urlscan.io logo urlscan.io
SecurityTrails logo

www.habsetlnh.com Open in urlscan Pro
51.222.105.170  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.habsetlnh.com/
Submission: On September 15 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 9 countries across 69 domains to perform 410 HTTP transactions. The main IP is 51.222.105.170, located in Canada and belongs to OVH, FR. The main domain is www.habsetlnh.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 17th 2022. Valid for: 3 months.
This is the only time www.habsetlnh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
54 51.222.105.170 16276 (OVH)
5 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.93 16509 (AMAZON-02)
3 34.199.89.150 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 3.220.70.111 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 96.16.25.77 16625 (AKAMAI-AS)
14 108.138.106.50 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
7 18.208.240.0 14618 (AMAZON-AES)
1 104.18.12.242 13335 (CLOUDFLAR...)
4 13.224.205.195 16509 (AMAZON-02)
1 23.105.12.161 30633 (LEASEWEB-...)
1 5 23.78.168.242 16625 (AKAMAI-AS)
2 2 199.187.193.192 47043 (SMARTADSE...)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 1 88.214.206.247 46636 (NATCOWEB)
2 2 52.0.156.250 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
13 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 35.170.30.54 14618 (AMAZON-AES)
1 13.224.214.81 16509 (AMAZON-02)
4 5 3.33.220.150 16509 (AMAZON-02)
1 34.120.155.137 15169 (GOOGLE)
1 34.234.134.156 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
42 2607:f8b0:400... 15169 (GOOGLE)
1 44.210.205.198 14618 (AMAZON-AES)
3 13 104.18.19.126 13335 (CLOUDFLAR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 192.35.249.143 11742 (SPOTX-IAD)
1 34.194.93.50 14618 (AMAZON-AES)
3 6 68.67.160.75 29990 (ASN-APPNEX)
8 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 23.217.153.125 16625 (AKAMAI-AS)
2 19 52.46.128.147 16509 (AMAZON-02)
2 2 3.94.28.30 14618 (AMAZON-AES)
1 1 2600:9000:210... 16509 (AMAZON-02)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
2 2 64.202.112.223 23352 (SERVERCEN...)
1 1 104.76.100.229 16625 (AKAMAI-AS)
1 4 104.18.18.126 13335 (CLOUDFLAR...)
1 1 199.187.193.182 47043 (SMARTADSE...)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
4 8 54.198.189.0 14618 (AMAZON-AES)
2 69.192.109.53 16625 (AKAMAI-AS)
2 2 52.45.33.138 14618 (AMAZON-AES)
1 2 72.251.238.254 32475 (SINGLEHOP...)
2 2 52.223.22.214 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
1 1 68.67.160.24 29990 (ASN-APPNEX)
5 23.92.190.69 32475 (SINGLEHOP...)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 35.210.53.219 19527 (GOOGLE-2)
5 5 207.198.113.88 13768 (COGECO-PEER1)
4 4 3.223.247.87 14618 (AMAZON-AES)
4 4 107.178.246.49 15169 (GOOGLE)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 104.36.115.113 62713 (AS-PUBMATIC)
2 2 34.239.50.221 14618 (AMAZON-AES)
3 4 34.98.64.218 15169 (GOOGLE)
2 151.101.130.49 54113 (FASTLY)
5 9 69.173.151.100 26667 (RUBICONPR...)
15 21 142.251.32.98 15169 (GOOGLE)
1 3.225.142.71 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 185.167.164.49 198622 (ADFORM)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
1 1 74.121.140.14 30419 (MEDIAMATH...)
1 8.28.7.84 62713 (AS-PUBMATIC)
3 8.28.7.83 62713 (AS-PUBMATIC)
2 185.64.189.110 62713 (AS-PUBMATIC)
24 2607:f8b0:400... 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.39.36.142 26667 (RUBICONPR...)
6 142.250.80.98 15169 (GOOGLE)
2 2600:141b:500... 20940 (AKAMAI-ASN1)
1 1 2600:1f18:4e9... 14618 (AMAZON-AES)
1 52.95.126.160 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 44.199.168.235 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
13 104.118.9.242 16625 (AKAMAI-AS)
6 2600:9000:21d... 16509 (AMAZON-02)
1 1 35.168.96.81 14618 (AMAZON-AES)
1 52.6.2.205 14618 (AMAZON-AES)
1 2 23.64.61.72 16625 (AKAMAI-AS)
2 142.250.72.99 15169 (GOOGLE)
2 34.117.228.201 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2600:1f13:800... 16509 (AMAZON-02)
1 104.36.115.114 62713 (AS-PUBMATIC)
1 199.187.193.194 47043 (SMARTADSE...)
1 2 13.225.223.81 16509 (AMAZON-02)
410 81
54    51.222.105.170 (Canada)

ASN16276 (OVH, FR)
PTR: wb1.marqueur.com
www.habsetlnh.com
habsetlnh.com
i.marqueur.com
www.hetlmedia.com
5    2607:f8b0:4006:81d::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
8    2607:f8b0:4006:806::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    52.85.61.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-93.ewr53.r.cloudfront.net
static.freeskreen.com
3    34.199.89.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-89-150.compute-1.amazonaws.com
embed.sendtonews.com
2    2607:f8b0:4006:824::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    3.220.70.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-70-111.compute-1.amazonaws.com
sb.freeskreen.com
5    2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    96.16.25.77 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-25-77.deploy.static.akamaitechnologies.com
js-sec.indexww.com
14    108.138.106.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-50.jfk50.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
6    2607:f8b0:4006:80b::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    18.208.240.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-240-0.compute-1.amazonaws.com
s2l.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
4    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
1    23.105.12.161 (Los Angeles, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ww1772.smartadserver.com
5    23.78.168.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-168-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
2    2600:1f18:612b:4264:562f:45f1:d263:2a9f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
scm.publishers.tremorhub.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadeu.exelator.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    2607:f8b0:4006:821::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    35.170.30.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-30-54.compute-1.amazonaws.com
timber.sendtonews.com
1    13.224.214.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-81.phl50.r.cloudfront.net
player.sendtonews.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.234.134.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-134-156.compute-1.amazonaws.com
id.sv.rkdms.com
5    2607:f8b0:4006:817::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:824::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
42    2607:f8b0:4006:81e::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    44.210.205.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-205-198.compute-1.amazonaws.com
prebid-server.rubiconproject.com
13    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    192.35.249.143 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
1    34.194.93.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-93-50.compute-1.amazonaws.com
tlx.3lift.com
6    68.67.160.75 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
8    2607:f8b0:4006:81e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
googleads.g.doubleclick.net
3    2607:f8b0:4006:821::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2607:f8b0:4006:821::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
1    23.217.153.125 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-153-125.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
19    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    3.94.28.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-28-30.compute-1.amazonaws.com
ad.360yield.com
1    2600:9000:2105:9000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
2    64.202.112.223 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    104.76.100.229 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
stags.bluekai.com
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
r.casalemedia.com
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
8    54.198.189.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-189-0.compute-1.amazonaws.com
match.sharethrough.com
2    69.192.109.53 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-53.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
7    2607:f8b0:4006:822::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
5    23.92.190.69 (Katy, United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
5    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    3.223.247.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-247-87.compute-1.amazonaws.com
sync.crwdcntrl.net
4    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    34.239.50.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-50-221.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
21    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
1    3.225.142.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-142-71.compute-1.amazonaws.com
d.adroll.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
24    2607:f8b0:4006:809::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
20    2607:f8b0:4006:81f::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2607:f8b0:4006:808::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
6    142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2600:141b:5000:59f::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    44.199.168.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-168-235.compute-1.amazonaws.com
fw.adsafeprotected.com
3    2607:f8b0:4006:80b::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
13    104.118.9.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-9-242.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
6    2600:9000:21dd:e800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    35.168.96.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-96-81.compute-1.amazonaws.com
vid.springserve.com
1    52.6.2.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-2-205.compute-1.amazonaws.com
bc-ssb-iad.springserve.com
2    23.64.61.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-72.deploy.static.akamaitechnologies.com
sync.teads.tv
2    142.250.72.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net
p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com
2    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
1    2a00:1450:400a:808::2003 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
13    2600:1f13:800:7780:5601:6478:79f5:9959 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    199.187.193.194 (Canada)

ASN47043 (SMARTADSERVER, CA)
www15.smartadserver.com
2    13.225.223.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-81.jfk51.r.cloudfront.net
sb.scorecardresearch.com
Apex Domain
Subdomains		 Transfer
49 googlesyndication.com
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
284 KB
49 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
356 KB
49 marqueur.com
i.marqueur.com — Cisco Umbrella Rank: 282212
3 MB
42 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
595 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
65 KB
23 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 774
static.adsafeprotected.com — Cisco Umbrella Rank: 575
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
191 KB
21 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2282
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
50 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
as-sec.casalemedia.com — Cisco Umbrella Rank: 1353
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
r.casalemedia.com — Cisco Umbrella Rank: 849
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
14 KB
16 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
eus.rubiconproject.com — Cisco Umbrella Rank: 564
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4436
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
27 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 13803
s2l.sendtonews.com — Cisco Umbrella Rank: 14618
timber.sendtonews.com — Cisco Umbrella Rank: 15025
player.sendtonews.com — Cisco Umbrella Rank: 15114
208 KB
14 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2 MB
13 moatads.com
z.moatads.com — Cisco Umbrella Rank: 403
px.moatads.com — Cisco Umbrella Rank: 467
211 KB
11 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
image4.pubmatic.com — Cisco Umbrella Rank: 835
image2.pubmatic.com — Cisco Umbrella Rank: 883
simage2.pubmatic.com — Cisco Umbrella Rank: 690
simage4.pubmatic.com — Cisco Umbrella Rank: 1191
26 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com
csi.gstatic.com
194 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
imasdk.googleapis.com — Cisco Umbrella Rank: 424
704 KB
8 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
3 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
ce.lijit.com — Cisco Umbrella Rank: 877
9 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
secure.adnxs.com — Cisco Umbrella Rank: 432
7 KB
7 freeskreen.com
static.freeskreen.com — Cisco Umbrella Rank: 45955
sb.freeskreen.com — Cisco Umbrella Rank: 36325
33 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
data.adsrvr.org — Cisco Umbrella Rank: 4503
3 KB
5 smartadserver.com
ww1772.smartadserver.com — Cisco Umbrella Rank: 52251
sync.smartadserver.com — Cisco Umbrella Rank: 1540
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5519
www15.smartadserver.com — Cisco Umbrella Rank: 27562
3 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 470
tps.doubleverify.com — Cisco Umbrella Rank: 481
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1342
109 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
175 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 650
us-u.openx.net — Cisco Umbrella Rank: 396
812 B
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
2 KB
4 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 804
idsync.rlcdn.com — Cisco Umbrella Rank: 331
826 B
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3387
onesignal.com — Cisco Umbrella Rank: 1231
82 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
108 KB
4 habsetlnh.com
www.habsetlnh.com
habsetlnh.com
23 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
2 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
1 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 8529
adservice.google.ca — Cisco Umbrella Rank: 13421
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1077
523 B
2 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 6802
bc-ssb-iad.springserve.com — Cisco Umbrella Rank: 12475
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
719 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
950 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
237 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4590
743 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
929 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
629 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
502 B
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7099
2 KB
2 tremorhub.com
scm.publishers.tremorhub.com — Cisco Umbrella Rank: 52206
652 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
79 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
788 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
661 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108
390 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1333
637 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1453
181 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
512 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 501
724 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
532 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1360
17 KB
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 485
954 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4070
772 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1522
647 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8562
96 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
13 KB
1 hetlmedia.com
www.hetlmedia.com — Cisco Umbrella Rank: 339181
202 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
33 KB
410 69
Domain Requested by
49 i.marqueur.com www.habsetlnh.com
i.marqueur.com
42 s0.2mdn.net imasdk.googleapis.com
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
www.habsetlnh.com
s0.2mdn.net
24 pagead2.googlesyndication.com 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.habsetlnh.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
21 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
www.habsetlnh.com
20 tpc.googlesyndication.com 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
19 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ap.lijit.com
match.sharethrough.com
r.casalemedia.com
ads.pubmatic.com
www.habsetlnh.com
14 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
www.habsetlnh.com
13 dt.adsafeprotected.com 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
www.habsetlnh.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.habsetlnh.com
11 px.moatads.com 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
11 dsum-sec.casalemedia.com 3 redirects r.casalemedia.com
googleads.g.doubleclick.net
8 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 securepubads.g.doubleclick.net www.habsetlnh.com
securepubads.g.doubleclick.net
7 pubads.g.doubleclick.net imasdk.googleapis.com
www.habsetlnh.com
7 s2l.sendtonews.com embed.sendtonews.com
6 static.adsafeprotected.com fw.adsafeprotected.com
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.habsetlnh.com
6 googleads.g.doubleclick.net 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
www.habsetlnh.com
6 ib.adnxs.com 3 redirects d29xw9s9x32j3w.cloudfront.net
googleads.g.doubleclick.net
6 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
6 sb.freeskreen.com static.freeskreen.com
www.habsetlnh.com
5 token.rubiconproject.com 4 redirects www.habsetlnh.com
5 pixel-sync.sitescout.com 5 redirects
5 ce.lijit.com ap.lijit.com
5 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.com www.habsetlnh.com
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com www.habsetlnh.com
embed.sendtonews.com
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
4 fw.adsafeprotected.com 2 redirects www.habsetlnh.com
4 pixel.rubiconproject.com 1 redirects www.habsetlnh.com
4 www.googletagservices.com 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
4 pixel.tapad.com 4 redirects
4 sync.crwdcntrl.net 4 redirects
4 match.adsrvr.org 3 redirects js-sec.indexww.com
4 timber.sendtonews.com embed.sendtonews.com
4 eus.rubiconproject.com sb.freeskreen.com
eus.rubiconproject.com
d29xw9s9x32j3w.cloudfront.net
4 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
4 cdnjs.cloudflare.com www.habsetlnh.com
cdnjs.cloudflare.com
embed.sendtonews.com
3 www.gstatic.com 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
3 image2.pubmatic.com s.amazon-adsystem.com
3 idsync.rlcdn.com 2 redirects s.amazon-adsystem.com
3 x.bidswitch.net 3 redirects
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 embed.sendtonews.com www.habsetlnh.com
embed.sendtonews.com
3 www.habsetlnh.com www.habsetlnh.com
2 sb.scorecardresearch.com 1 redirects www.habsetlnh.com
2 p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 us-u.openx.net 1 redirects googleads.g.doubleclick.net
2 z.moatads.com s0.2mdn.net
2 cdn.doubleverify.com googleads.g.doubleclick.net
www.habsetlnh.com
2 simage2.pubmatic.com s.amazon-adsystem.com
2 pippio.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net match.sharethrough.com
ads.pubmatic.com
2 u.openx.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 pool.admedo.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 1 redirects s.amazon-adsystem.com
2 ups.analytics.yahoo.com 2 redirects
2 ads.pubmatic.com s.amazon-adsystem.com
2 ad.turn.com 2 redirects
2 r.casalemedia.com s.amazon-adsystem.com
r.casalemedia.com
2 ssum-sec.casalemedia.com 1 redirects r.casalemedia.com
2 b1sync.zemanta.com 2 redirects
2 um.simpli.fi 2 redirects
2 ad.360yield.com 2 redirects
2 adservice.google.ca securepubads.g.doubleclick.net
imasdk.googleapis.com
2 www.facebook.com www.habsetlnh.com
2 loadeu.exelator.com 2 redirects
2 scm.publishers.tremorhub.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 onesignal.com cdn.onesignal.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.habsetlnh.com
connect.facebook.net
2 www.googletagmanager.com www.habsetlnh.com
2 cdn.onesignal.com www.habsetlnh.com
cdn.onesignal.com
1 tpsc-ue1.doubleverify.com cdn.doubleverify.com
1 www15.smartadserver.com imasdk.googleapis.com
1 simage4.pubmatic.com ads.pubmatic.com
1 csi.gstatic.com imasdk.googleapis.com
1 tps.doubleverify.com cdn.doubleverify.com
1 bc-ssb-iad.springserve.com www.habsetlnh.com
1 vid.springserve.com 1 redirects
1 px.ads.linkedin.com www.habsetlnh.com
1 aax-eu.amazon-adsystem.com www.habsetlnh.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 image4.pubmatic.com s.amazon-adsystem.com
1 sync.mathtag.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 d.adroll.com r.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 data.adsrvr.org 1 redirects
1 pixel.quantserve.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 stags.bluekai.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 secure.cdn.fastclick.net www.habsetlnh.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 htlb.casalemedia.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 www.google.ca www.habsetlnh.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 player.sendtonews.com embed.sendtonews.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cs.admanmedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ww1772.smartadserver.com sb.freeskreen.com
1 cdn.resonate.com embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 www.hetlmedia.com www.habsetlnh.com
1 static.freeskreen.com www.habsetlnh.com
1 code.jquery.com www.habsetlnh.com
1 habsetlnh.com www.habsetlnh.com
410 122

This site contains links to these domains. Also see Links.

