-MCKRdH316FUSulpTReXC1aHiLmi147EQCfVRSMKTxGxWj3aofNGV_txJ_sjv_pOwsQcTStt5y4FFOBknUHmtVD8fUhCfQmW6hP-gMNn534J-fNOTaW7N8O4Ica72db539ekLaRtwjkXULZ_JjoAYc46pWeZP9I2TOaNKqDE9pF7ww_w-nK1sG3CEtTCm8y4BWfy1J3NNFSmOW5YbR61FwOGNHC8NnQYxdiYRLA7ZE3JMG4SE7l8aoh7Iq0-pQG&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1FFB 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1FFB 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CDD2 12 KB
5 KB 37ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5410126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTMqeWTvSdC8P9HbMrGRy5ABTRqkkauZ6cUOL3TA%2FZjm%2B0D6HPZvEcbnX30NlNdemRk0EU%2Bi%2B%2F8kK3cZNHeYYNOy%2FE9B9UPeZJ9RxQ8491sYKkl1MwK6HChWiTmWcIcjvv9hSMub6riQUlb5lfqR4orj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84a34ee2ac944bc9-BUF
expires: Sun, 12 Jan 2025 22:00:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CDD2 12 KB
6 KB 40ms
40ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 85C9 0
385 B 111ms
109ms Image
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz9sj6zawZafSC6Wl2OMPjtaKiAu835z0XK6C25dSwI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4AFP0IW_k8ChybpIhlZl7VqVUyeH6PbQYa4eU2wm_ONsdBQd4qx09crCoaugc0_rVMxXA-QwR9n3cLS7z_Jx87jtPBDuifYwrG7X7iGh3QjPPwBAcNOBajljLKskcB0clBsJvzxZMGpKb9guMxteX59qGF3PQFMVjdHzlYIByUKdPBenp1hSTSsPuKBck4xUj9ovDkEEfCAQoUje5M-J5FA2eOkoOIprP1CdBPImnZvNQS_9yO1PUQQ1Kqf1Qh0ALYznntcHE3LBaTq2U6NOD7C_jv-NZGEhEgZV4WKTEzfLQIAGv-GZiP6-lvR5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKXU9o_B9IMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc4MjA5MTY4MDAyMTg3NjEYAA&sigh=8x63hCweQIg&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_P8n2RjASVzAFhG8fzql_-XxL8LGqL_dunZQ7cJAe-XwTjgQEChe6o_-NZPdWNkNWdVL9ff6YqVE1JmzlPsceP2rJKgYUN85XpVcYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 22:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 Jan 2024 22:00:12 GMT

GET
H2 200 58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff
static.criteo.net/design/dt/ Frame CDD2 24 KB
24 KB 41ms
41ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

e9fdc188060ed6e1f88c478d14ec18de88aa08f8a04920a03c707b158b91bb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Dec 2018 15:42:02 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c09434a-5e6c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame CDD2 5 KB
6 KB 119ms
116ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=76&m=0&partner=25144&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F25144%2F200701%2F49c7fdefdb4a4feebd2bf14922e3bf51_relaterentals_core_logowht.png&v=3&w=596&rid=4&s=sLdOgukFo7itGOLTE4kMyJO5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d364578f9aa2440d458e75269bc9d62a43ed4ed737adabf1f4c349bd0663d172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5525
expires: Fri, 03 Jan 2025 02:19:21 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame CDD2 16 KB
16 KB 119ms
117ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2018-05%2Fone-back-bay-apartment-interiors2_0.jpg%3Fh%3Df778dbdf%26itok%3DW_sH9MsH&v=3&w=400&rid=4&s=-SZw1nMKYlnVV_I8JDdwJIH5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9aeb13e1bb386a4538794616f85d1f5f995abb63f3e3566cc54015171e9e4986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 16532
expires: Thu, 25 Jan 2024 20:05:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame CDD2 16 KB
16 KB 123ms
121ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2019-01%2FOne-Bennett-Park-Chicago-05-Kitchen_4.jpg%3Fh%3D56d0ca2e%26itok%3DMnXBo3-Y&v=3&w=400&rid=4&s=xmn2zKQCYPJdJYx7rIFQ4Jag&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

88dabf68b3ba8a107aa894404ca7e6ef825b665eb0dd47d96cd0204b93bcc8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 16204
expires: Thu, 25 Jan 2024 02:48:10 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame CDD2 0
127 B 31ms
30ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=8lbm9_GzaQQhAjp3wOHftKVNts0A6Ks3orCrWx7KurHf4AWKS-wb1Sg5w7tfMumCiMEUoeQjja6SNqXllYSB-PhXk4_JPhb2_eDipVM_kb3EdO1xD1BBckFwxhh3eslbZEeVqLQRj2YIK3tR1Br3i9UOQKx5zybH6bRhd3JuuEBX070yzFmWWHBHm4UVD3NpezF2ConJBxizHBfepWiSHamoCWoXrjUQ9sCT1iL5KrZrZwN6SVXB8BxbqgbYFWPfbphFytdEVJI2QaWj&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CDD2 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CDD2 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:11 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8B2A 0
56 B 135ms
134ms Image
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Claor6zawZd-dDJO4n88PxoKBiAuE4_u9dcCG7qiDEsCNtwEQASAAYOUCggEXY2EtcHViLTc4MjA5MTY4MDAyMTg3NjHIAQmoAwHIAwKqBOIBT9AXUBoCh--oIWRzKN_8MCE5u1501Kk3mU1FqC498dMzrm8GPb6Am9Kg5IOkX1aSIb7JAysOg0vA4KdT6J_TFD9MxCTZIm5Pn-9LlHhoo9t-fTuROzy555S6_lu6yIYc1PuULZJIYF7Pc7yKpMqVKyFb2btDmbt7E3DOmYfCHRRoS6vfsYbVTl_TEYtmaHzg3P7ZRLWlkBdPm7b_hX5m2az3nzngrBfzX-RmzBx61odZCDv-me19ozlaSA1TPoZPhZEGxmbbbMJ7YJj7yAkPFwhzZyzfLPv5vlPLtFril8XcJ4AG_4_VgpWsi4qMAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliGm_ePwfSDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODIwOTE2ODAwMjE4NzYxGAA&sigh=1AZjDRSbdsA&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_F-lqEWhQ0pZNAssGm5uB09nZ6ROn95cft7-kfAvvHkQaXghUMyyKr2NJs261ZNtL2_4-1WxD-Mi59ER5AVslqS9NdsIyreyzDUQYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 22:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK win
rtb.om-meta.com/rtb/ Frame 8B2A 1 B
300 B 115ms
47ms Image
text/plain 138.197.58.184
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.om-meta.com/rtb/win?token=6PdH2gStgwqWCM1kMZafNhfUgrfB5Rk9GqHj3ysWerLLaKajYnsGShqMqtEZfUHWQ9PtXTVYhiz8hPrP6485G4eeWEmxMpsgc3r7jnzdywj972ZT3BH1wfFgUZHtCcyYZGd1JivTcKVRB4x2oycTTStXpJvat565CXsYAYwsmJEkkcU8CwjqWSNR3hWcK1ZPPwpgiQ1Q9DGGaFZDNxSVuXugVa7&price=ZbA26wADDt8D59wTAABBRu547S3lIGxU3KCQpw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.58.184 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-TIME,X-REASON
access-control-credentials: true
x-instance: om-bidder-53
access-control-allow-headers: Content-Type
content-length: 1