Domain
www.marqueur.com
www.facebook.com
twitter.com
www.instagram.com
www.twitter.com
www.hetlmedia.com
Subject Issuer Validity Valid
habsetlnh.com
cPanel, Inc. Certification Authority		 2022-07-17 -
2022-10-15		 3 months crt.sh
i.marqueur.com
cPanel, Inc. Certification Authority		 2022-07-17 -
2022-10-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.freeskreen.com
Amazon		 2021-12-19 -
2023-01-16		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
hetlmedia.com
cPanel, Inc. Certification Authority		 2022-06-27 -
2022-09-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-11 -
2023-09-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh

This page contains 42 frames:

Primary Page: https://www.habsetlnh.com/
Frame ID: D098BF9FBA354939606AF4904509F9E0
Requests: 151 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 4CB6206A11C4E6E1BE5BF89D3B79ADBC
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: D27556C1B2811FF4E2AB969E4DB869EA
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Frame ID: E1C6A5A5F7AA520C2877495602C228AB
Requests: 11 HTTP requests in this frame

Frame: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB13138EE7C108C7FE868D61AC081B1F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: AB3D0BB1B8D1BD4A17B111A0454501EC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: C9DB5AEF19935D8588AEE60C8F011531
Requests: 5 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: D31BD0AA50792D7163D7D2BECE11F60A
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747745654750095039&gdpr=0&gdpr_consent=
Frame ID: FE8B3C8DCA83A8EA92440E3211D17DF5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3863143973927120947
Frame ID: 8181FF773759F876D9F7ECA08E30BDD7
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 9D769073A6A06B578552B9A9E1AACC55
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: FD87B3D04BE957F187D5E52B44BDEC8A
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1KaE5VTnhwRTJ1SzFxQktTLlFfQXVUeUMwSWU1UG11dX5B
Frame ID: 756A8EEC5D8DE74917DAA3614016E053
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5617377738196734319&ex=appnexus.com
Frame ID: D339A2C6CCE51DA12288C68079D40D2C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: E06989427C72938AF278E4790EF46C3B
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4133652731328787904155
Frame ID: 8B76561C22B3AA18E8338A9FBCB4DBE0
Requests: 1 HTTP requests in this frame

Frame: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA88FDF02490678AF14F04F740AB8952
Requests: 16 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908
Frame ID: 3A115742B6A4FBC198E16CCC21902828
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 6F98FED0F72877BD57241B3A4402567D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC00332E3-CB96-4A2F-A5DF-EADBA45E5908
Frame ID: 9A119F8F9CC32C63056FBA99D5F8D5FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXj1AEQ74_6ARiciJ--ATAB&v=APEucNUZKuZDbtQaYgvul9iFkAFwnkvvjLyOyvhvfMVERJAZxCxz3-4JCIAqaCybK6uf0bJbGqHojLR9cTdQWArundo13F-9zKt9npM81CGi3BYqPQY3jRI
Frame ID: A521EC9C22CA0CC22F11BC9AE9582596
Requests: 5 HTTP requests in this frame

Frame: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3EBDEB6B5A880265D0399D06370EBAD6
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsYivSYzgEwAQ&v=APEucNVgtwuBOTJJ0jL4UHM3FZIWxynrfLDL1fNttd47Z9QPqOijGIOVhDns5D6z-H4gNfbYYIup6Kec8cRTRHKJyTJsSYgUnuzpLHsVdQ8oqE3a3nF4CeI
Frame ID: A7A81A7A28203967E24385DCB178FE4A
Requests: 5 HTTP requests in this frame

Frame: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BD7C357E3034667D3088089710C3ADD2
Requests: 5 HTTP requests in this frame

Frame: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0620670B197A80E2EFE4C2A4F4553C3C
Requests: 36 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A400
Frame ID: 630155942CC3F1A5D1990BEA33B5EC5F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsY1-iYzgEwAQ&v=APEucNUZE2RcDKCt4EbaWyUUPkXifttdkBNFOuPJvGnvIuc5GdbNQwOZU-pJM4ThshI4ADYK8r_kZW9tPt7pEQs2npFkdXTBZrIxRBJmKJtAQqAlyFFQ_A4
Frame ID: E9213F1B7A80E7B80A89A931D0C1C124
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3068.js
Frame ID: 40BB0C2F7E1A7E375D1CD0EABB6A46DE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE15A9F1DCCF33ACF806856F1D59C0D7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Frame ID: CD07669C564A74154C2AEF88DB6C1C94
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 57F81EBFA8CC2D3C7C0143E75224192A
Requests: 3 HTTP requests in this frame

Frame: https://p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 02A4BF3C8811CC47DDFB2F899534DB6A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 54AB2EF685A2D514ED8CAA4EBCA15A2C
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Frame ID: 15345F3700C62A882FB1AE6C422E2BE9
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 3429BC17EBE580EB0B7509D6B27E273E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AB8B5E6D07E944D22D4B4F112251648D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F725A247A3AE9CF71889FE5A0FC9A008
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Frame ID: 67304848184119882F99F96713A0BF1B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BEC7C3D50CA282202A977F5798874576
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Frame ID: BDA2B59917A4BA09CBA648E9BC1A7304
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 53940E2C87E4AF766BC0C2B1A4A4891D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F7859AB8021483ABAE0EA3B33BEF58D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

La référence du hockey | Chroniques et vidéos - HabsEtLNH.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

410
Requests

86 %
HTTPS

31 %
IPv6

69
Domains

122
Subdomains

81
IPs

9
Countries

8441 kB
Transfer

15300 kB
Size

111
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Request Chain 93
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
  • https://sb.freeskreen.com/um?sa=747745654750095039
Request Chain 94
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://sb.freeskreen.com/um?tlr=68969fa6918b40ce8421e1378a4d60b1
Request Chain 95
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
  • https://sb.freeskreen.com/um?ac=57bc883a-b8ce-4fb5-b4ae-ebf3dd243e0e
Request Chain 96
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
  • https://sb.freeskreen.com/um?ni=07f345f399b603c268bb1d48bd524cd1
Request Chain 137
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 147
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=389952a0-4a72-4f8c-bf45-9c4c7dc99a21
Request Chain 148
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=93ef0e7d
Request Chain 149
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=02DD41C59D804A8CACCBBDAC9D58E6B5&ex=simpli.fi&status=ok
Request Chain 150
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=lk_Q4DFpwRcLjTv79ELA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPLMNNPVCNCEIZYHOUTDJRVFI5RXHFCUYQI HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPLMNNPVCNCEIZYHOUTDJRVFI5RXHFCUYQI HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=lk_Q4DFpwRcLjTv79ELA
Request Chain 152
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 153
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747745654750095039&gdpr=0&gdpr_consent=
Request Chain 154
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3863143973927120947
Request Chain 157
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1KaE5VTnhwRTJ1SzFxQktTLlFfQXVUeUMwSWU1UG11dX5B
Request Chain 158
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5617377738196734319&ex=appnexus.com
Request Chain 159
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 160
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4133652731328787904155
Request Chain 164
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=5617377738196734319&gdpr=0&gdpr_consent=
Request Chain 165
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=a1fb6892-000b-4a07-b6b5-e0c7dd025162 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=a1fb6892-000b-4a07-b6b5-e0c7dd025162 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=15748475-8e07-4bff-98ab-6359de728cc1&user_group=1&ssp=fmx&bsw_param=a1fb6892-000b-4a07-b6b5-e0c7dd025162 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=a1fb6892-000b-4a07-b6b5-e0c7dd025162&gdpr=&gdpr_consent=
Request Chain 166
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
Request Chain 167
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=YytOkWcgTZR4ekrGZyBRxzctTZR4KESUNnvzF1Cv
Request Chain 168
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=
Request Chain 171
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-3159bda6-8ae8-4b68-4892-dce13bb97bc3$ip$149.56.153.184
Request Chain 172
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=26915d36-688e-0b3c-19cd-fb9eccb6a5d9
Request Chain 173
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
Request Chain 174
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyMoFrNhHiM6znH3tYb22QAAAhEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHhtreQOFSU9-FWJw0LipCU&google_cver=1
Request Chain 180
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyMoFrNhHiM6znH3tYb22QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOJrStg6QoI9r5eybXWsoQ&google_cver=1
Request Chain 181
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ed3c8bd3-4667-43c0-99a6-69a472397389&expiration=1665840406&gdpr=0&gdpr_consent=
Request Chain 182
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=b8CCVp5cQitZmB1Wfy44-pU4mbg
Request Chain 183
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Ddfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
Request Chain 185
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=693012122059
Request Chain 189
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wAMy48uWSi-l3-rbpF5ZCA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 193
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEMwMDMzMkUzLUNCOTYtNEEyRi1BNURGLUVBREJBNDVFNTkwOBAAGg0IltCMmQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8753eb6e971a65c93814e407ff0abbab7e468ee07eb1343a310f8287cfad0b6d791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4NzUzZWI2ZTk3MWE2NWM5MzgxNGU0MDdmZjBhYmJhYjdlNDY4ZWUwN2ViMTM0M2EzMTBmODI4N2NmYWQwYjZkNzkxNDI2YjU0MTdkY2UyMRAAGgwIl9CMmQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4NzUzZWI2ZTk3MWE2NWM5MzgxNGU0MDdmZjBhYmJhYjdlNDY4ZWUwN2ViMTM0M2EzMTBmODI4N2NmYWQwYjZkNzkxNDI2YjU0MTdkY2UyMRAAGgwIl9CMmQYSBAgCEABCAEoA&google_gid=CAESECOYZ6imM6l8VT-tkl-DaUQ&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=84eef1c3-8d29-461c-adb1-b39a7a3ac0ae
Request Chain 194
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=88a36323-2817-4a00-a1b8-486a0f4532f6
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzAwMzMyRTMtQ0I5Ni00QTJGLUE1REYtRUFEQkE0NUU1OTA4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBcCrmPouWXhIjO_TpaX9HU&google_cver=1
Request Chain 197
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:02DD41C59D804A8CACCBBDAC9D58E6B5
Request Chain 198
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7898369240051085363&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 199
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ed3c8bd3-4667-43c0-99a6-69a472397389
Request Chain 210
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=L8335ODC-1B-48Y2 HTTP 302
  • https://sb.freeskreen.com/um?mg=L8335ODC-1B-48Y2
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
Request Chain 219
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyMoFrNhHiM6znH3tYb22QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
Request Chain 221
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
Request Chain 229
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzMzVPREMtMUItNDhZMg==
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ouvTgY7Ktg8yyb-e-8Ii9cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8261881613525723844
Request Chain 232
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8335ODC-1B-48Y2
Request Chain 233
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGJkNGE0NzYwYTc5NzM3MGRmNTkxNzVjMzAxYzRlYmVlMjlkZTg2NA
Request Chain 234
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=&expires=30
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQQSWrFmH-Wid0ifbCALo8&google_cver=1
Request Chain 236
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=71EciXJfS8iQCBQK3lUYxA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=71EciXJfS8iQCBQK3lUYxA
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
Request Chain 249
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyMoFrNhHiM6znH3tYb22QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
Request Chain 251
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
Request Chain 280
  • https://vid.springserve.com/vast/676257?url=https://www.habsetlnh.com/&cb=1576633802&desc=%27Going+to+give+it+my+best+shot%27:+Jets%27+Lucius+hoping+to+make+roster+this+season&ic=IAB17&ap=0&vid=2238538&did=&r=6&keyword=hockey,nhl&content=8638&w=400&h=227&bid=&adunitid=21920505684&play_code=2008&player_size=medium&level1=sports&level2=hockey&player_type=barker&owner=rogers_nhl&ad_rule=0&schain=1.0,1!sendtonews.com,8os8ECDrD71jnjCfMa7kvA,1,,,&ad_key=&stn_domain=habsetlnh.com&iris_context=ic_5619313,ic_2815204,ic_9189836,ic_8717611,ic_8253715,ic_3165844,ic_1372527,ic_2002746,ic_5864912,ic_1589899,ic_0291942,ic_3572470,ic_6703731,ic_7753435,ic_1740894,ic_2407074,ic_1612662,ic_8328276,ic_1543298,ic_0344266,ic_3890383,ic_5591455,ic_7287399,ic_8555203,ic_0899282,ic_2668440,ic_7881389,ic_2897216,ic_4962242,ic_3348369,ic_7502096,ic_2592227,ic_9677800,ic_8529281,ic_9735264,ic_3142135,ic_3547359,ic_8736459,ic_4868828,ic_4700553,ic_8738142,ic_7257346,ic_2483904,ic_5081694,ic_2434802,ic_6288001,ic_8050831,ic_7767399,ic_6602298,ic_3496293,ic_3126790,ic_1709068,ic_5893960,ic_1650667,ic_2498081,ic_3311406,ic_2033437,ic_3914383,ic_6986624,ic_0981560,ic_5014948,ic_3980485,ic_4293168,ic_9728886,ic_5140707,ic_2371949,ic_2603269,ic_6701487,ic_4002575,ic_1994909,ic_4333712,ic_0504887,ic_9065769,ic_5550870,ic_0105657&iris_id=iris_f3bcdbe69fdd1029&conde_nast_contentid=&gdpr=0&consent=&us_privacy=false&coppa=0 HTTP 302
  • https://bc-ssb-iad.springserve.com/ssb?r=f2e1e93a-b614-4788-86d3-7f7090b14e6a&t=1663248407&aid=500
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI25Cd8ajU9LdOphtpWlj8k&google_cver=1&gdpr=0
Request Chain 288
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQ5ZDdiYzEtMTNiZC02ODc1LTQ5ODYtODc2ZDBjOWZjOWQx
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEqQrQQYjt3acIopSwJ6A3k&google_cver=1&gdpr=0
Request Chain 290
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZiOTYzZGItMGI1ZC00MTA0LWEzZTgtNGNlNzZmNzA5MTlk
Request Chain 325
  • https://fw.adsafeprotected.com/rfw/st/1116018/64712417/skeleton.js?adsafe_url=https%3A%2F%2Fwww.habsetlnh.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c2985b44-5117-8fb6-82d9-e8b29f4ce391,c:oi0c4H,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7699b55c4b-k5qd7,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:783,mot:0,app:0,maw:0,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19*.1116018-64712417%7C191%7C192%7C193%7C1a11%7C1b1%7C1b2,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:815,oid:0c778082-34fa-11ed-9e60-6eb8b180e762,v:19.8.351,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 355
  • https://fw.adsafeprotected.com/rfw/st/1116018/64712426/skeleton.js?adsafe_url=https%3A%2F%2Fwww.habsetlnh.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:68abd385-275b-19df-960c-f793110d007e,c:oi0cey,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7699b55c4b-2fsjm,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:821,mot:0,app:0,maw:0,fm:thvCON5+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:843,oid:0ca6f4ef-34fa-11ed-abcd-527495463c7d,v:19.8.351,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 402
  • https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663248405835&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=60777&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2238538&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1663248411254&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5419&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Rogers%20NHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.habsetlnh.com%2F&c8=&c9=https%3A%2F%2Fwww.habsetlnh.com%2F HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663248405835&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=60777&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2238538&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1663248411254&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5419&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Rogers%20NHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.habsetlnh.com%2F&c8=&c9=https%3A%2F%2Fwww.habsetlnh.com%2F

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.habsetlnh.com/ 		53 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
3f7177bc16658dd7ebfd585dafcfff1f50cd34e58aa12eb52a445a2b66d15531

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-length
9633
content-type
text/html; charset=iso-8859-1
date
Thu, 15 Sep 2022 13:26:44 GMT
server
Apache
vary
Accept-Encoding
css.css
habsetlnh.com/css/ 		4 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://habsetlnh.com/css/css.css?hl=6
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
28eab2d884da211224709788c009e88bf87b90df5e05039f80e89531085dc297

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
last-modified
Fri, 12 Feb 2021 17:57:38 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
692
css.css
i.marqueur.com/css/auto/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/css.css?hl=4
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
0d0f2e242b01e1d051c2d7d6025d21e37bb64d31933577b6e7795aa375effaf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 08:47:29 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5933
opensans.css
i.marqueur.com/css/auto/ 		60 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/opensans.css?hl=1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
717b10593d54204f670e8962fbe282f51357d361b0cec4ec5b979429fe08f86e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 08:47:29 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2605
oswald.css
i.marqueur.com/css/auto/ 		44 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/oswald.css?hl=1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
bb8c34012fba5143653013ef74900fc346dc115bc642b51859811df54354c141

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 08:47:29 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1997
russo_one_3.css
i.marqueur.com/css/auto/ 		61 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/russo_one_3.css?hl=1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
e03515f92eb3f9da1542fda3aba456d358b7f77abf96502e315139ffb898ae6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 08:47:29 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2520
css_stripe.css
i.marqueur.com/css/ 		118 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/css_stripe.css?v=1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
ea24f23e3904d8725fe2429924bfe5720279f477856440be7a208bee4609049d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
last-modified
Mon, 14 Mar 2022 16:49:41 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3643
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&family=Oswald&family=Russo+One&display=swap
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de42f0fcb249085ae2ff08d335a98eb468e366f23b80f18578f4c10a2049e2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 13:05:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 13:26:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 13:26:44 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9A23TMsdPePfTC6CCx0NJEWvTst38xeTHG0UrcTK3qs0de3a5fdsClomP3jnPcGwjbyab6XN60dYqXk2lhcSxQ9Sb2YD3di%2BpvULofqaUdq%2ByQWfMC1Xuf9IKlWZn9XZavIFYijVkEb5g1vsvKKVW%2FNC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74b1b2227e757144-YUL
expires
Tue, 05 Sep 2023 13:26:44 GMT
jquery-1.7.0.min.js
code.jquery.com/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.7.0.min.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-16f44"
vary
Accept-Encoding
x-hw
1663248404.dop182.dc2.t,1663248404.cds078.dc2.hn,1663248404.cds181.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33254
lib.js
www.habsetlnh.com/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.habsetlnh.com/js/lib.js?v=4
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
d30df161a40b22066b528e73386575dd1326083c5ade6213bd59f867532b401b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:44 GMT
content-encoding
br
last-modified
Tue, 02 Jun 2020 11:18:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10018
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b223ba45713e-YUL
date
Thu, 15 Sep 2022 13:26:45 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1132
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 18 Sep 2022 13:26:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfc5e979d649c22f7bbd217047384d4fb21cd48ff9831832d4e91345b34a3654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27685
x-xss-protection
0
server
sffe
etag
"1334 / 320 of 1000 / last-modified: 1663240138"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Sep 2022 13:26:45 GMT
freeskreen.min.js
static.freeskreen.com/ba/582/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/ba/582/freeskreen.min.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-93.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5863de83de86bc9d0c9ca7c8a788a62ee645e6ca5a8b7ca2039464dda56832b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
sftnK54CEBMwzQ7ZG47yzEfXoV1mEmgU
Content-Encoding
gzip
Last-Modified
Wed, 18 May 2022 20:47:38 GMT
Server
AmazonS3
Age
22199
ETag
"1edf2d8e3795906aa03ddbb3d18474e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Thu, 15 Sep 2022 08:50:15 GMT
X-Amz-Cf-Pop
EWR53-P1
Accept-Ranges
bytes
Content-Length
8828
X-Amz-Cf-Id
o8V6K8j5mo5oM0yU1H7YZR8p7mO4TVX_wCO85IBOj_f_l7AyjScILg==
logo_2021.gif
www.habsetlnh.com/i/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.habsetlnh.com/i/logo_2021.gif?v=2
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
cc961d0ae1d4f3f86f6512522666e41ed941942cb1553b23569b98181ce951af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 21 Jul 2021 03:05:23 GMT
server
Apache
accept-ranges
bytes
content-length
2573
content-type
image/gif
embedcode.php
embed.sendtonews.com/player2/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player2/embedcode.php?fk=8OhJreEl&cid=10113&SIZE=400&floatwidth=400
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bd591aad1112cd8fd1ff7d062b45609a6e6b29df7cada5409d0c9dc0118cceba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3098
expires
Thu, 15 Sep 2022 14:26:45 GMT
170874.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170874.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
3814d09145a50713a6ff9d153a226d88a1290b9e4b1bc33feaffcb3c70e46afc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 22:47:41 GMT
server
Apache
accept-ranges
bytes
content-length
19456
content-type
image/jpeg
171410.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171410.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
4178272e2a664db116028e49ec3f9bf1fc7f3cef213c3096ade6c58894a10721

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Thu, 15 Sep 2022 12:34:24 GMT
server
Apache
accept-ranges
bytes
content-length
175124
content-type
image/png
171408.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171408.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
7014330dae736d7949f20130ecb3767f37caebf374eaf4ffa0e2b4a79c8e08ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Thu, 15 Sep 2022 12:32:30 GMT
server
Apache
accept-ranges
bytes
content-length
185342
content-type
image/png
171273.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171273.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
803159dc3bfde882ec74fb0f473a9dadf2541a240e4d51f80ef0fcad22062f0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 20:21:11 GMT
server
Apache
accept-ranges
bytes
content-length
34410
content-type
image/jpeg
171292.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171292.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
8a62d4cc047382cd05f8a86737279d84a9e76b7777ede854a87338387eecf860

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 21:18:47 GMT
server
Apache
accept-ranges
bytes
content-length
28619
content-type
image/jpeg
171097.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		223 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171097.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
3a7f29248c5ca288e812df85179541b77f330e2ffc942d41c9c57a1e70abf845

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 14:44:24 GMT
server
Apache
accept-ranges
bytes
content-length
228717
content-type
image/png
171296.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171296.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
339fe05fd93c2916e6215d079ab5a83db03dde2ce5620d53edc6f0b9c9f6eaa0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 21:29:55 GMT
server
Apache
accept-ranges
bytes
content-length
24132
content-type
image/jpeg
171205.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171205.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
9a2446a2e7da493b667f5b27a9da132526c04d3ebd729ae67031160d7f059442

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 17:49:15 GMT
server
Apache
accept-ranges
bytes
content-length
42535
content-type
image/jpeg
171185.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171185.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
509452ffe78327cf5e647d8d633b25f174699d9401ad4f53374387481ffe5d6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 17:24:36 GMT
server
Apache
accept-ranges
bytes
content-length
93367
content-type
image/png
171132.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171132.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
eb0a9b45b15188210d0d3f50395cc39b672226ed40932f0c77b5964aebcc8218

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 15:37:21 GMT
server
Apache
accept-ranges
bytes
content-length
27016
content-type
image/jpeg
171081.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171081.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
f85bfb5a9def40ff2ad80bc3ccda333435d09ed1b74baa4f1bde76aa78730ced

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 14:22:50 GMT
server
Apache
accept-ranges
bytes
content-length
32474
content-type
image/jpeg
171070.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171070.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
65884bf6f123e5af8335daec778c07dcea0baefb415464f71978f9971bfef1aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 13:58:52 GMT
server
Apache
accept-ranges
bytes
content-length
42318
content-type
image/jpeg
171046.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171046.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
c8c0342a14d36f561472916a47f20dafac323040ca4a888fb233da0620facb75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 13:18:32 GMT
server
Apache
accept-ranges
bytes
content-length
69073
content-type
image/jpeg
171069.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171069.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
cf0948ccbfc22dbfa5e7ce5b8c771a6686f007c6f4d0c939a0cb19620b89882d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 13:56:18 GMT
server
Apache
accept-ranges
bytes
content-length
31948
content-type
image/jpeg
171057.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171057.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
40312534c8161680b614d55871dcc1602d230b55ad2c08763263512186ee6ad7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 13:47:59 GMT
server
Apache
accept-ranges
bytes
content-length
29375
content-type
image/jpeg
170813.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170813.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
69c81808f39fdffcad8fa37eba45f9564ee73fee7bb497bf6cdca143fda57f05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 19:33:00 GMT
server
Apache
accept-ranges
bytes
content-length
108162
content-type
image/jpeg
171040.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/171040.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
fbf9c175f0304ab17dfbfd0e0f5d8a1e8a4bd2e9776225ede498f707ab20c576

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 13:09:36 GMT
server
Apache
accept-ranges
bytes
content-length
14386
content-type
image/jpeg
170921.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170921.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
857da87f996c90a46ffc09abe3c50a6d31b523196231c1a4593a4f3881f731ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 14 Sep 2022 00:30:19 GMT
server
Apache
accept-ranges
bytes
content-length
9804
content-type
image/jpeg
170830.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170830.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
eff68bbb52e107c83d6f8ee48a9a300cc083cf453dd32bfac99d14d934a4dfc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 20:26:16 GMT
server
Apache
accept-ranges
bytes
content-length
151237
content-type
image/png
170867.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170867.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
348ec52e04083b6c7678c4bef4445529a60e9821ca9258c8b18fb23121bde738

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 22:33:23 GMT
server
Apache
accept-ranges
bytes
content-length
25762
content-type
image/jpeg
170821.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170821.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
c8961cbf24ee673f1d960621d4aa1199a71d15ec9d131e204b4d9931c27426e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 20:00:17 GMT
server
Apache
accept-ranges
bytes
content-length
27913
content-type
image/jpeg
170824.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170824.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
c05bcac63a948f672e0dbb9bbfbabf0141bc79762a72f1246b5482a0e621b550

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 20:02:57 GMT
server
Apache
accept-ranges
bytes
content-length
160700
content-type
image/png
170775.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170775.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
1f574aec2c5c09259f55f3b7f06076ec06908dcc8d3fb9f61994ba02af7f96c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 17:51:23 GMT
server
Apache
accept-ranges
bytes
content-length
13663
content-type
image/jpeg
170724.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170724.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
8b2c1ee8a85d15f532c682dc0a2f1472d11b3f3f735940ddf0cade61355302ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 16:20:09 GMT
server
Apache
accept-ranges
bytes
content-length
22813
content-type
image/jpeg
170689.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170689.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
e3ffd36023384c874705274f37c04978f10e9b39fe294fbd778f6bdb5d98adad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 15:11:03 GMT
server
Apache
accept-ranges
bytes
content-length
48232
content-type
image/jpeg
170649.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170649.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
8996cc3e681aa4ec53eda55b7dae056055f2b95d4935b217e01e79908443d7c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 14:07:35 GMT
server
Apache
accept-ranges
bytes
content-length
17626
content-type
image/jpeg
170400.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170400.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
12150fbbbd8d62063c19929696cfd1458f8ce4f762c3fae8d67131a38340ed25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 17:51:35 GMT
server
Apache
accept-ranges
bytes
content-length
14450
content-type
image/jpeg
170630.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170630.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
2800870d442eb07ae7456d64bbfb43ae004dd0f8c154ada437076d29af265d6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 13:31:05 GMT
server
Apache
accept-ranges
bytes
content-length
204169
content-type
image/png
170633.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170633.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
2f3c0fa59279dcf7c06dad513d33b0ede9ee6cd080f9c16eee456b93a0b4a2bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 13:33:35 GMT
server
Apache
accept-ranges
bytes
content-length
33159
content-type
image/jpeg
170620.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170620.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
0643526bca58153b4313d85ed24061c3c024cc1fe0ce6d2c1dc2e524894859c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 13:23:17 GMT
server
Apache
accept-ranges
bytes
content-length
183688
content-type
image/png
170607.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170607.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
bff1b51c0f334c0fb3bb8fe66e299eb69e1a3ca2826fb0808e26711ce2eab5fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 13:04:19 GMT
server
Apache
accept-ranges
bytes
content-length
39164
content-type
image/jpeg
170552.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170552.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
782b3db4b660ee3596371df50adf8acb63a61214e9c6c871552167d0e92fb9fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 01:49:35 GMT
server
Apache
accept-ranges
bytes
content-length
213581
content-type
image/png
170549.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170549.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
d32500829d7e957d45c02e1ccdbe548cb3bd300a2b6e855c1f6518006954760e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 13 Sep 2022 01:44:26 GMT
server
Apache
accept-ranges
bytes
content-length
35545
content-type
image/jpeg
170503.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170503.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
7022081296da69c010616da25ebf4f6be7628d468b45d8e36a14d29ef1356e53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 22:15:50 GMT
server
Apache
accept-ranges
bytes
content-length
36030
content-type
image/jpeg
170458.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170458.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
16a9bc1d49f0cf2b286fc2c7c6c6a797cb0a84e5a4599624d7a8ccf8870604b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 19:57:26 GMT
server
Apache
accept-ranges
bytes
content-length
59074
content-type
image/jpeg
170493.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170493.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
16418464296bd4cf674c4c8fb6debd8c7cfe8f2f7cc31e32f7597808fea83308