GET
H/1.1 200
OK imp
rtb.om-meta.com/ Frame 8B2A 1 B
299 B 121ms
53ms Image
image/bmp 138.197.58.184
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.om-meta.com/imp?token=6PdH2gStgwqWCM1kMZafNhfUgrfB5Rk9GqHj3ysWerLLaKajYnsGShqMqtEZfUHWQ9PtXTVYhiz8hPrP6485G4eeWEmxMpsgc3r7jnzdywj972ZT3BH1wfFgUZHtCcyYZGd1JivTcKVRB4x2oycTTStXpJvat565CXsYAYwsmJEkkcU8CwjqWSNR3hWcK1ZPPwpgiQ1Q9DGGaFZDNxSVuXugVa7&price=ZbA26wADDt8D59wTAABBRu547S3lIGxU3KCQpw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.58.184 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-type: image/bmp;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-TIME,X-REASON
access-control-credentials: true
x-instance: om-bidder-11
access-control-allow-headers: Content-Type
content-length: 1

GET
H2 200 playfairdisplay-400.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame 1FFB 1 KB
760 B 30ms
30ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c7-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H2 200 playfairdisplay-700.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame 1FFB 1 KB
761 B 31ms
30ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

811b6e679ed2a18fb5696054a5386869bef195c0dcdd045f623dc19530216741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H2 200 renderstart
statsf-tm.everesttech.net/stats/1/ Frame 4AE2 85 B
176 B 42ms
42ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/renderstart?psId=HM0m9MWSkXJ9ZTd6IN2t&auth=415d232d9ca31b5385e55d9d9def558a&vinst=t&cpKey=GuelttCccMtMpf5SyWco&sessId=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&did=&mpKey=Xf6e2yqPYRavegdigOp6&didtype=UNK&s=H4sIAAAAAAAAAAEAAf_-BZjQlBC2-rV6BRQSzZy-uEEl8q9zGKzSbDe89kR7BWNeSRbGFDgWGCWYvxgATfs-sWTqKs2uAjmcvJWseuyKrm7z-I8nNqnMvAlqcASvjGUwYd2eSatv5T8Nh2bGYx05S5SSx9Houp2Tpo6OvbGZGECOwdq7hfBzf8S6txxB9NZtNFKwpPynxc_VY53xHyEmtgpgzSkInXPWxW3k45oLjiH16-nBCm-x3mtvITgjjjXPmXSvPUA1Ie1pN1Le0r3x90v9ZiZFL2YvbMwckls0DywlroBjHb29-pSJblD5WWmeiHjwts0Ps6jOYxCw7paqhOHbZSbuqjEyM5RXjyOtjr957e4AAQAA&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&adKey=SnkT4mvCRZONkhMfRF5S&rt=HTML5&PG=F&date=1706047211601&env=site&conn=ethernet&price=&seller_id=pub-7820916800218761&burl=about%3Ablank&rurl=http%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 22:00:12 GMT
via: 1.1 varnish
x-pt: P=417
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4539-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 22:00:12 UTC

GET
H2 200 rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame 4AE2 85 B
130 B 106ms
105ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/rendercomplete?psId=HM0m9MWSkXJ9ZTd6IN2t&auth=415d232d9ca31b5385e55d9d9def558a&vinst=t&cpKey=GuelttCccMtMpf5SyWco&sessId=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&did=&mpKey=Xf6e2yqPYRavegdigOp6&didtype=UNK&s=H4sIAAAAAAAAAAEAAf_-BZjQlBC2-rV6BRQSzZy-uEEl8q9zGKzSbDe89kR7BWNeSRbGFDgWGCWYvxgATfs-sWTqKs2uAjmcvJWseuyKrm7z-I8nNqnMvAlqcASvjGUwYd2eSatv5T8Nh2bGYx05S5SSx9Houp2Tpo6OvbGZGECOwdq7hfBzf8S6txxB9NZtNFKwpPynxc_VY53xHyEmtgpgzSkInXPWxW3k45oLjiH16-nBCm-x3mtvITgjjjXPmXSvPUA1Ie1pN1Le0r3x90v9ZiZFL2YvbMwckls0DywlroBjHb29-pSJblD5WWmeiHjwts0Ps6jOYxCw7paqhOHbZSbuqjEyM5RXjyOtjr957e4AAQAA&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&adKey=SnkT4mvCRZONkhMfRF5S&rt=HTML5&PG=F&date=1706047211601&env=site&conn=ethernet&price=&seller_id=pub-7820916800218761&burl=about%3Ablank&rurl=http%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 22:00:12 GMT
via: 1.1 varnish
x-pt: P=481
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4539-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 22:00:12 UTC

GET
H2 200 aac_viewability-ab8b7a.js Show response
playtime.tubemogul.com/ud/prod/pullins/ Frame 4AE2 14 KB
5 KB 30ms
30ms Script
text/javascript 72.21.81.64
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by: Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (cha/80C3) /
Resource Hash: 0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 01:39:46 GMT
server: ECAcc (cha/80C3)
age: 72449
etag: "1983306799"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4789
expires: Wed, 24 Jan 2024 22:00:12 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/225407;8026169;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN160x600/ Frame D974 4 KB
3 KB 135ms
54ms Script
text/javascript 104.69.221.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225407;8026169;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN160x600/?ft_custom=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&us_privacy=${US_PRIVACY}&ftClick=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SnkT4mvCRZONkhMfRF5S&sessId=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&seller_id=pub-7820916800218761&psId=HM0m9MWSkXJ9ZTd6IN2t&sId=0&dur=15&date=&auth=&did=&didtype=UNK&stch_id=&conn=ethernet&env=site&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&PG=F&s=H4sIAAAAAAAAAAEAAf_-svy0vUYuHT26h2XpPUxLYxfavz2DUrdqvvbpnCychKPmOc9V0UMJ9GUiP6zmUNLNMXe2z1FoPx8ImdMvl1OQcXoI5sesO7bNpJUVqD1IGLlXjRARn_5fxAxPl7UNxXnmoykScW-qdpYpPhDeimCfPVmJMxz2q2OTGwZu7np9nyq0fVbXJCnpvXuyf93Vbcn_d_KfFnq0-R8bEpwoWI1c5NoPd3j4SANFxl8fSoDGdm6Y6049TM_YhZplZ29TOzYYB5YI_59bdsd5vDWdKhCDeA3BT3zeK9fJB7TdUehFvh77q_8IbLdLbszWDEW4rpsGM41Qt2DIG93boZd-OzBbGGk_NjMAAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-uiu6zawZafSC6Wl2OMPjtaKiAu835z0XK6C25dSwI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0IW_k8ChybpIhlZl7VqVUyeH6PbQYa4eU2wm_ONsdBQd4qx09crCoaugc0_rVMxXA-QwR9n3cLS7z_Jx87jtPBDuifYwrG7X7iGh3QjPPwBAcNOBajljLKskcB0clBsJvzxZMGpKb9guMxteX59qGF3PQFMVjdHzlYIByUKdPBenp1hSTSsPuKBck4xUj9ovDkEEfCAQoUje5M-J5FA2eOkoOIprP1CdBPImnZvNQS_9yO1PUQQ1Kqf1AB8gvy47G6HvlnFChHg8lj17J7mRll93-RfJtdBLzXpGgMKJymxS6YAGv-GZiP6-lvR5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKXU9o_B9IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0I3UPJaoSnsI_-UDIEv467UceAvQ%26client%3Dca-pub-7820916800218761%26adurl%3D&ft_partnerimpid=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&site_url=lolwot.com&cachebuster=437564.0099130651

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.69.221.163 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-69-221-163.deploy.static.akamaitechnologies.com

Software

prod-xre-app15.ash11 /

Resource Hash

900b71d771d5eab632df09008abefae0ee5a079f71ac7e5887b2ad78cf1285d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 22:00:12 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app15.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 2206
Expires: Tue, 23 Jan 2024 22:00:12 GMT

GET
H2 200 playfairdisplay-400.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame CDD2 1 KB
760 B 37ms
36ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c7-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H2 200 playfairdisplay-700.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame CDD2 1 KB
761 B 30ms
30ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