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 21:45:08 GMT
server
Apache
accept-ranges
bytes
content-length
8620
content-type
image/jpeg
170281.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170281.jpeg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
922f43db0823cc12a2016d19e2bad70352125f6866ba80c0dd11c681834e9efd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 14:00:52 GMT
server
Apache
accept-ranges
bytes
content-length
95488
content-type
image/jpeg
170342.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170342.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
18da83c7afb3f3bdd29b799c0484a24f76c09daf9d28ce03f381489d3bb28c82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 15:56:16 GMT
server
Apache
accept-ranges
bytes
content-length
55949
content-type
image/jpeg
170449.png
i.marqueur.com/habsetlnh/i/photo/medium/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170449.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
8c37581867ed807eb0e3977f563ebf404ab83ea1ec48ed2bb37764568582cef3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 18:56:08 GMT
server
Apache
accept-ranges
bytes
content-length
130935
content-type
image/png
170339.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170339.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
20cfd031c632512834430f5f7ae33221f93df49217c8b527779592dddf0a5333

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 15:51:21 GMT
server
Apache
accept-ranges
bytes
content-length
22721
content-type
image/jpeg
170311.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/170311.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
6b7de92106affa843bd77aa66f0e44f53c3d56c5dd184e0942b6e74b0657dedf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Mon, 12 Sep 2022 14:51:29 GMT
server
Apache
accept-ranges
bytes
content-length
22810
content-type
image/jpeg
30704.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/i/photo/medium/30704.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
965cbd36ea5a201fdfd333ff316c16d365090941f35f88d1a6c0a6007b78f44f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 29 Sep 2020 15:31:03 GMT
server
Apache
accept-ranges
bytes
content-length
36024
content-type
image/jpeg
hlmedia_noir.jpg
i.marqueur.com/i/2022/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/i/2022/hlmedia_noir.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
126d9cb63dd62c90dfee70015895775d3e28aaa517da60fd1a588bc72fc7c218

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Tue, 01 Feb 2022 05:34:49 GMT
server
Apache
accept-ranges
bytes
content-length
26983
content-type
image/jpeg
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-82338304-1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7bcfd6cc4a4f71ef06ad392c5e4e90078fcf2dfdb377285a98b48bf644938712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42427
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Sep 2022 13:26:45 GMT
ad.js
www.hetlmedia.com/ 		122 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hetlmedia.com/ad.js?x=AS9UGNvWfO
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
18e84a9592ef0c123eb26bb2d692e4b3792b4b6e96f61e2995d8457724413011

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 08:47:05 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
79
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26872
x-xss-protection
0
pragma
public
x-fb-debug
hjwDAp1VHZSnS0Ze7BkacnIr/WUbnw4y79dp9iVK+KxkORQpbYLnWSqmAbBky3dV8Tm7MEexWzrkfFDvrCS/3Q==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 15 Sep 2022 13:26:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJ9LJJK
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
096a6b1fe930ad78399843d453125bc077ca84498327e0108aa253319546e23c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37637
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Sep 2022 13:26:45 GMT
script.js
sb.freeskreen.com/publisher/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.habsetlnh.com%2F&usp=&gdpr=-1&cs=-1
Requested by
Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/582/freeskreen.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.70.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-111.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
184721b858c6c6cb31a3fdf9c7d7740d15d68499e506590aa8d184400ca1a48c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
content-type
text/html;charset=UTF-8
content-length
21264
expires
Thu, 01 Jan 1970 00:00:00 GMT
stripe.gif
i.marqueur.com/ 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/stripe.gif?v=9
Requested by
Host: i.marqueur.com
URL: https://i.marqueur.com/css/css_stripe.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS
wb1.marqueur.com
Software
Apache /
Resource Hash
4d27371d236fa7547c90c974165abffcbae1236b64a80da2c85df41d40086f83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.marqueur.com/css/css_stripe.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Fri, 29 Apr 2022 18:52:37 GMT
server
Apache
accept-ranges
bytes
content-length
219037
content-type
image/gif
Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
fonts.gstatic.com/s/russoone/v14/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/russoone/v14/Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Oswald&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 02:33:34 GMT
x-content-type-options
nosniff
age
211991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7368
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 02:33:34 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Oswald&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:25:12 GMT
x-content-type-options
nosniff
age
230493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9840
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:25:12 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1886019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EPVy9M2P1qIAfnG2gspeLLpuzr795m7Y%2BKCE2afw%2FUder2Uhrce%2BJ45j%2FOTGIqWWyMhCmr15YXnlqzBM1lMqYwk2BvqAAQsIHlDZHNMbNCHhpsFfX56J%2F0BDfzp%2FjFATkA1zi1bQRQgSF3g3kiFgVRH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74b1b223b858713c-YUL
expires
Tue, 05 Sep 2023 13:26:45 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20220901/ 		655 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4

Request headers

Referer
https://www.habsetlnh.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 00:03:42 GMT
server
Apache
etag
"a3c23-5e7a6767c5380-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 15 Sep 2022 14:26:45 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Oswald&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 18:55:48 GMT
x-content-type-options
nosniff
age
239457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 18:55:48 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8970b1f19d05dd6cc34c852734b07ec12ec1eb85e86b734ba9a857686a514a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b2249bb34bd0-YUL
date
Thu, 15 Sep 2022 13:26:45 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1131
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 18 Sep 2022 13:26:45 GMT
439985953251746
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/439985953251746?v=2.9.81&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
71636a4580f3eb7fdcaa448012dab2246ef02a72688a9ccb91031d7b89344ca1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85889
x-xss-protection
0
pragma
public
x-fb-debug
ab5tccI7WoE4a9BBaeQk96me3/gFA7wEfbGmqMavRvZqieEm2ItvuAuYpWJjBbfammG2Z2d/qZ0uiDOp2Bdigg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 15 Sep 2022 13:26:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2022091201.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb6fb7964ff50524c107524c1773ae1fa2a13d37c9c2c81a9a7c87da8c970b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131208
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 08:37:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Sep 2023 15:29:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		160 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.habsetlnh.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a16fd889926abb35748c2117d3d8b02f56c5ae97b67b715d25272c9a838bd65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
0
expires
Thu, 15 Sep 2022 13:26:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-82338304-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3114
date
Thu, 15 Sep 2022 12:34:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 15 Sep 2022 14:34:51 GMT
web
onesignal.com/api/v1/sync/166033e5-487c-486d-98f7-ccb28d948aca/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/166033e5-487c-486d-98f7-ccb28d948aca/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b595c61f82a395fa370e737be4782329ffe73ad315f837b2c3c7b96ed60b926
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1020
cf-polished
origSize=5065
status
200 OK
x-envoy-upstream-service-time
43
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1e100a92-ebb9-4bbc-84dd-99d91dbfc763
x-runtime
0.041526
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6f194c6f9bca5c42f162c7a45bf8272c"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
74b1b225ad94713e-YUL
access-control-allow-headers
SDK-Version
expires
Thu, 15 Sep 2022 14:26:45 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.25.77 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 13:26:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 12:51:50 GMT
Server
Apache
ETag
"da1dc6-9a4f-5e8b6b5843e16"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1645
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13270
Expires
Thu, 15 Sep 2022 13:54:10 GMT
css
fonts.googleapis.com/ 		3 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 13:01:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 13:26:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 13:26:45 GMT
icon
fonts.googleapis.com/ 		569 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 13:26:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 13:26:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 13:26:45 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4904824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHvH7LVLMbsJQH5CuH7tobDGXc4PCWZfAc92npq8yk%2F45XZ1qRMOy49AZmMNeXM3d2MeZHgLje%2B3AAkHfreAOVQ%2BRRH3ch2mniZYFHwMcpr5dCd%2FGI67TgDd1DsksKW7roux9gMdskt6SylXa0TAt%2BvK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74b1b226ae4b4bca-YUL
expires
Tue, 05 Sep 2023 13:26:45 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 4CB6 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3098956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDa6dmi2d0U6XO9RmM4lBWl6pTACqTgE9vVR%2B2NE8%2BqhxFyY%2BUjGC4iBGAdDCmr5mWXQAlH%2FrdV0tN2tLP5Oo3WWKmIhdt42CKeaqQyzVuC0mLdu5Kaxv8MLYwUSnNaSkM%2Fskk%2BeI9NulU9KqzfvkVY0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74b1b226ae494bca-YUL
expires
Tue, 05 Sep 2023 13:26:45 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 4CB6 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
hMZhL6IqCcsXLCJqHxPVdFTijjhxldLLCNvCy8HFSESO_Bw0s7nrmQ==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 4CB6 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:06:47 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
age
4799
etag
"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
content-length
342796
x-amz-cf-id
ANReCcea891QE4Wvo9V1rNACwD57fx4LWWyeQwckC5szfoyWIelKaQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90a1b56a6a1338b2615b9bdf2875b21dcbf0f5f16b03205c4452c9a2d67fc2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128594
x-xss-protection
0
expires
Thu, 15 Sep 2022 13:26:45 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 10:51:55 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
9291
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
content-length
1094
x-amz-cf-id
gheZg1pUqBodzE3mEzN1_MdfsvC5_-xRX44ew_duDpJ24ezMrZdNuQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:33:32 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
60794
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
content-length
322
x-amz-cf-id
KLvw0BBt2q5sZERtU43j71e38HXvBFhzIIN_oeQw7V3ZxWCMTsfBTw==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:33:32 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
60794
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
content-length
832
x-amz-cf-id
UcwMnSb8Xs3LWPeSdqDuIpiwfiE1EpAp23kjBR6KF5LEESzOkwWLew==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:31:37 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
60909
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
content-length
773
x-amz-cf-id
4m2c-DziMijBVYMqXMdLuUfaO6eHrk0FpsUwsg3f_HvaXIMHBWvJig==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=kmCiDPnmENDvt6qU&instance=035433&version=7.8.0&age=220915&cmd=PRE_INIT&key=8OhJreEl&seq=1&order=1&absoluteTime=742.2&relativeTime=0.2&canonical=https://www.habsetlnh.com/&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		41 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=kmCiDPnmENDvt6qU&instance=035433&version=7.8.0&age=220915&ESG_key=8OhJreEl&type=FULL&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2690d31fc5c9631e32ee1a5f6ded32a64523e6c06455023ee90171a62f0647fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
7601
expires
Thu, 15 Sep 2022 13:26:46 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 4CB6 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
74b1b2270b0ba1e6-YYZ
date
Thu, 15 Sep 2022 13:26:45 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4CB6 		166 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8efa950be6d28aa1103053638a776ab8f2dcda011254bab316bc409018714e33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 15 Sep 2022 12:40:13 GMT
via
1.1 0459f0f7053eeb224fd9fe0f5db5970a.cloudfront.net (CloudFront), 1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
2793
etag
W/"350e165fc9b88312c43a9ba90eba4e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-P2, PHL50-C1
content-encoding
gzip
x-amz-cf-id
FteIFOexzgoBegXBIeN0JaXwE-RAhPgw2Vv3g6JJKJXlVMWcFYfCzA==
ac
ww1772.smartadserver.com/ 		212 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=3509131598&out=js
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.habsetlnh.com%2F&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.161 Los Angeles, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
7974420
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame D275
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.habsetlnh.com%2F&usp=&gdpr=-1&cs=-1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 13:26:45 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Sep 2022 13:26:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
server
AkamaiGHost
um
sb.freeskreen.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
  • https://sb.freeskreen.com/um?sa=747745654750095039
43 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?sa=747745654750095039
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
3.220.70.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-111.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?sa=747745654750095039
date
Thu, 15 Sep 2022 13:26:45 GMT
content-length
0
um
sb.freeskreen.com/
Redirect Chain
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://sb.freeskreen.com/um?tlr=68969fa6918b40ce8421e1378a4d60b1
43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?tlr=68969fa6918b40ce8421e1378a4d60b1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
3.220.70.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-111.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?tlr=68969fa6918b40ce8421e1378a4d60b1
date
Thu, 15 Sep 2022 13:26:45 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
um
sb.freeskreen.com/
Redirect Chain
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
  • https://sb.freeskreen.com/um?ac=57bc883a-b8ce-4fb5-b4ae-ebf3dd243e0e
43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ac=57bc883a-b8ce-4fb5-b4ae-ebf3dd243e0e
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
3.220.70.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-111.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
expires
-1

Redirect headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:45 GMT
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Location
https://sb.freeskreen.com/um?ac=57bc883a-b8ce-4fb5-b4ae-ebf3dd243e0e
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
um
sb.freeskreen.com/
Redirect Chain
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
  • https://sb.freeskreen.com/um?ni=07f345f399b603c268bb1d48bd524cd1
43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ni=07f345f399b603c268bb1d48bd524cd1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
3.220.70.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-111.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
expires
-1

Redirect headers

date
Thu, 15 Sep 2022 13:26:45 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sb.freeskreen.com/um?ni=07f345f399b603c268bb1d48bd524cd1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
/
www.facebook.com/tr/ 		44 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=439985953251746&ev=PageView&dl=https%3A%2F%2Fwww.habsetlnh.com%2F&rl=&if=false&ts=1663248405541&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663248405539.1551174894&it=1663248405259&coo=false&rqm=GET
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 15 Sep 2022 13:26:45 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=521244136&t=pageview&_s=1&dl=https%3A%2F%2Fwww.habsetlnh.com%2F&ul=en-us&de=windows-1252&dt=La%20r%C3%A9f%C3%A9rence%20du%20hockey%20%7C%20Chroniques%20et%20vid%C3%A9os%20-%20HabsEtLNH.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=511168224&gjid=1558931898&cid=186059396.1663248406&tid=UA-82338304-1&_gid=1613937494.1663248406&_r=1&gtm=2ou9e0&z=1244803211
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
139271940
fundingchoicesmessages.google.com/i/ 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/139271940?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e2fbbdb15a1853c7cdaff74c4dfd935b29fa637e28701c37243958375fa03dc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AdB7VgrUSb2lIbFHufn9eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AdB7VgrUSb2lIbFHufn9eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82338304-1&cid=186059396.1663248406&jid=511168224&gjid=1558931898&_gid=1613937494.1663248406&_u=YEBAAUAAAAAAAC~&z=622032079
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 15 Sep 2022 13:26:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=kmCiDPnmENDvt6qU&instance=214035433&version=7.8.0&age=220915&cmd=GET&key=8OhJreEl&c_id=10113&seq=1&order=2&absoluteTime=946&relativeTime=204&canonical=https://www.habsetlnh.com/&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&playerCfg=BR
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=8OhJreEl&ES_key=8OhJreEl&ES_ID=33608&S_RKEY=c07nGh3slG&USR_ID=214035433&ST_usrKey=kmCiDPnmENDvt6qU&SM_ID=2238538&C_ID=10113&C_companyName=H%20and%20L%20&version=70080000&sC_ID=8638&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Sep 2022 13:26:45 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 15 Sep 2022 13:26:20 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-81.phl50.r.cloudfront.net
Software
Apache /
Resource Hash
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450