811b6e679ed2a18fb5696054a5386869bef195c0dcdd045f623dc19530216741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H2 200 playfairdisplay-400-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame 1FFB 19 KB
20 KB 44ms
44ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:22 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c6-4d94"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H2 200 playfairdisplay-700-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame 1FFB 20 KB
21 KB 50ms
47ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c16f06e6edabd22d2c5c9d9b87260eca6faf706400dea89876de323480750489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-51e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H2 200 playfairdisplay-700-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame CDD2 20 KB
21 KB 61ms
60ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c16f06e6edabd22d2c5c9d9b87260eca6faf706400dea89876de323480750489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-51e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H2 200 playfairdisplay-400-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame CDD2 19 KB
20 KB 46ms
45ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:22 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c6-4d94"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:00:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 31BB 0
19 B 106ms
105ms Image
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CImfZ6zawZYXlC5GE2OMPtIuhoA-cge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4AFP0HooTjhPU3fVZNu56g4FNTXTBnLZBoeww0-jynChPW9f3eJLcb1ptAQdRn_NUeva7S9zVAwzIGnOPRasDCN5NsPoIq6J69l-9CX6UC4-kdJmvm86fHFqenS5kmsgPHxA55wilCIdq3-MhMomXUdZELlDiZx7dgbp9p5iSBgZk252QsczhuixYNh8qs_S4Pl1Mzd3LmzXc0_GfNWwEOBFse-Vz090iEKPDDvt093Wycmh2L-DrrKefJP4dNiyaifrWHT0I3AW5n9VcQvAi9PtQlvO6wavE6t2Nhs4Y2H_r4AGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljI4_aPwfSDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODIwOTE2ODAwMjE4NzYxGAA&sigh=YbREMVwf8TI&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_tOTK6PP8v1KlpV7wlEdh47O9l8hdxccWV8uNDN50G7bSP83X71T9Xodbdt4IRACE3oicBveeMkVUyILlDqCDq9CBzL9FCx2AVZoYAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 22:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame 31BB 0
125 B 149ms
50ms Image
text/plain 2620:100:a005::14
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kOmHDdaCMKwC2ATiIp0XAgAAANrD_adkRnc8EOs2sGUGQk5TehqqusRBAAASAAAKCkFRVUJEQUVCREE&wp=ZbA26wAC8oUGdgIRAAhFtGqgf1YoIiAPTpDChw&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::14 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 263400
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B471 0
19 B 146ms
144ms Image
text/html 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXi_P6zawZarIC968n88P-NaU8Aicge-wXKLKp6p0wI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4AFP0BqO4VF3J3waulwth0yJv0dt-2dxHBj2FKZYdw-chuffePiIy1RBWRiVE4e91KYuU9yLyKXDKwSXsxquQG7CeSnHnfYClr_UQK_y4h_nEAyhdUVpzWALJPfGAQNJZAwkt61Uiqu73NYC3piiZgKKrxMH8n2BAwCL39nCopzp9kvbtz46tvnGE9WPE2teOT26meKbeIQBlPYGIqnVtTLhJ6tUzdgz4Jpxe-KG6O1iIkWQoeuklP5etiWHil6UwXsdoAOQ9kJFznfPjc8ezczbDU20yk3T92jUYDVkD-hdIIAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliZz_aPwfSDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODIwOTE2ODAwMjE4NzYxGAA&sigh=gfxMvHPQUTc&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_he4WeaN23zIo4bReA3J0RWICRghbF4eyc1vpsChK-uC49EnxsxmA4RLQ4yke7amVRy_ypurCNgJN8AVWkkl6Pi3ptnuHfbzcgfMYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 22:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame B471 0
126 B 127ms
49ms Image
text/plain 2620:100:a005::14
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kOmHDdWCMKwC-gHiIp0XAgAAANrD_adkRnc8EOo2sGW4b6anYYoYi2XCAAASAAAKCkFRVUJEQUVQREE&wp=ZbA26wAC5CoD595eAAUreAuEDUg9dMrgc7YJfw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::14 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:11 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 271769
server: Kestrel
content-length: 0

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame D974 86 KB
27 KB 168ms
68ms Script
application/javascript 23.61.11.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/225407;8026169;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN160x600/?ft_custom=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&us_privacy=${US_PRIVACY}&ftClick=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SnkT4mvCRZONkhMfRF5S&sessId=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&seller_id=pub-7820916800218761&psId=HM0m9MWSkXJ9ZTd6IN2t&sId=0&dur=15&date=&auth=&did=&didtype=UNK&stch_id=&conn=ethernet&env=site&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&PG=F&s=H4sIAAAAAAAAAAEAAf_-svy0vUYuHT26h2XpPUxLYxfavz2DUrdqvvbpnCychKPmOc9V0UMJ9GUiP6zmUNLNMXe2z1FoPx8ImdMvl1OQcXoI5sesO7bNpJUVqD1IGLlXjRARn_5fxAxPl7UNxXnmoykScW-qdpYpPhDeimCfPVmJMxz2q2OTGwZu7np9nyq0fVbXJCnpvXuyf93Vbcn_d_KfFnq0-R8bEpwoWI1c5NoPd3j4SANFxl8fSoDGdm6Y6049TM_YhZplZ29TOzYYB5YI_59bdsd5vDWdKhCDeA3BT3zeK9fJB7TdUehFvh77q_8IbLdLbszWDEW4rpsGM41Qt2DIG93boZd-OzBbGGk_NjMAAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC-uiu6zawZafSC6Wl2OMPjtaKiAu835z0XK6C25dSwI23ARABIABgyf7IjfSk1BmCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0IW_k8ChybpIhlZl7VqVUyeH6PbQYa4eU2wm_ONsdBQd4qx09crCoaugc0_rVMxXA-QwR9n3cLS7z_Jx87jtPBDuifYwrG7X7iGh3QjPPwBAcNOBajljLKskcB0clBsJvzxZMGpKb9guMxteX59qGF3PQFMVjdHzlYIByUKdPBenp1hSTSsPuKBck4xUj9ovDkEEfCAQoUje5M-J5FA2eOkoOIprP1CdBPImnZvNQS_9yO1PUQQ1Kqf1AB8gvy47G6HvlnFChHg8lj17J7mRll93-RfJtdBLzXpGgMKJymxS6YAGv-GZiP6-lvR5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKXU9o_B9IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0I3UPJaoSnsI_-UDIEv467UceAvQ%26client%3Dca-pub-7820916800218761%26adurl%3D&ft_partnerimpid=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&site_url=lolwot.com&cachebuster=437564.0099130651
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.11.164 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-11-164.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:12 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: PNEM3C4CV1QWK8MG
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26311
x-amz-id-2: ufSlSE9g6mB2F0XTNhvbt9HBniEpQWzvtCU6GMsfNvKiFuu7nHjSkXAN5xhIlyEk1eh0IE1uDtZ7a1sbQr74HQ==
Last-Modified: Thu, 11 Jan 2024 16:43:14 GMT
Server: AmazonS3
ETag: W/"3643773625f898f1236b1c08c2d13631"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 850045783 705825288
Accept-Ranges: bytes
Expires: Wed, 24 Jan 2024 22:00:12 GMT

GET
H2 200 4251818.json Show response
agen-assets.ftstatic.com/display/8026169/ Frame D974 4 KB
2 KB 172ms
88ms XHR
application/json 13.225.195.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/8026169/4251818.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-81.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f30652f6db7ac53b0f969b8c9c6c9dfd67bbfb116eb44a956a04bd8a19885f91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:13 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Fri, 12 Jan 2024 01:08:10 GMT
server: AmazonS3
etag: W/"a6517c3d84aef674458c6c894eb2d678"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 758841435
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: yXrhrg-cXh9_yC-hoVqhQ9Kfx_Yl57720GVXyvJ_Mf3K2suIGkSzBQ==