Request headers

Referer
https://www.habsetlnh.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:58:37 GMT
content-encoding
gzip
age
1690
x-cache
Hit from cloudfront
content-length
1394
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 21:08:40 GMT
server
Apache
etag
"e75-5d956cd664600-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
lmSkTXU8Y9HZCeCd4luJVRgzGglMOrW8m1I28gQ2qWI1grGjDLb9aQ==
expires
Thu, 15 Sep 2022 13:58:35 GMT
wcae70hwyjf6c5eg49e20ltl2xe9y1qv.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wcae70hwyjf6c5eg49e20ltl2xe9y1qv.jpg
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7bf9c6f42cf09ee3f7a00dbfd1d510dc753193a5910f7785b40d7b287b1c825

Request headers

Referer
https://www.habsetlnh.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:00:26 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
48380
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
23710
last-modified
Wed, 14 Sep 2022 22:50:25 GMT
server
AmazonS3
etag
"ca535a0992588f18de05ca7b1f577803"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
bMnqv1sLCxTq0iEIZWuUubkJJ4CvnZYGlnrnd8CnGMUmedPUTQOKSg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=kmCiDPnmENDvt6qU&instance=214035433&version=7.8.0&age=220915&cmd=RTP&key=8OhJreEl&c_id=10113&seq=1&order=3&absoluteTime=951.1&relativeTime=209.1&sC_ID=8638&sm_id=2238538&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&playerCfg=BR
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=8OhJreEl&ES_key=8OhJreEl&ES_ID=33608&S_RKEY=c07nGh3slG&USR_ID=214035433&ST_usrKey=kmCiDPnmENDvt6qU&SM_ID=2238538&C_ID=10113&C_companyName=H%20and%20L%20&version=70080000&sC_ID=8638&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Sep 2022 13:26:45 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 15 Sep 2022 13:26:46 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 19:05:10 GMT
x-content-type-options
nosniff
age
238895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 19:05:10 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 08:07:21 GMT
x-content-type-options
nosniff
age
191964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:07:21 GMT
rid
match.adsrvr.org/track/ 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e660d9c050d18532fcce58ded06b3e8d9a545f43107ec0b149e736d170974976

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.habsetlnh.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 15 Oct 2022 13:26:45 GMT
identity
api.rlcdn.com/api/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.habsetlnh.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
/
id.sv.rkdms.com/identity/ 		550 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.habsetlnh.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.134.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-134-156.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
48a1cdee54f813cc598751de8f59eca9fd1d08202d0c337c084b48ea59b400ad

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.habsetlnh.com
date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.2
vary
Accept-Encoding, Origin
content-type
application/json
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82338304-1&cid=186059396.1663248406&jid=511168224&_u=YEBAAUAAAAAAAC~&z=986552198
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82338304-1&cid=186059396.1663248406&jid=511168224&_u=YEBAAUAAAAAAAC~&z=986552198
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wcae70hwyjf6c5eg49e20ltl2xe9y1qv.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wcae70hwyjf6c5eg49e20ltl2xe9y1qv.jpg
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7bf9c6f42cf09ee3f7a00dbfd1d510dc753193a5910f7785b40d7b287b1c825

Request headers

Referer
https://www.habsetlnh.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:00:26 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
48380
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
23710
last-modified
Wed, 14 Sep 2022 22:50:25 GMT
server
AmazonS3
etag
"ca535a0992588f18de05ca7b1f577803"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
nklu3z1KWcSxOKD27yMy1ZM2hwP0zqt1ZOhEJKvnpV31u175pUPhMQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4CB6 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-length
6482
last-modified
Thu, 15 Sep 2022 13:21:05 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
SKU9z2a8183YHfO.WmLc33PHwHulCU48
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
OAiL31xUeemfWtxxFgTURYWs43VUd2B3RuC4ZoT9Yxvxjyi7gwAiZg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 4CB6 		248 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.habsetlnh.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:28:52 GMT
via
1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
server
Server
age
3473
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.habsetlnh.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
PHL50-C1
content-length
248
x-amz-cf-id
DWQBFuBhx8FNCUWACN0FiZhr5P75k2AbLDVhAeuvVyCEq_RqbXYJlw==
bridge3.530.1_en.html
imasdk.googleapis.com/js/core/ Frame E1C6 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
475034
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211596
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 01:29:31 GMT
expires
Sun, 10 Sep 2023 01:29:31 GMT
last-modified
Sat, 10 Sep 2022 01:26:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 13:26:45 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame 4CB6 		214 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.habsetlnh.com%2F&pid=AzQQihZ8HrVxg&cb=0&ws=300x150&v=22.8.252032&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2C8os8ECDrD71jnjCfMa7kvA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
8a0289823bd88e6c832f77c32c1e54f5b709c35bfb388ecf49e9aa627cb4281b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
via
1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
9CJMX880QA475SJJFY54
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.habsetlnh.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
214
x-amz-cf-id
owGNjesVhqX66BJL0Q2f6jQjA2K-q3vsqACjelsyRR7dmOYu1FAAiQ==
usync.js
eus.rubiconproject.com/ Frame D275 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
23ac608aa544a4cebeae4cb056f4ccfd7e237194c0d15c9b913d8863a588ac4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 16:52:35 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=62493
content-type
text/html; charset=UTF-8
content-length
9453
expires
Fri, 16 Sep 2022 06:48:19 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4CB6 		186 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.205.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-205-198.compute-1.amazonaws.com
Software
/
Resource Hash
b8847bba3b7043510b1582025fb908b096ac188c332dff3521ac9ba76edf01b1

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
cygnus
htlb.casalemedia.com/ Frame 4CB6 		36 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22392401751200c2%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.habsetlnh.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.habsetlnh.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224e6000d0cb593%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A400%2C%22h%22%3A227%2C%22sizes%22%3A%5B%5B400%2C227%5D%5D%2C%22playerSize%22%3A%5B%5B400%2C227%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%228os8ECDrD71jnjCfMa7kvA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
900e51ac9b0cf64c22776fc320c05f8aef265a347f456e0117866018f7a6d867

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dXAGCiHswFpyHqJCzv3aqgSAZ0BYouEBUDyZWNwY2uSS7O2qIYXqBDyd8oyQugivM8RzQ%2FFV3yddh96qkaDpfJZGNFbr2SZvWpRhlLnk2IlG0ZEN2Ivu1JaGKmxAy5WLO8Tbrx3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74b1b22a2faca228-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 4CB6 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.habsetlnh.com
date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 4CB6 		0
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.143 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
x-spotx-timing-transform
0.000330
x-spotx-timing-spotmarket
0.031237
x-spotx-timing-page-require
0.000439
x-fe
535
x-spotx-timing-page-misc
0.002673
x-spotx-timing-page-cookie
0.000044
x-spotx-timing-page
0.036161
pragma
no-cache
x-spotx-timing-page-context
0.000430
last-modified
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.031237
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.habsetlnh.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000025
x-spotx-timing-page-mux
0.000982
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
tlx.3lift.com/header/ Frame 4CB6 		19 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fwww.habsetlnh.com%2F&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.93.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-93-50.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 4CB6 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3f099745927a7e1173fa37b4955e23e53350dc02e7894fa86ccf4c133457e988
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
61e11286-4d47-4583-8ac5-f3f85d967c10
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.habsetlnh.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxX334_Zie8Wq3VRGZCAjtyICGsk1jUW1ooeXeUCudLrKThyxrjLEC3bfrjAeLwMWaqCOuBnhB_3srfyY2WYEoU=
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX334_Zie8Wq3VRGZCAjtyICGsk1jUW1ooeXeUCudLrKThyxrjLEC3bfrjAeLwMWaqCOuBnhB_3srfyY2WYEoU=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzMjQ4NDA2LDc0MDAwMDAwXSwiQzc2MDAxOTctODQ0RS00QjM3LUFCNjUtNEZGRTYyOUIxNzMxIixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGFic2V0bG5oLmNvbS8iLG51bGwsW1s4LCJLZ2JqVUNEN3VudyJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
948bc997de34a28c7a7d609bce002a86ec86c9744f03127c3c4867fbbd2dad36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_xFtlPccs1EmVPHWWmgB5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-_xFtlPccs1EmVPHWWmgB5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:26:46 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.habsetlnh.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.habsetlnh.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		149 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1238308140559331&correlator=298918633170561&eid=31068458%2C31069585&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&gdpr=0&iu_parts=117014822%2Chabsetlnh&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C980x300%7C980x120%7C980x90%7C970x250%7C970x90%7C970x66%7C750x100%7C728x90%7C1x1&ifi=1&adks=3161204040%2C1435367635&sfv=1-0-38&ists=2&fas=8%2C0&fsapi=false&prev_scp=position%3Doop%7Cposition%3D1%26refresh%3Dtrue&eri=5&cust_params=hostname%3Dhabsetlnh%26page%3Dstory%26lang%3Dfr&sc=1&cookie_enabled=1&cdm=www.habsetlnh.com&abxe=1&dt=1663248406101&dlt=1663248404826&idt=745&adxs=-9%2C310&adys=-9%2C73&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.habsetlnh.com&loc=https%3A%2F%2Fwww.habsetlnh.com%2F&frm=20&vis=1&psz=0x-1%7C1600x-1&msz=0x-1%7C1600x-1&fws=2%2C512&ohw=0%2C0&ga_vid=186059396.1663248406&ga_sid=1663248406&ga_hid=521244136&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d04b5132ed94c98fecec06caefd9e0ade5108d534a94fe1fcedd719753ac9dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47715
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB13 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
Fri, 15 Sep 2023 13:26:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022091201.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022091201.js?cb=31069585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb9f9582d696929ff38ac12ab9123a291e2baa8f82b62bf61c9225b708b4aa44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13606
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 08:37:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Sep 2023 10:46:51 GMT
headerstats
as-sec.casalemedia.com/ 		0
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.habsetlnh.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxMEjPWpErNBn2uQuZb3E8HvPXULe9ALxl8DNfSm%2BTkWkU1sGrPnryhyg0csHWD3%2BE4vUMj4s2Qt%2FlzTby2oU4sb9lMyuTMEqmysBqi3KA0eWYqVcvVpri7GSO9AMPChK%2BZJnbOZxIE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74b1b22a9be154d3-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4CB6 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-125.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Thu, 15 Sep 2022 13:41:46 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1238308140559331&correlator=1889193766413426&eid=31068458%2C31069585&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&gdpr=0&iu_parts=117014822%2Chabsetlnh&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x600%7C300x250%7C160x600%7C1x1&ifi=3&adks=1680508225&sfv=1-0-38&fsapi=false&prev_scp=position%3D5%26refresh%3Dtrue&eri=5&cust_params=hostname%3Dhabsetlnh%26page%3Dstory%26lang%3Dfr&sc=1&cookie_enabled=1&cdm=www.habsetlnh.com&abxe=1&dt=1663248406190&dlt=1663248404826&idt=745&adxs=1082&adys=440&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.habsetlnh.com&loc=https%3A%2F%2Fwww.habsetlnh.com%2F&frm=20&vis=1&psz=419x250&msz=419x0&fws=512&ohw=0&ga_vid=186059396.1663248406&ga_sid=1663248406&ga_hid=521244136&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b0af9fbe69ad6183c0adef24a0d2c361fae9f5b46aa6c2f3b00afcad177cb1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8024
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1238308140559331&correlator=3206893507563630&eid=31068458%2C31069585&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&gdpr=0&iu_parts=117014822%2Chabsetlnh&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C336x280%7C300x250%7C1x1&ifi=4&adks=528170086&sfv=1-0-38&fsapi=false&prev_scp=position%3D2%26refresh%3Dtrue&eri=5&cust_params=hostname%3Dhabsetlnh%26page%3Dstory%26lang%3Dfr&sc=1&cookie_enabled=1&cdm=www.habsetlnh.com&abxe=1&dt=1663248406196&dlt=1663248404826&idt=745&adxs=211&adys=1094&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.habsetlnh.com&loc=https%3A%2F%2Fwww.habsetlnh.com%2F&frm=20&vis=1&psz=899x250&msz=899x0&fws=0&ohw=0&ga_vid=186059396.1663248406&ga_sid=1663248406&ga_hid=521244136&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b1f64d66a17b5461816bd41a1870a152690c7f01666462aca8202d2d24a205f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7955
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.habsetlnh.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame AB3D
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
384 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3b8c23e8d5a50847eb5839c094bafc08de40ee00135949f3526ab6c93bc0423b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
384
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
F6VCAAVAX3P2PMQD72J5

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
1SF9VTH79RMMMV0ADGR2
AGSKWxVzBltL9ITXd9krDNbpj4vL-A80I3M2CMElv06aVao6AcOa3AiQUhsqRprFYuu65yF8HDhpt9VLv8qIrLDW0bRf-5jod04NAgGLblGi4oRYpDVwvhIXNebggBfQChwjRwkvKpVRtQ==
fundingchoicesmessages.google.com/f/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVzBltL9ITXd9krDNbpj4vL-A80I3M2CMElv06aVao6AcOa3AiQUhsqRprFYuu65yF8HDhpt9VLv8qIrLDW0bRf-5jod04NAgGLblGi4oRYpDVwvhIXNebggBfQChwjRwkvKpVRtQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzMjQ4NDA2LDI4MjAwMDAwMF0sIkM3NjAwMTk3LTg0NEUtNEIzNy1BQjY1LTRGRkU2MjlCMTczMSIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMl0sImh0dHBzOi8vd3d3LmhhYnNldGxuaC5jb20vIixudWxsLFtbOCwiS2dialVDRDd1bnciXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e556126ca390a7632728e97997ef48e46f557c3b6963693d2663dc9463b9128
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I0gipPYQfSYj88vACPDERw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-I0gipPYQfSYj88vACPDERw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:26:46 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b22b8e414bd0-YUL
date
Thu, 15 Sep 2022 13:26:46 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1122
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 15 Oct 2022 13:26:46 GMT
pr
s.amazon-adsystem.com/v3/ Frame C9DB 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
877697c46cd713b1a2d0ffada4395b87777fc205a214d8db8bb023674d944621
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2975
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Y0PJFRX2MADH64ZABGNW
8qo2o072q52rp38633739ossp1n92oq1playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/8qo2o072q52rp38633739ossp1n92oq1playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2d921aefcf0ffc0f8d59825cbbc0a4c659f6b92b10a183c7cb596321fee6825

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:00:27 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
48380
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Wed, 14 Sep 2022 22:51:58 GMT
server
AmazonS3
etag
"aa9baedf076445c06d403c191694253e"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
QcxmYV-jB71v5vJxuIQczpJbP1M9gJoGQ2p27gYLf2Pq8Io9qVJE0A==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=kmCiDPnmENDvt6qU&instance=214035433&version=7.8.0&age=220915&cmd=IMA&key=8OhJreEl&c_id=10113&seq=1&order=4&absoluteTime=1689.7&relativeTime=947.7&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&playerCfg=BR&recoveryMethod=SSAI&imaVersion=3.530.1&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=kmCiDPnmENDvt6qU&instance=214035433&version=7.8.0&age=220915&ldt=BIDS&key=8OhJreEl&c_id=10113&seq=1&order=5&absoluteTime=1690.6&relativeTime=948.6&sm_id=2238538&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8638&load=1&status=LVFNMNIY&ac_id=2008&prebid.cid=0&prebid.bidders.rubicon.time=409.2&prebid.bidders.ix.time=200.7&prebid.bidders.pubmatic.time=215.8&prebid.bidders.spotx.time=330.2&prebid.bidders.triplelift.time=207.3&prebid.bidders.appnexus.time=213.1&prebid.start=1263.7&prebid.time=410.2&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.habsetlnh.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.habsetlnh.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
73o6303n2869q3no1253s246sn9241r1base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		2 KB
3 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/73o6303n2869q3no1253s246sn9241r1base.en.vtt
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf299ad20718aeed38f9254026b6d22eb310162a134cfb18afbd732beb87562f