GET
H2 200 d9core Show response
d9.flashtalking.com/ Frame D974 11 KB
11 KB 151ms
41ms Script
application/javascript 107.20.21.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.21.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-21-71.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: a44da42250b1e4cd9f2c412fb89774ad2d70df0c59be64489ccc2396c8685853

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H/1.1 200
OK adobe_contractor_160x600.html Show response
cdn.flashtalking.com/172799/4251818/ Frame CD7C 3 KB
2 KB 146ms
35ms Document
text/html 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 267a5371aecbca98ec5f1885dd8e38bd6bcf8956da02b28a0800bb151af36381

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=115
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1213
Content-Type: text/html
Date: Tue, 23 Jan 2024 22:00:12 GMT
ETag: W/"0b040ef1f04360b6614146d00ec962b5"
Expires: Tue, 23 Jan 2024 22:02:07 GMT
Last-Modified: Thu, 09 Mar 2023 21:49:32 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-FT-Origin: us
X-Varnish: 714774222 715064708

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame D974 547 KB
160 KB 151ms
36ms Script
application/javascript 2600:9000:269f:4800:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026169&l4=4251818&l5=&l6=&utid=0F1D8925-CA89-291E-5D84-7558626F228D&creative_type=display&adid=ftdiv8026169&pub_app=&pub_domain=lolwot.com&uid=&cb=725517.9018655659&pub_ts=1705021696&904723485
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: edceffbe9fde070d10682a3bb32595f1cdd2fb2bdc906a4ced0a4c43dd251e82

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 20:33:16 GMT
Content-Encoding: br
Via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YUL62-P1
Age: 5216
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 23 Jan 2024 20:33:16 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: l-xW_dKznDGRwFVuVz1_KIx-J_hGQveLzRlvqK5go5FAogG4D_kjTg==
Expires: Wed, 24 Jan 2024 20:33:16 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame D974 17 KB
6 KB 156ms
39ms Script
application/javascript 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 413862034 236107414
Content-Type: application/javascript
Cache-Control: max-age=51172
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Wed, 24 Jan 2024 12:13:04 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame D974 1 KB
2 KB 149ms
36ms Image
image/png 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:12 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 108102152
Content-Type: image/png
Cache-Control: max-age=1866614
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Wed, 14 Feb 2024 12:30:26 GMT

GET
DATA 200
OK truncated
/ Frame D974 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame CD7C 236 KB
63 KB 203ms
61ms Script
text/javascript 2600:1402:8800::1728:cdc2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1402:8800::1728:cdc2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 23 Jan 2024 22:15:12 GMT

GET
H2 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CD7C 69 KB
27 KB 111ms
41ms Script
text/javascript 2607:f8b0:4004:c07::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 22:00:12 GMT

GET
H/1.1 200
OK adobe_contractor_160x600.js Show response
cdn.flashtalking.com/172799/4251818/ Frame CD7C 158 KB
39 KB 51ms
51ms Script
application/javascript 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.js?1677109858075
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b9b6ce4206d00062766bab6e4087374000645613dbcd1ed0bb8051c890d15744

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:12 GMT
Content-Encoding: gzip
X-FT-Origin: us
Connection: keep-alive
Content-Length: 39030
Last-Modified: Thu, 09 Mar 2023 21:49:32 GMT
Server: Flashtalking (AKA)
ETag: W/"9192eed1f537a46f8ff683ad7696a056"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 220483004
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding
Cache-Control: max-age=116
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Tue, 23 Jan 2024 22:02:08 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/8026169;4251818;0;271;0F1D8925-CA89-291E-5D84-7558626F228D/ Frame D974 0
67 B 136ms
38ms Image
text/plain 44.215.30.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/8026169;4251818;0;271;0F1D8925-CA89-291E-5D84-7558626F228D/?cachebuster=933840213
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.215.30.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-215-30-123.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame D974 1 B
377 B 152ms
35ms Image
text/plain 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8026169;4251818;0-304-0-0-647820076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 22:00:12 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 23 Jan 2024 22:00:12 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 31BB 42 B
404 B 161ms
95ms Fetch
image/gif 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxnz5xGobdybv7-GXewZ6e14IVJKPZADUCfRk-b4I9K_rPgeO6pS70n4Pm7ZzWRiFGwmbir23WGCG2s8f80VP-K4ZfKeXQr2Waa359ouCnbXAp9Xy_c48&sig=Cg0ArKJSzF5X80WzOYyhEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&vs=4&r=v&rst=1706047211056&rpt=702&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 lgc Show response
d9.flashtalking.com/ Frame D974 103 B
548 B 118ms
117ms XHR
application/json 107.20.21.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.21.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-21-71.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 20a21d9f7b18c84f4ce99c49816f7c6fe1fffd4fddda1f49005cb429b9aae0fe

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jan 2024 22:00:12 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://googleads.g.doubleclick.net
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D974 121 B
680 B 202ms
57ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=LGnwpKNaJzJAZSoZAUNmoRvbBCGAJulO-FE7fPshldVTrKDwb0HLIEUnJOg==-E03BOs1jalvrMA==&pm_ct=bc56af1017bae614af6e0201&pm_pl=1706047212845&pm_td=18&pid=1000925&en=1.1&callback=__pm_glbl_f0I0X8KjdahK2Cm73frWdTXU._gc1&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026169&l4=4251818&l5=&l6=&utid=0F1D8925-CA89-291E-5D84-7558626F228D&creative_type=display&adid=ftdiv8026169&pub_app=&pub_domain=lolwot.com&uid=&cb=725517.9018655659&pub_ts=1705021696&904723485
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5e2b4c77902054bb748d73bd4533533f6a63c4b6b389971004aaaf95634f382c

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 22:00:13 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 121

GET
DATA 200
OK truncated
/ Frame 15A5 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D974 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/8026169;4251818;0;401;0F1D8925-CA89-291E-5D84-7558626F228D/ Frame D974 42 B
343 B 117ms
116ms Image
image/gif 104.69.221.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/8026169;4251818;0;401;0F1D8925-CA89-291E-5D84-7558626F228D/?ft_data=d9:421b847fb14c46bc8bd4f358efb49a0c;d9s:421b847fb14c46bc8bd4f358efb49a0c&cachebuster=583231095

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.69.221.163 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-69-221-163.deploy.static.akamaitechnologies.com

Software

prod-xre-app39.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 22:00:13 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app39.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Tue, 23 Jan 2024 22:00:13 GMT

GET
BLOB 200
OK e7522e3f-5e70-47c2-9629-46af6830315c
https://googleads.g.doubleclick.net/ Frame D974 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/e7522e3f-5e70-47c2-9629-46af6830315c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 45647794-f413-4e84-9904-7cfd30f03818
https://googleads.g.doubleclick.net/ Frame D974 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/45647794-f413-4e84-9904-7cfd30f03818
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame D974 1 B
377 B 33ms
33ms Image
text/plain 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8026169;4251818;0-306-0-0-366454661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 22:00:13 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 23 Jan 2024 22:00:13 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85C9 42 B
108 B 127ms
126ms Fetch
image/gif 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssghnlslanO2GGs-QMngNAhqbtxpw7SjmJAY6xb4CTsPxBacDk8NoKv2QV7Tk1z_-nn7nFXsTguF0DkX0y65lyZFKAQ68-h487dgjYt-xjb-6k562zeL3k&sig=Cg0ArKJSzIKOWAQ72vRHEAE&id=lidar2&mcvt=1200&p=0,0,600,160&mtos=1200,1200,1200,1200,1200&tos=1200,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&vs=4&r=v&rst=1706047211055&rpt=889&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 22:00:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1FFB 0
127 B 30ms
30ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Jan 2024 22:00:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D974 1 B
283 B 97ms
97ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=LGnwpKNaJzJAZSoZAUNmoRvbBCGAJulO-FE7fPshldVTrKDwb0HLIEUnJOg==-E03BOs1jalvrMA==&pm_ct=bc56af1017bae614af6e0201&pm_pl=1706047212845&pm_td=398&pid=1000925&en=1.1&callback=__pm_glbl_f0I0X8KjdahK2Cm73frWdTXU._gc2&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026169&l4=4251818&l5=&l6=&utid=0F1D8925-CA89-291E-5D84-7558626F228D&creative_type=display&adid=ftdiv8026169&pub_app=&pub_domain=lolwot.com&uid=&cb=725517.9018655659&pub_ts=1705021696&904723485
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 23 Jan 2024 22:00:13 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
BLOB 200
OK e5cad467-fc0c-428e-823a-20dadefdde70
https://googleads.g.doubleclick.net/ Frame D974 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/e5cad467-fc0c-428e-823a-20dadefdde70
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H/1.1 200
OK adobe_contractor_160x600_atlas_P_1.png
cdn.flashtalking.com/172799/4251818/images/ Frame CD7C 79 KB
80 KB 42ms
41ms Image
image/png 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251818/images/adobe_contractor_160x600_atlas_P_1.png?1677109858031
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: e2023dfa5f164b2bc95ee814567303fb63793a8cc724f51ff0f24dba15def06b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:13 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 80877
Last-Modified: Thu, 09 Mar 2023 21:49:33 GMT
Server: Flashtalking (AKA)
ETag: W/"8725254a60016438d70169c961c18a6e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=115
X-Varnish: 237301207
Accept-Ranges: bytes
Expires: Tue, 23 Jan 2024 22:02:08 GMT

GET
H/1.1 200
OK adobe_contractor_160x600_atlas_NP_1.jpg
cdn.flashtalking.com/172799/4251818/images/ Frame CD7C 112 KB
113 KB 37ms
37ms Image
image/jpeg 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251818/images/adobe_contractor_160x600_atlas_NP_1.jpg?1677109858031
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: bfe19adde9c04e9276b17f5ba9a2758b130a2f0be1bd14da628ff1d579d8b505

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251818/adobe_contractor_160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:13 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 114652
Last-Modified: Thu, 09 Mar 2023 21:49:33 GMT
Server: Flashtalking (AKA)
ETag: W/"795316ba5b57291013ae32d045521d5f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=115
X-Varnish: 109792422
Accept-Ranges: bytes
Expires: Tue, 23 Jan 2024 22:02:08 GMT

GET
H2 200 vimp
statsf-tm.everesttech.net/stats/1/ Frame 4AE2 85 B
176 B 40ms
40ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/vimp?psId=HM0m9MWSkXJ9ZTd6IN2t&auth=415d232d9ca31b5385e55d9d9def558a&vinst=t&cpKey=GuelttCccMtMpf5SyWco&sessId=x4czaLo6Ee6y-wKA9sxNzQ.1-1.MB&did=&mpKey=Xf6e2yqPYRavegdigOp6&didtype=UNK&s=H4sIAAAAAAAAAAEAAf_-BZjQlBC2-rV6BRQSzZy-uEEl8q9zGKzSbDe89kR7BWNeSRbGFDgWGCWYvxgATfs-sWTqKs2uAjmcvJWseuyKrm7z-I8nNqnMvAlqcASvjGUwYd2eSatv5T8Nh2bGYx05S5SSx9Houp2Tpo6OvbGZGECOwdq7hfBzf8S6txxB9NZtNFKwpPynxc_VY53xHyEmtgpgzSkInXPWxW3k45oLjiH16-nBCm-x3mtvITgjjjXPmXSvPUA1Ie1pN1Le0r3x90v9ZiZFL2YvbMwckls0DywlroBjHb29-pSJblD5WWmeiHjwts0Ps6jOYxCw7paqhOHbZSbuqjEyM5RXjyOtjr957e4AAQAA&bi=B09Ab8urA53B2zmX8tkoCnuhySLYbBf9VGAEClY0c2wbf8-Rn7miCJEknOvaUIAyZnkYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uS_2kTrxxjAJqUKhzgQGfOhRhxw0CEucegb_CTCsTKgeA&adKey=SnkT4mvCRZONkhMfRF5S&rt=HTML5&PG=F&date=1706047211601&env=site&conn=ethernet&price=&seller_id=pub-7820916800218761&burl=about%3Ablank&rurl=http%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031&w=160&h=600&pw=160&ph=600&vw=160&vh=600&vwbl=t&vver=20200211&vpct=100&ifr=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 22:00:13 GMT
via: 1.1 varnish
x-pt: P=326
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4539-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 22:00:13 UTC