Request headers

Referer
https://www.habsetlnh.com/
Origin
https://www.habsetlnh.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:00:27 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
48380
x-cache
Hit from cloudfront
content-length
2177
last-modified
Wed, 14 Sep 2022 22:52:44 GMT
server
AmazonS3
etag
"33afd3494a2149e6f19b42c9b4e47c89"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
l-Sl02vqAHflm3uZrOL6FMGGgP6o5dEZlh-CK4kehlqGNeZvxHvLVA==
ecm3
s.amazon-adsystem.com/ Frame C9DB
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=389952a0-4a72-4f8c-bf45-9c4c7dc99a21
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=389952a0-4a72-4f8c-bf45-9c4c7dc99a21
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
25RFHJSSBKDRZSV6DZXG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=389952a0-4a72-4f8c-bf45-9c4c7dc99a21
date
Thu, 15 Sep 2022 13:26:46 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
s.amazon-adsystem.com/ Frame C9DB
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=93ef0e7d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=93ef0e7d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
Z49VHBSZYJGV66PW5VBV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 15 Sep 2022 13:26:46 GMT
via
1.1 5b0b740c03260f172f837d0dbe65a26a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BOS50-C3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=93ef0e7d
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
RADifRM03j-CRuPrmr9ckTl2KDVu3yyGCFXZFYKvHd8SoEHJtkJaLg==
ecm3
s.amazon-adsystem.com/ Frame C9DB
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=02DD41C59D804A8CACCBBDAC9D58E6B5&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=02DD41C59D804A8CACCBBDAC9D58E6B5&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
4JBSW6KRMA27PDDDV97K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 15 Sep 2022 13:26:46 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=02DD41C59D804A8CACCBBDAC9D58E6B5&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Sep 2022 13:26:46 GMT
ecm3
s.amazon-adsystem.com/ Frame C9DB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=lk_Q4DFpwRcLjTv79ELA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPLMNNPVCNCEIZYHOUTDJRVFI...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=lk_Q4DFpwRcLjTv79ELA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=lk_Q4DFpwRcLjTv79ELA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
E1916DQMH2MG0E9HNHEK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
P3p
CP="We do not support P3P header."
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=lk_Q4DFpwRcLjTv79ELA
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
8qo2o072q52rp38633739ossp1n92oq1.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		486 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/8qo2o072q52rp38633739ossp1n92oq1.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cb30c26ed1e1288640e6f5162f57382b0ccd062072af76375bf71c2d53c503f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:00:27 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
48380
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
486
last-modified
Wed, 14 Sep 2022 22:52:20 GMT
server
AmazonS3
etag
"ff3b6da2bab1bcc5d20e9762a61e8456"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
PDhzojeCyvCegEOgSAPwHko7ItE93a1iPraqfKNEBExgZzUPyJhCfA==
usermatch
r.casalemedia.com/ Frame D31B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239aebb5090d52fc4de8e32637ed6cf900b15b1b908416fc36b19b440a271449

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b1b22dcadd366a-YYZ
content-encoding
br
content-type
text/html
date
Thu, 15 Sep 2022 13:26:46 GMT
dropped-udsids
230|241|45|39|123|64|105|10
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD4bq0ZRyRPYWSCysDBI4SeQ8Ht0PslOEIKk5Oh%2BgEVsh8H%2B82LYST9tIeBGsWtVuZroNmIvm6uoUcz2c9knoXvNQ1xsmUAs9wmuX%2FUfUe71%2Fpe%2FQmf1uyDRvPXa4MP3w63t"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b1b22d1b41cab4-YYZ
content-type
text/html; charset=iso-8859-1
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGeG40tBXqOJYvnOXBzBw734XeBSv1gIiLp6qFkHX7hd3vRlRL3sH72j%2BxrX35OXc5kcJmXT%2BNX9RWM2L7Xe9GaQ16Rs9LDdAF%2F50nRwOHfRv%2BlZnqDVfny6VAaCPlQPKdI9tw1nJORuUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame FE8B
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747745654750095039&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747745654750095039&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
16PZ6N7KW7X2827YYBSX

Redirect headers

content-length
0
date
Thu, 15 Sep 2022 13:26:45 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747745654750095039&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 8181
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3863143973927120947
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3863143973927120947
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GSHH2QCTH5NR1VJ7RTHW

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Thu, 15 Sep 2022 13:26:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=3863143973927120947
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
/
match.sharethrough.com/jwumXNuB/v1/ Frame 9D76 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
954900be982eea49cb42456fbafac12e1889ab56ce02dc50e912b6446b5da755

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Thu, 15 Sep 2022 13:26:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD87 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101679
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 13:26:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Sep 2022 17:41:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 756A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1KaE5VTnhwRTJ1SzFxQktTLlFfQXVUeUMwSWU1UG11dX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1KaE5VTnhwRTJ1SzFxQktTLlFfQXVUeUMwSWU1UG11dX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RDGT9EQDGB44D268HY01

Redirect headers

age
0
content-length
0
date
Thu, 15 Sep 2022 13:26:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1KaE5VTnhwRTJ1SzFxQktTLlFfQXVUeUMwSWU1UG11dX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame D339
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=5617377738196734319&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5617377738196734319&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YVFJQ8QAJWWFPQRYP5SE

Redirect headers

AN-X-Request-Uuid
5146f3a8-0d49-4ed8-bd2e-4d4f2638a898
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=5617377738196734319&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ap.lijit.com/beacon/ Frame E069
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9390db0a41168151d32b899406df86105086085cf192de90a472ff73497315d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
1239
Content-Type
text/html
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ewr1
ecm3
s.amazon-adsystem.com/ Frame 8B76
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4133652731328787904155
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4133652731328787904155
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
BMPQ5QANKMJ3P1KPPKDQ

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 15 Sep 2022 13:26:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4133652731328787904155
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
8qo2o072q52rp38633739ossp1n92oq1-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		462 KB
463 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/8qo2o072q52rp38633739ossp1n92oq1-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a3df9e44bd41b6dc5b1f458f607d046b92e1e48c1b14e72f6c4a1ebbd81a33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:01:24 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
48323
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
472632
last-modified
Wed, 14 Sep 2022 22:52:19 GMT
server
AmazonS3
etag
"3436913f9e610dc59739f428974b2d9a"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
RWERTQmGaOG08K7xJ7jzOQFod29R5MolT22FfT4uefbbyPu5S5LTtQ==
ads
pubads.g.doubleclick.net/gampad/ Frame E1C6 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C117014822%2Fhabsetlnh-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.habsetlnh.com%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2238538&us_privacy=false&cust_params=sessionKey%3D214035433-kmCiDPnmENDvt6qU%26schain%3Dsendtonews.com%2C8os8ECDrD71jnjCfMa7kvA%26content%3D8638%26placementType%3DPremium%26embed%3D8OhJreEl%26domain%3Dhabsetlnh.com%26player_size%3Dmedium%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26version%3D7.8.0%26player_status%3DLVFNMNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00142%26rand%3D6%26iris_id%3Diris_f3bcdbe69fdd1029%26iris_context%3Dic_5619313%2Cic_2815204%2Cic_9189836%2Cic_8717611%2Cic_8253715%2Cic_3165844%2Cic_1372527%2Cic_2002746%2Cic_5864912%2Cic_1589899%2Cic_0291942%2Cic_3572470%2Cic_6703731%2Cic_7753435%2Cic_1740894%2Cic_2407074%2Cic_1612662%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_3890383%2Cic_5591455%2Cic_7287399%2Cic_8555203%2Cic_0899282%2Cic_2668440%2Cic_7881389%2Cic_2897216%2Cic_4962242%2Cic_3348369%2Cic_7502096%2Cic_2592227%2Cic_9677800%2Cic_8529281%2Cic_9735264%2Cic_3142135%2Cic_3547359%2Cic_8736459%2Cic_4868828%2Cic_4700553%2Cic_8738142%2Cic_7257346%2Cic_2483904%2Cic_5081694%2Cic_2434802%2Cic_6288001%2Cic_8050831%2Cic_7767399%2Cic_6602298%2Cic_3496293%2Cic_3126790%2Cic_1709068%2Cic_5893960%2Cic_1650667%2Cic_2498081%2Cic_3311406%2Cic_2033437%2Cic_3914383%2Cic_6986624%2Cic_0981560%2Cic_5014948%2Cic_3980485%2Cic_4293168%2Cic_9728886%2Cic_5140707%2Cic_2371949%2Cic_2603269%2Cic_6701487%2Cic_4002575%2Cic_1994909%2Cic_4333712%2Cic_0504887%2Cic_9065769%2Cic_5550870%2Cic_0105657%26us_privacy%3Dfalse&sdkv=h.3.530.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr=0&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.530.1&sid=9EB26978-F5AE-42CD-B51A-F552F6B9CC80&nel=0&eid=44748969%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.habsetlnh.com%2F&dlt=1663248404826&idt=1413&dt=1663248406575&cookie_enabled=1&correlator=1230791390890522&scor=3619730531690050&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ae105fb92bf8830f822ffab74d0be4eee8dea40ef0d62a35c17180b51e587fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1686
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame E069 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=FUgmZPZH_KKON8_cQrCogwnz&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
WCHF4V81R6F89BSKR6G0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame E069
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=5617377738196734319&gdpr=0&gdpr_consent=
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=5617377738196734319&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
767e902b-1f88-4707-a456-2b6a1e891304
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=5617377738196734319&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame E069
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=a1fb6892-000b-4a07-b6b5-e0c7dd025162
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=a1fb6892-000b-4a07-b6b5-e0c7dd025162
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=15748475-8e07-4bff-98ab-6359de728cc1&user_group=1&ssp=fmx&bsw_param=a1fb6892-000b-4a07-b6b5-e0c7dd025162
  • https://ce.lijit.com/merge?pid=26&3pid=a1fb6892-000b-4a07-b6b5-e0c7dd025162&gdpr=&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=a1fb6892-000b-4a07-b6b5-e0c7dd025162&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=a1fb6892-000b-4a07-b6b5-e0c7dd025162&gdpr=&gdpr_consent=
Date
Thu, 15 Sep 2022 13:26:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame E069
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Ddfaa4b...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=16&3pid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
date
Thu, 15 Sep 2022 13:26:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
merge
ce.lijit.com/ Frame E069
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=YytOkWcgTZR4ekrGZyBRxzctTZR4KESUNnvzF1Cv
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=YytOkWcgTZR4ekrGZyBRxzctTZR4KESUNnvzF1Cv
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=YytOkWcgTZR4ekrGZyBRxzctTZR4KESUNnvzF1Cv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame E069
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=
43 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
223
PugMaster
image6.pubmatic.com/AdServer/ Frame FD87 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96652374&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5d3282e9686fc4bf241f7ebcc1e2465d3000944c1d7a0b481a63ae4eddead18f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 9D76 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=f52706fa-c277-4d1a-8112-4f79a7fbdeaa
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
Q7S7MWVSRDHYMHNRCR7P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 9D76
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-3159bda6-8ae8-4b68-4892-dce13bb97bc3$ip$149.56.153.184
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-3159bda6-8ae8-4b68-4892-dce13bb97bc3$ip$149.56.153.184
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-3159bda6-8ae8-4b68-4892-dce13bb97bc3$ip$149.56.153.184
Date
Thu, 15 Sep 2022 13:26:46 GMT
Connection
keep-alive
Content-Length
172
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 9D76
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=26915d36-688e-0b3c-19cd-fb9eccb6a5d9
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=26915d36-688e-0b3c-19cd-fb9eccb6a5d9
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=26915d36-688e-0b3c-19cd-fb9eccb6a5d9
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
v1
match.sharethrough.com/sync/ Frame 9D76
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
byN59NcB
sync-tm.everesttech.net/upi/pid/ Frame 9D76
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663248407.913780,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12820-YUL

Redirect headers

location
https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
date
Thu, 15 Sep 2022 13:26:46 GMT
content-length
0
609df56b-f77e-401a-8a75-4f040d3451ef
https://www.habsetlnh.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.habsetlnh.com/609df56b-f77e-401a-8a75-4f040d3451ef
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
container.html
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA88 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
Fri, 15 Sep 2023 13:26:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame D275 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
c3b5432477546c086cd062707f625a76
Content-Type
image/jpg
usermatchredir
ssum-sec.casalemedia.com/ Frame D31B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyMoFrNhHiM6znH3tYb22QAAAhEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHhtreQOFSU9-FWJw0LipCU&google_cver=1
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHhtreQOFSU9-FWJw0LipCU&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b23009d6a228-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouGH0YioCdP3R6XPDV2dWj28tDVKlObHnOaZR0KqPVXft6vBREkKIMkKHYuz1VgX%2BbYMnml4onTxPpu7H3ph2Id0PlehDNbluafiRbxfKL2p9agsXUsB5dRpJwmdWy7ZftrlTRItdqV8GA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHhtreQOFSU9-FWJw0LipCU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D31B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyMoFrNhHiM6znH3tYb22QAAAhEAAAAB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
CCQNWBAGV7B5QM1A2BPM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D31B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyMoFrNhHiM6znH3tYb22QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOJrStg6QoI9r5eybXWsoQ&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOJrStg6QoI9r5eybXWsoQ&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b230ad95a1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Qu6nkRA01Lfu%2FpxxD1hfMa%2Fpuo0O1B2Wl7XiyScowaJjrbtscKYetZCG%2Fvf1w6e8dNxEq7kkl7Qgz9wTEPhCm3kjR2FOhHyd%2F1YUF2ujjrcXQZK2OVenG1noBJxXzTmYSPCdrV8gIQFdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEOJrStg6QoI9r5eybXWsoQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D31B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ed3c8bd3-4667-43c0-99a6-69a472397389&expiration=1665840406&gdpr=0&gdpr_consent=
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ed3c8bd3-4667-43c0-99a6-69a472397389&expiration=1665840406&gdpr=0&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b22f4b70a1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSNpvjS55cEX4i5Xv6NRJ8B0He4078H1XE8Oj2OOj8mCzfHkT5oHtrL7dQMns8D13IlbrjgA0rJbg59%2Br2RY%2F0R6ncVzEPBgiwzXfSwF1KmyE97pNmC0iIKOiqRPAxxZ9nC%2FIMlhYRpPGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ed3c8bd3-4667-43c0-99a6-69a472397389&expiration=1665840406&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
rum
dsum-sec.casalemedia.com/ Frame D31B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=b8CCVp5cQitZmB1Wfy44-pU4mbg
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=b8CCVp5cQitZmB1Wfy44-pU4mbg
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b2300c93a1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Fm8HTABzKs4mIkxfXcQOIDX5Xlr1ovFxEeb%2Bj8lYcBeNxuJTKWQa2z5bSM1TQll1HUI2Vn1fcenKS4SL%2BmaYLPbW1%2BT%2BhU8A6%2B3vYqmxQ67C0yNJ%2BefNqt9mmnJ8OvVqU2hQflfbFYazw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=b8CCVp5cQitZmB1Wfy44-pU4mbg
Date
Thu, 15 Sep 2022 13:26:46 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
r.casalemedia.com/ Frame D31B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b233ce9ea1da-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HdT2EymiMsdxkvtH7MVwci8qrrC6ArU2cBFhOySID%2FtUlD%2B4%2BJZynq%2FeKka5MIHt3REX6LukacvccwrZUOA%2Fu0J9f%2FDFwmK6QfWt7rI2KSk%2Bv8M4cbIa64WKM2Hzv60RqGm"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341&gdpr=0&gdpr_consent=
date
Thu, 15 Sep 2022 13:26:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tp_out
d.adroll.com/cm/index/ Frame D31B 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.142.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-142-71.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame D31B
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=693012122059
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=693012122059
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b2300c92a1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffYysOcl6NilBn7%2BAMZU9fl4EzB7Pc79Z6oAhhV%2BjQAxXoCDKr6hYQgYhHxvd9%2F6BO2upRfLZLW%2FfnLe6P1h2x8amXXNTMnlfXQObhBh%2BCvI8xGXzc1pamvV7CpqB5kNhAPH7ebWL8%2B5pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=693012122059
ecm3
s.amazon-adsystem.com/ Frame D31B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YyMoFrNhHiM6znH3tYb22QAAAhEAAAAB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
ZZ18TKFFRPXNR5FX3TXX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=kmCiDPnmENDvt6qU&instance=214035433&version=7.8.0&age=220915&cmd=INV&key=8OhJreEl&c_id=10113&seq=1&order=6&absoluteTime=2033.3&relativeTime=1291.3&alt=0&sC_ID=8638&sm_id=2238538&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&playerCfg=BR
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=8OhJreEl&ES_key=8OhJreEl&ES_ID=33608&S_RKEY=c07nGh3slG&USR_ID=214035433&ST_usrKey=kmCiDPnmENDvt6qU&SM_ID=2238538&C_ID=10113&C_companyName=H%20and%20L%20&version=70080000&sC_ID=8638&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&PLAYERWIDTH=400&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 15 Sep 2022 13:26:21 GMT
match
c1.adform.net/serving/cookie/ Frame 3A11
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 6F98 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Sep 2022 13:26:46 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12820-YUL
x-timer
S1663248407.913784,VS0,VE0
ecm3
s.amazon-adsystem.com/ Frame 9A11 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC00332E3-CB96-4A2F-A5DF-EADBA45E5908
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Sep 2022 13:26:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
91B7C3S8AQSBN7AND283
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wAMy48uWSi-l3-rbpF5ZCA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=101678
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 16 Sep 2022 17:41:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame FD87
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C00332E3-CB96-4A2F-A5DF-EADBA45E5908
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEMwMDMzMkUzLUNCOTYtNEEyRi1BNURGLUVBREJBNDVFNTkwOBAAGg0IltCMmQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8753eb6e971a65c93814e407ff0abbab7e468ee07eb1343a310f8287cfad0b6d791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4NzUzZWI2ZTk3MWE2NWM5MzgxNGU0MDdmZjBhYmJhYjdlNDY4ZWUwN2ViMTM0M2EzMTBmODI4N2NmYWQwYjZkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4NzUzZWI2ZTk3MWE2NWM5MzgxNGU0MDdmZjBhYmJhYjdlNDY4ZWUwN2ViMTM0M2EzMTBmODI4N2NmYWQwYjZkNzkxNDI2YjU0MTdkY2UyMRAAGgwIl9CMmQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=84eef1c3-8d29-461c-adb1-b39a7a3ac0ae
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=84eef1c3-8d29-461c-adb1-b39a7a3ac0ae
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=84eef1c3-8d29-461c-adb1-b39a7a3ac0ae
date
Thu, 15 Sep 2022 13:26:47 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame FD87
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=88a36323-2817-4a00-a1b8-486a0f4532f6
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=88a36323-2817-4a00-a1b8-486a0f4532f6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Sep 2022 13:26:46 GMT
Server
MT3 4505 5b23575 master iad-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=88a36323-2817-4a00-a1b8-486a0f4532f6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Sep 2022 13:26:45 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FD87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzAwMzMyRTMtQ0I5Ni00QTJGLUE1REYtRUFEQkE0NUU1OTA4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FD87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBcCrmPouWXhIjO_TpaX9HU&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBcCrmPouWXhIjO_TpaX9HU&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBcCrmPouWXhIjO_TpaX9HU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FD87
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:02DD41C59D804A8CACCBBDAC9D58E6B5
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:02DD41C59D804A8CACCBBDAC9D58E6B5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 15 Sep 2022 13:26:46 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:02DD41C59D804A8CACCBBDAC9D58E6B5
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Sep 2022 13:26:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FD87
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7898369240051085363&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7898369240051085363&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7898369240051085363&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FD87
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ed3c8bd3-4667-43c0-99a6-69a472397389
42 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ed3c8bd3-4667-43c0-99a6-69a472397389
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-Azerion_smrt_n-amobee_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ed3c8bd3-4667-43c0-99a6-69a472397389
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
ads
pubads.g.doubleclick.net/gampad/ Frame E1C6 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fhabsetlnh-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214035433-kmCiDPnmENDvt6qU%26schain%3Dsendtonews.com%2C8os8ECDrD71jnjCfMa7kvA%26content%3D8638%26placementType%3DPremium%26embed%3D8OhJreEl%26domain%3Dhabsetlnh.com%26player_size%3Dmedium%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26version%3D7.8.0%26player_status%3DLVFNMNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00142%26rand%3D6%26iris_id%3Diris_f3bcdbe69fdd1029%26iris_context%3Dic_5619313%2Cic_2815204%2Cic_9189836%2Cic_8717611%2Cic_8253715%2Cic_3165844%2Cic_1372527%2Cic_2002746%2Cic_5864912%2Cic_1589899%2Cic_0291942%2Cic_3572470%2Cic_6703731%2Cic_7753435%2Cic_1740894%2Cic_2407074%2Cic_1612662%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_3890383%2Cic_5591455%2Cic_7287399%2Cic_8555203%2Cic_0899282%2Cic_2668440%2Cic_7881389%2Cic_2897216%2Cic_4962242%2Cic_3348369%2Cic_7502096%2Cic_2592227%2Cic_9677800%2Cic_8529281%2Cic_9735264%2Cic_3142135%2Cic_3547359%2Cic_8736459%2Cic_4868828%2Cic_4700553%2Cic_8738142%2Cic_7257346%2Cic_2483904%2Cic_5081694%2Cic_2434802%2Cic_6288001%2Cic_8050831%2Cic_7767399%2Cic_6602298%2Cic_3496293%2Cic_3126790%2Cic_1709068%2Cic_5893960%2Cic_1650667%2Cic_2498081%2Cic_3311406%2Cic_2033437%2Cic_3914383%2Cic_6986624%2Cic_0981560%2Cic_5014948%2Cic_3980485%2Cic_4293168%2Cic_9728886%2Cic_5140707%2Cic_2371949%2Cic_2603269%2Cic_6701487%2Cic_4002575%2Cic_1994909%2Cic_4333712%2Cic_0504887%2Cic_9065769%2Cic_5550870%2Cic_0105657%26us_privacy%3Dfalse&url=https%3A%2F%2Fwww.habsetlnh.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.habsetlnh.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=9EB26978-F5AE-42CD-B51A-F552F6B9CC80&adk=2458199627&cookie_enabled=1&correlator=1230791390890522&dlt=1663248404826&dt=1663248406855&gdpr=0&ged=ve4_td2_tt1_pd2_la2000_er475.130.700.530_vi0.0.1200.1600_vp100_ts0_eb24171&idt=1413&is_amp=0&omid_p=Google1%2Fh.3.530.1&osd=2&ptt=20&scor=3619730531690050&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44754420%2C44760950%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=44d&sdkv=h.3.530.1&sdr=1&vconp=2&video_doc_id=2238538&vpa=auto&vpmute=1&nel=0&cnc=117014822&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9f3abc483ad462816dd49e04a7aa4261c28ea4bcceb8a9d58b3e9d76f374db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5689
x-xss-protection
0
google-lineitem-id
5387106398,4909238611
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138313471540,138400877114
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A521 		645 B
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXj1AEQ74_6ARiciJ--ATAB&v=APEucNUZKuZDbtQaYgvul9iFkAFwnkvvjLyOyvhvfMVERJAZxCxz3-4JCIAqaCybK6uf0bJbGqHojLR9cTdQWArundo13F-9zKt9npM81CGi3BYqPQY3jRI
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
Thu, 15 Sep 2022 13:26:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BA88 		73 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgYIN0pMwoJwLgBYYMlYavDU1hjsh0W8pHTpx3DU9IfDWOHlfXHp3_EV7jlWdq-LyzrY6tRy9SzmzhUZuug_2y5tNARA&cry=1&dbm_d=AKAmf-BsewIJFQtijEmRnCaswSM5sMTCgSk5aJolpGCeDYdAaEhg8YGzW0ReD0rw_sOaFJbu3kucvS3Bp1PRfvgcxZIYiFWyahoWV0lPtTUxaf2AbsdhqJqvu9bBOwsb-JcCHZJdl74DE3v7fY820tDd8i8-IDh_NC_iv035x6HmirK0aqE4bBtuonPNfutpMSd-wtsZT9txe9JWZncmDDx5G26Rnbi8wNeW_ljH-OQXPAYsNfrr-7FEpZl8O_bU5XP1e64AI7agspIn9qZWOM_OK_ltWjMwkOG4HeATE6IGja3SF6anjqp5kJO6qtvkpYzpTEbT0wC4pQloW6YO91wTTv5g-_hHGiYPCqwTIhPlpkqaaZTiRJ7hEX89BFOlyZMk_32Vs4rtb3oGx3C2YyjR2RDGaBds4Eu1yOqeSD81ABBrjc5-6QgHmdg2ox7YkVejv3u66D18UgG80nOTxZksxwATmwN2XCOnTCxxdM0zilhMqgEpjpG3VcRgfuhrUa65K8xHibarrrHb3qi8-w5LVKj0Y-DahvO760WV_0WEJ1tlFwQMUI3G77gUfAUbVZ0WroUYZBdv0_oiyXrB0ZnmGTbHx5WwnjlKEre2W3G_7RdntuOMwSVQfho6tZaOqQjLDPfqrPlQM1TeyGCzfjH95wIGm69PnD7ru0JBV6T3dIq71SOIqazQ1HvH7RNSqZMdXfpByTWweRAvFbSPbdSZRYhdvWJZWexdm4sOnBwYKF2Lw6s_iI1rV7am86aBrqJRO9e4IDHv9jt4g8ANwyBnP4CJf97HCjZUpG17uj8mkSFwexOGj-RoKD2oquXuPxHvnSvD_yinXZyWn7Djt5J0wg5xfjeeZGyOeuW0VQYY2jjnVA6DQaurb25lJJq2qnxYvU0XKuyNhDOWX6s0QFFLcPxGpa_iQAve4VI0P3TdbQH7vrWIM81xZ4d0Tbd7QqyzNuq3dR0AjR8trSuMJeekDJI6q7sjfih7UVA_ttcC6wX6SYZdzwp1ce5wdAuZmFDdGeNFxz2mxYWj-SKSjaa4WmmA5dYIRDXXiITJ6bSHAXyCBzzCcPF8MN1Ul0csZ5FnAx0WrlMy3rpNeqpNRogWlqJeKpdN9rnKfu0FBb5rNCzXK8jHGTEyqBEA6575yKk-FXxsnLCHLmtD9AZM5HjX8VzMIfw8oz06wIP9waGpIcbc8PM3iYP0gRITbszBVHm3AciOUWMXMf8s-UummV9sm-J6TgdU7xv6gNEhxSoFTxP2-iDYjVL3XKzXeNOKllZF8L25IL5_uOVduuTWMnwORApZbqHTh2Fr3vgJ4zxpoY1S_LssK5ouoHJmVkk3JV0nuY83NjqFOUaLCCl_TQb8GymmFfjxjUt3O5BFBo8FVQr1MDUc38PPj5524yXM9iJ1SjmwNq6t10nRnA3CL02BStEhAWBS1jlS_x2j_qAjIoDmTIpVTILa8vxLT48uredbyZGQJUGlXeU1wI9mb4SW_vKz-Slr2Q1QjpFHYr1IKHp5Staib48jb2RP_AsRq5TZ337qmJ2DwXinRBSHq0FQ46XODbtfeDYNs_3_DFGgU-YOrhB_5G1aoiuVZhQr2tXUgENy8Nt3YzpM8MLB-kcSgozRwuDikR6x_dmZ-ceWanZw8aEEbWB7vlnQnbaxoGv6BlN2D3Eu60em-WGlyp9-Pw_IRQ-gSU3V2Q0u-PFwlmr0IkaqJffJPOX4PW-5okQBE96iTPCueUbvRSAE5iM-01kA6J2M5bY3f7Ub0Ky_Zb5UYYw0ub0A-0PDY0lgW6OPUDlqdOtWJY50pxvkbQoKFmj7b-Ieb4FdRHvg9Z-w_4kQf4GGm-UcBlp9kIl4aOoC5qYn0FT8B4y33727f-4GkAUiv43cf5EVJZA_gy-fwtm_4swEN4a_3Aag4LCGtr46wXJlgXcZhvUNohOJayAluEy0Wmt4aZoPgShEjkUdb7cVM5zGNkf8tQrhmKZPlPjmc7HKWfWEnHZ5tg7ykXSgjF_IzMeW9LwQwBSGlzX6a5ETXCZXRdVONwemYnhS5O4X1UM-XHNpcgvzwT29SXUjnW55d0yeEpmrg-dhaMvnCcOLOkNUJFUmxM0iVTmHM61sWoZWvIL901O2F3DIgGsz9oOSRE3reFwJm-m4Pa7ByRXkf3U5gZl068TBDlIozlwDJMsFPdgNPlyoNhHYeagv89MUnr7lON1EZi07GT804MmOFnDS-zjXmwpOWTGbrJy8_qLo-ddJg7nOsmXUCNfv8rVUCrI8D5-Ne4TOhZvf_Tj5P5O6Zhe92m-kMW9JKEwTgp4kmdUriBMOSpUIgGsiZVS2wNYVxKuCt_wK27B-JTc2MXp5v7yv47N7vSeamF3OoGYp42Uk6-tECtw2poma1EVQ6-f8SxuQ7KX7BzMVvVKqZ8ocWd81qFwNE-EO4dRhnmsY5rot7VnxZxAoYBrUh06NtCIJgi7S5KCwD5aUvae2OyjgZlAq6pRnKF_-jntYGAH23L65V6A9LfOGWNizgshnlKJHJQ4VflgGEUoswSmrvj8YXJJMM6S7QW11HrVA-093QsD-ERQxvFbzTPJXO4Y2AobJ_vP9OJdVYgjSazVeWj3PUpsDJpEusjnQxiBNsSLKw5yPWevjTNtzf0zDlEwEN9Kko4TQqzo-JBNWi1iuuag3C-CSX5IJvEqzGbalqVRympeMmL0KhWKWTF1RfUvtzhZnTQpcFCu4MLrwnYtW_FqWXMwZSk_oY8E6qXbjG_pdTNLd9nt9op_aZq9VzZ669culo8DJYhjAXgbXdkqG9K8I-XAzOEzqCYGEZj-0pAkckeUoxMuJ7SMIc6lOyAeIqNcppDO61yXsaVMWArg52DK7YSVBIazuemXLvfgRD3v_YLnD3ASb20cs-B8wYavDGMltVDh6v9sf70VGMijQ4H3O0UZ-84YanOXNGZEBwRwGTMsPhfPqFG2Hi0WJhk7dYRaGb2R-K071UjrtxbmxHDedlcMnUggVselk4pGqWXSO1fp4JY82hrtBux0w0RAmxqOxr16s8gm6pjWS1CJhgdBrJpirA_mBUWq2GGagB_3pWMRItk5R4i2ObC2L4V8TXkxJR_EozMuJqAbFRw0Qn3R-hoHPaSPuEibH5NvTT-YldozH5OvA1ZNU3e4AvfZoVBr7mV6BM4TYrqBVu2hGquUWUjisDhLsNpbBA2eayVSRJbaBoN6JLy8g7Zc5ugBz76zkP-vmUxYzyNrz6qrecfFuEtM&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94fe1549aac5f24170f5201d02572132b8b36d97124d144681861589dacd30b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34720
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA88 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBUWYXWP01eA_G5zpfrecHSP6GDCHud4Vo32tAudroOj1yiInHvuf15glV4xuCFw8LBR29VFLSvHMuKJTpI1_k3dbP2p-juEGzS9ugT6B9aCMAKSQ
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame BA88 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:18:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame BA88 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:21:18 GMT
l
www.google.com/ads/measurement/ Frame BA88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3QrtBDsGiiCZKhKpf_Kzz42OKqUN7B0n9Ryz8X1DZ1PFA5dKNOEF26gv4aPHuRHaE_OMvbTsUg7cYf39yQEn74kNT3Q
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA88 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Sep 2022 13:26:47 GMT
container.html
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3EBD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
Fri, 15 Sep 2023 13:26:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8qo2o072q52rp38633739ossp1n92oq1.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		486 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/8qo2o072q52rp38633739ossp1n92oq1.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0bf87c1b267f3e0107336bd2cae012543146d04ec2db9c8e2d057276b2188bf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:00:28 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
48379
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
486
last-modified
Wed, 14 Sep 2022 22:52:17 GMT
server
AmazonS3
etag
"8dc6a1b1a82ccfdd4c19cd1b7e1b8552"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
TOMRYNI3Fdb1fsKuPFOGifKmjx9RllZggMYMX-AVjts2-HqEzj0-Pg==
um
sb.freeskreen.com/ Frame D275
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=L8335ODC-1B-48Y2
  • https://sb.freeskreen.com/um?mg=L8335ODC-1B-48Y2
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?mg=L8335ODC-1B-48Y2
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
3.220.70.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-111.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
expires
-1