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D974 1 B
283 B 48ms
48ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=LGnwpKNaJzJAZSoZAUNmoRvbBCGAJulO-FE7fPshldVTrKDwb0HLIEUnJOg==-E03BOs1jalvrMA==&pm_ct=bc56af1017bae614af6e0201&pm_pl=1706047212845&pm_td=499&pid=1000925&en=1.1&callback=__pm_glbl_f0I0X8KjdahK2Cm73frWdTXU._gc3&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026169&l4=4251818&l5=&l6=&utid=0F1D8925-CA89-291E-5D84-7558626F228D&creative_type=display&adid=ftdiv8026169&pub_app=&pub_domain=lolwot.com&uid=&cb=725517.9018655659&pub_ts=1705021696&904723485
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 23 Jan 2024 22:00:13 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame D974 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D974 1 B
283 B 50ms
50ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=LGnwpKNaJzJAZSoZAUNmoRvbBCGAJulO-FE7fPshldVTrKDwb0HLIEUnJOg==-E03BOs1jalvrMA==&pm_ct=bc56af1017bae614af6e0201&pm_pl=1706047212845&pm_td=550&pid=1000925&en=1.1&callback=__pm_glbl_f0I0X8KjdahK2Cm73frWdTXU._gc4&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026169&l4=4251818&l5=&l6=&utid=0F1D8925-CA89-291E-5D84-7558626F228D&creative_type=display&adid=ftdiv8026169&pub_app=&pub_domain=lolwot.com&uid=&cb=725517.9018655659&pub_ts=1705021696&904723485
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 23 Jan 2024 22:00:13 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame D974 6 KB
6 KB 160ms
41ms Image
image/png 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 22:00:13 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 977502517 975897158
Content-Type: image/png
Cache-Control: max-age=944
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Tue, 23 Jan 2024 22:15:57 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame D974 1 B
377 B 55ms
54ms Image
text/plain 23.33.180.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8026169;4251818;0-307-0-0-23215289
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.33.180.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 22:00:14 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 23 Jan 2024 22:00:14 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/8026169;4251818;0;202;0F1D8925-CA89-291E-5D84-7558626F228D/ Frame D974 0
66 B 39ms
38ms Image
text/plain 44.215.30.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/8026169;4251818;0;202;0F1D8925-CA89-291E-5D84-7558626F228D/?cachebuster=205936840
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.215.30.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-215-30-123.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:00:14 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D974 1 B
283 B 48ms
48ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=LGnwpKNaJzJAZSoZAUNmoRvbBCGAJulO-FE7fPshldVTrKDwb0HLIEUnJOg==-E03BOs1jalvrMA==&pm_ct=bc56af1017bae614af6e0201&pm_pl=1706047212845&pm_td=1374&pid=1000925&en=1.1&callback=__pm_glbl_f0I0X8KjdahK2Cm73frWdTXU._gc5&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026169&l4=4251818&l5=&l6=&utid=0F1D8925-CA89-291E-5D84-7558626F228D&creative_type=display&adid=ftdiv8026169&pub_app=&pub_domain=lolwot.com&uid=&cb=725517.9018655659&pub_ts=1705021696&904723485
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 23 Jan 2024 22:00:14 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buzzstormer.com/	1970-01-20 17:54:09	Name: __cf_bm Value: _xAMvRI04C_DrNcMFQqCu_Ac5HKJ4MlygbtloDg_I8k-1706047210-1-AYMXxqa+AyTQ2IeGAgZtv4P/3UaC3EzUbsanZhy1xWUVh3P7b84gbXwbXscvxO6VwiRPm6KIdX7d7iA6j05FdnE=
.doubleclick.net/	1970-01-20 22:13:19	Name: APC Value: AfxxVi6s6qFtqnuc6VNhwu1Tp3IjwU2loxa1BX2RacblP9_Pwgavlg
.doubleclick.net/	1970-01-21 03:30:07	Name: IDE Value: AHWqTUl60XewRQNv2I0s69lvDiJv8NkJ8XkkJ821oaxy2aA5Ty4yiU55NCbsS8p2Sw8
.flashtalking.com/	1970-01-21 03:23:31	Name: flashtalkingad1 Value: "GUID=586622B7C31E0B"
.flashtalking.com/	1970-01-21 02:39:43	Name: _D9J Value: eb29fcace9f749b6b2dbcf18120a4349

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-events.flashtalking.com
ad.doubleclick.net
ads.us.criteo.com
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
buzzstormer.com
cat.va.us.criteo.com
cdn.flashtalking.com
cdnjs.cloudflare.com
code.createjs.com
csm.us.criteo.net
d9.flashtalking.com
data.ad-score.com
displayf-tm.everesttech.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
js.ad-score.com
pagead2.googlesyndication.com
plausible.io
playtime.tubemogul.com
rtb-lb-event-adcloud-prod-us-west-2-tm.everesttech.net
rtb.da.us.criteo.com
rtb.om-meta.com
s0.2mdn.net
secure.flashtalking.com
servedby.flashtalking.com
stat.flashtalking.com
static.criteo.net
statsf-tm.everesttech.net
tpc.googlesyndication.com
trkrcom.com
video.om-meta.com
www.googletagservices.com
104.69.221.163
107.20.21.71
13.225.195.81
130.211.115.4
138.197.58.184
141.193.213.11
142.251.16.149
151.101.66.49
23.33.180.52
23.61.11.164
2600:1402:8800::1728:cdc2
2600:9000:269f:4800:a:deb0:3380:93a1
2606:4700:3037::6815:5870
2606:4700::6811:180e
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::95
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c19::9a
2607:f8b0:4004:c1b::9a
2620:100:a001::16
2620:100:a001::24
2620:100:a001::4
2620:100:a001::9
2620:100:a005::14
2a02:6ea0:e200::2
34.218.186.96
37.19.207.34
44.215.30.123
72.21.81.64
74.119.119.147
01a6d44f7420fa491c7af252f08b57de4ac1c9cdae68032fcec67c304719e604
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
03faea081300341c1ec3959c72d2b53b75562ee9870a3020829e2b1f14683c5d
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
140252fcd2f1c5c6d61fa35921918b8ca7cded83d5cd8e3725096e11a9b3e38a
14376c90b1f807adf65110e16fccb21e57f814a8ba20ef658841aade579a3c45
160dcb54eb94e021bc79bb2ccc46b521517c0a018480c81698d5b636bc7c152b
20a21d9f7b18c84f4ce99c49816f7c6fe1fffd4fddda1f49005cb429b9aae0fe
2187439774ebd6e0d1f4c1b6a100a34f6bd6f28a90bd48d50b894b9b92651e57
267a5371aecbca98ec5f1885dd8e38bd6bcf8956da02b28a0800bb151af36381
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3fc56ca067ce218fec3695db0eec1d7693a5f24e779627684b33e5e7a297b7b5
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4acc7ff03019c152c16ddbbe3e5fc6e351fbbebbdc5824d7f898f33846caf066
4c146a14d35ea83f7c5ea0780ff64f62706ab88ed6943c0724284aea467da28b
4c37cacefb55a4ae47be19c2ef5e44a5eb57fa81ae674c1b23de6ae5c00f2a62
4cde83c9358339f294db7a412da02241ca7fff5fd8c347d838854d51a71e804a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbbee18d3f1f9a098c4504eb826dffb62f7e2536d7ac81420900d6d6cca846b
51986bfbad1a0c3bf7ba11f8768172d6477ba7dfa77aa59a844191cf918b603c
5e2b4c77902054bb748d73bd4533533f6a63c4b6b389971004aaaf95634f382c
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
686e660739424dd896e22f46622a30e963c89df24864933df2a586ebfd5cacfa
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7cba78000e902f131db22afc994109f805333f2ba0e8a844bb769b70b81a38e0
7df592ee1935d16aaf56cdd0d35c5ce2b4b9b68e45a039cacdedd194f347fc4c
7f863714ededfe425476edecf535035da0b4453ab9a2860c0540c9ccbc3f3346
811b6e679ed2a18fb5696054a5386869bef195c0dcdd045f623dc19530216741
88dabf68b3ba8a107aa894404ca7e6ef825b665eb0dd47d96cd0204b93bcc8e2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
900b71d771d5eab632df09008abefae0ee5a079f71ac7e5887b2ad78cf1285d5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9aeb13e1bb386a4538794616f85d1f5f995abb63f3e3566cc54015171e9e4986
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44da42250b1e4cd9f2c412fb89774ad2d70df0c59be64489ccc2396c8685853
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a24d49b555dc6f18bcdb6c270e3c575611bc45a2c35952cd5e20ef89075e50
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b9b6ce4206d00062766bab6e4087374000645613dbcd1ed0bb8051c890d15744
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bfe19adde9c04e9276b17f5ba9a2758b130a2f0be1bd14da628ff1d579d8b505
c16f06e6edabd22d2c5c9d9b87260eca6faf706400dea89876de323480750489
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c66974170914676bcda77d5f5087dba48899a24cc38d3fe3be1c6b6da33d2cbe
c74a60141e244b6dc8e69bc89302b0a58ed943887eabe4815fd3ac774c3e9b16
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d364578f9aa2440d458e75269bc9d62a43ed4ed737adabf1f4c349bd0663d172
d47f22f617e3865381cc1da5b8dbc1b9e083550fab1095a18b5352ca62d0aaa6
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2023dfa5f164b2bc95ee814567303fb63793a8cc724f51ff0f24dba15def06b
e36ed29d3168c3e564027c6b1c42fc370a23dc38fdd4ae93d98bbb521666d4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4ce0be6cfd3fb394613fdf482f629273b41e87b373b187077b726885e1ce540
e5b5797ad436193794230d3b5e8d809d6b7b55098669a555f0e1648e10009d7d
e9fdc188060ed6e1f88c478d14ec18de88aa08f8a04920a03c707b158b91bb41
edceffbe9fde070d10682a3bb32595f1cdd2fb2bdc906a4ced0a4c43dd251e82
ee0919ad2985025ead5321f5f125c138ec80dbf6037c35402e2b37ff4eb37c31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa7044b61673336fe621b90c74f48402854cde97bac5256680d8fadb8359510
f30652f6db7ac53b0f969b8c9c6c9dfd67bbfb116eb44a956a04bd8a19885f91
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f7d8ba3f70422ccb7ae935a2eec8300a0d50eae89c28d6f8f8b607947e592725
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fed019af50653e33c4315774e1cc61e6d387545c8643dffb270b9818453b86a5

buzzstormer.com Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

88 %HTTPS

53 %IPv6

19 Domains

35 Subdomains

33 IPs

1 Countries

1938 kBTransfer

4290 kBSize

5 Cookies

0 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buzzstormer.com Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

88 %
HTTPS

53 %
IPv6

19
Domains

35
Subdomains

33
IPs

1
Countries

1938 kB
Transfer

4290 kB
Size

5
Cookies

131 HTTP transactions
10 data transactions