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sb.freeskreen.com/um?mg=L8335ODC-1B-48Y2
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
Expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A7A8 		645 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsYivSYzgEwAQ&v=APEucNVgtwuBOTJJ0jL4UHM3FZIWxynrfLDL1fNttd47Z9QPqOijGIOVhDns5D6z-H4gNfbYYIup6Kec8cRTRHKJyTJsSYgUnuzpLHsVdQ8oqE3a3nF4CeI
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:47 GMT
expires
Thu, 15 Sep 2022 13:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3EBD 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxmqABLW2jXPXZJdmuHp7RpdE0IUj30yJmmsVKByp97ZRReCLnOQTCVUtX6q_O7hfuHZKNqGklbQFfwJvDUXpmzrroPA&cry=1&dbm_d=AKAmf-DtfS_BOpQ2-PcWFENx3MQaYFyMQPmCIpKNK5-vXDYI31hCkxdF7iCyuoXUZgM2z15iwdFK5P44PIK5heDdE4i-6vs68dfYrKgvDSIy016t3wiREwjpSUMYxaxmdchisVC832f0tMQYYdyyCBZzT79E7rEJG00ED8oMZjA_-Kzq_UwKjn8EzFLAe1CxpwEWb75NM2T2M6oACTXwZlyFMYnDOBHxZfqRLVfch0Lo9NTfk_i_5AIvUEZKvRDMnYcaxHMtPQtGdpNsBHxPuqmPir5H4nFIeK9Nsk6T4aIczQHnUeE3CC_D7oYZuyCF-8ka06MSonFleZPUh7uBoEC3VAzAdPJOBCLA-NeE52EqGcnqMshPhoZlMcVyPcakbSpMcH4WJiXNZ1GlmtjtyUUHDd9ZqxvWdtusWYBx-6RLdJT51a9mZo06Ww9xx74T5TKW1ErXZnShqa_4IuQkqFeQoRflrKtVwn8JP6mpVdr2jdlN2uZy1UtuRAX_uCY0DlNGFqQU3guuDEjCsqoXbZMi0NVECIpGQtbxUh9yXuzi9DhVr5XWjQSae0Ib6TEF_HPcDAarj2NIgWA2l4iORqCe86mj1KvFyABmMNtfy0gynmqtT_LmxQKiDStxaOIE2nYvGrTH2yPf1BlWc_fUqyHlkPU25fL5sVHKml1swFrKR-PZql4uzJ-X0v8MGTbDQ-Y5_v-tSFhJI-9v-oEHSxyr5-JoldsZS7qNMicLasa8tudeED8eqz5363_dHGfAHjKBAlbccWAXbyn3nCIyhlKgXcAscAgz8zirTfrV6IBq3tAtSvl95kZG9UxcJaB6_wiXr8xH1ax2zlL2jZiS-BKNB-6zxsUxvQ_tD_P-v0c0J_0NyIrR92OnM5xZsfaobsuZ3828X4RBOeIqOSUVicJ84DxVdgttaZdA9mzOvUKU9AvUj9Bb6uUIi50jPeWdAL2IJLKTI7SWi2BIClox0Izh0vKx1pxTgQ8IQp7KqoT20-9Q2wK_cxKS-Cb6v_LKmH8K4ur4GcYMXWx8r0YB_vcdkqX8VMBNFKWkFESLTyFXN0clJtnk3dtxoj1p4Ipjzx4Q-9kolcjW47LRwxryve4X9L2t3tKBkFo0q1BFin1rPkBV6bUlCjnI_a4i5m1XT5lVa1twttQyQHIZhjTPJ7T3GfqNKC4r2SDfzFlgsU3IF99MKnAj_RygHVslcUQfU3CBL07hb6NRh6USsYauO1zOvWPmId0JuGrwMytesqA_gTIoVIP6bU-3LXlLe-wHHuWUUQ_klBIcWjknLNBEZnzjB-EmHtISlkEOz9jZk1qbYY7m3JlDUsrmU25tL5w3WFMMN0lVcXLVXiX5fZG2N7vwtHsVVi6VVv1AFSaX7ZNDrietxn0VaWz25Uvgv3IqRA8QU46EPv4DGxqBSbXfsoS3lJTrzqQe_tLor-LKoTNoosz6E5SD4pRh63o3A41f0034YEusDd0PkV2jVqwHSKA9kNGqd1W0hOIJyCRF_QcSfgZ4sFBH7KN9sgH_26fMFHByIW_cub8-VOg4u8AfLKS28b93PCjshn2DzFop0uu0DqBPYRohRZbG4LpM81LHRZofXjinSJj8I117sW44tOT6RRKv9OVM5CoYl2S-GbuAVy73Z2ZP1tfN44EXk3RxAkR_uT0B2StjpaUaWPS4PEC5hSGwdcZU9bdMp9bGUuvVYUX-wL5m-Ojorl8Ar8GT5C-EvdAkffQqqdzFhtNsjv6oC9-SWWLQCRvF7L9YSS-FxFcTjBpyZEXJO4aWd6TWRxln8cDUvWc0GMGAcowVMoUauVQJ10tVakOAt1WhQ7AW0Vi9wslFn2mBpqlXlQsa8rfA5rqVqUyPjZCWSJkrgweh0dY2-6GEwVw48cwHm_VEUzdBxeb2lTlChYIWmKazlrl_Ywk25F5Ntuch_4NHX9c8RzbbwqSI2hcHdSB3NCicKCrAIWaAkF7_ucXynqjzd64e_NzRCSMJTmeTTHr6g1vWxg8lg8FPMXJF4NfeaJhxhlqXi9amEiw9J64OzUe5NQsJxsJidOQk_D-oZbvlsbXagomdRpxU3CDXjEw8CcH1lr-IbC3rnNMoQ_EP5VQls0QleWPWK2TCE-7_VOeYbEiCaHZI30RgqrLKY8qp_aKk9eVjxAemn9LK1gAk47Iy8JTKM_aGWg4FibOMlRTVo-6bmD8nOYo06GrLu1WCBX8ruYD5dAC92OwgX6Ig11rgTt8XaybgcZkkVETYNsCVmn9_dJVg4Fng196fN_PgbRfuNx8JqQL2FILujA27jes-STQUzeQr15bu9BFijUoSp-Mr8BNu6NTn6T_bLrhLP7_We9Nj07gRJbzZXe0PsNg14vzdyZSzI4SStuTOB5a0ZsFKvLF3B6DlPuxCLePHjoXp8rXD7K00gi76I25smIv0eeupBhOwqbG7s8GkwAlTLRNIPmlbCmjNfBaCU1vfprRnzp30D0yutPx8ODbCwzAEajIdEfibNWtqm965fT24dyMFnuVPnhYMgxsV4sWplR7mMFc_ukx8sQOc6yt-qh3PoYGKnpKVmodNGkaNqcsnsJwWs0qqATdjSZNRE8gAyaJSS1_r7M9oLyb7mw7xUAD-3uvfT8u7ag0jTzAGsQNMEXLce-JUHuz9YZKqt4-WSPx74OeiCtBMr50SX9m5K_WQJVmrxa1gaRynkJF9OzIDhR1GMHi03zyUCJWSXl8xkbmGC7Wzuq92vKESJLnqvOncyACYx_jOZswtQhW5UjrvvipsVIQwuE__R0u1ixmfYK_665NZXhyy2Q-7a7XwcJg8IYEwm_UTBV1DHzWDA7Mrr24VMcF5muWhYFjgWjYTbyg7FpE9M3u0Qr4E0iiKOwbXUMCPFPlpBhbUTg6Jh1me9SJFG7ZD-J5AJfp6eD2YFzpN6cJ3ig0PEh2PqJux273zGF-glkZzjdNAIhSv-CeA-MbgvWu3NWqNpP18zftGkCXhBcWipu0du82tXWQ9s3OS2MZZGcI0_lRS-Uz9iGz0WbS9RAFrvnWTWMRfBeltZFIF7yMqkFi6_iEfZYMUolrCGyPbM_-ETG5J-gG3Tr4IfS0SR68MS2MoQJSaqGPCnUavu2_5torSL1Vsrt8wnY4oowELkmN4LKLmRorSwHunzTZWLC-YvxzaQwAHKppnEPPW1u8mPRjQpTfU2Gao8bS5dxX2Lj_wfMxIOMInM4PUW0tdvkmfUYN5mw&cid=CAASKORoTyUFGHxOnCeIfNUpOK_1wqULsFItWZMkLUmQOzXVW3GRQVXNi8Q&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1824b35181ba5c192931905d3d10dfbcdbc86dbc74597411f8d8c78dc44376f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36870
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EBD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C51tjQXfJlvEi_nU0nHrUFi1vto_lryF8U5qDRawY_76c5CIwpKpPGgVi6NX0kuxIBlOndBvUK33bP2E7i8tmwH7ot62xqZa1b0OAdVWhtR_618aY
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 3EBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:08:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 3EBD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:21:18 GMT
l
www.google.com/ads/measurement/ Frame 3EBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEvQceEttj23pkP4ajmU9HAjVL-u8TwwySmjQxTb5DlqLUfvn4hPC-n2n-wXBxtDPkICL8ijrqOL6MBKO3sSgPST4nBQ
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3EBD 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Sep 2022 13:26:47 GMT
rum
dsum-sec.casalemedia.com/ Frame A521
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXj1AEQ74_6ARiciJ--ATAB&v=APEucNUZKuZDbtQaYgvul9iFkAFwnkvvjLyOyvhvfMVERJAZxCxz3-4JCIAqaCybK6uf0bJbGqHojLR9cTdQWArundo13F-9zKt9npM81CGi3BYqPQY3jRI
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b230bdf9a1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dp2arIIG9frh4ZMNhHU5%2FMXytnd4wyfjk9TmL1PQixgLUQiVplkgnDRw2TLwJVV%2BHzPQkN%2BEN9Ye4wUVHh0pRyrfoS3gmrwIHZGamuTbSJlbAbXQXCfnHe3LjYljABA%2FzT44D%2F4ltW3wmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A521
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyMoFrNhHiM6znH3tYb22QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXj1AEQ74_6ARiciJ--ATAB&v=APEucNUZKuZDbtQaYgvul9iFkAFwnkvvjLyOyvhvfMVERJAZxCxz3-4JCIAqaCybK6uf0bJbGqHojLR9cTdQWArundo13F-9zKt9npM81CGi3BYqPQY3jRI
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b2314eb1a1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HljYIw22QKLTmEdEAV5oM81Qum9pGDkVQKQcgvgMO1Mv6d8JkAAOucPmFW3EICVlpfp%2FsFV%2FurtW%2FO%2FzpnpsFQjdXlxjW0uWSsjK3ZwY65HIb9qo3%2B3t%2BwPgQDh7lDrmD0WIdDPMCnWUiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A521
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXj1AEQ74_6ARiciJ--ATAB&v=APEucNUZKuZDbtQaYgvul9iFkAFwnkvvjLyOyvhvfMVERJAZxCxz3-4JCIAqaCybK6uf0bJbGqHojLR9cTdQWArundo13F-9zKt9npM81CGi3BYqPQY3jRI
Protocol
HTTP/1.1
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:47 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f8942acf-0e40-436e-a38d-eedc346ddc09
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A521
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXj1AEQ74_6ARiciJ--ATAB&v=APEucNUZKuZDbtQaYgvul9iFkAFwnkvvjLyOyvhvfMVERJAZxCxz3-4JCIAqaCybK6uf0bJbGqHojLR9cTdQWArundo13F-9zKt9npM81CGi3BYqPQY3jRI
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:47 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e73c2abd-4490-4176-857a-4b77b457b83e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame BA88 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgYIN0pMwoJwLgBYYMlYavDU1hjsh0W8pHTpx3DU9IfDWOHlfXHp3_EV7jlWdq-LyzrY6tRy9SzmzhUZuug_2y5tNARA&cry=1&dbm_d=AKAmf-BsewIJFQtijEmRnCaswSM5sMTCgSk5aJolpGCeDYdAaEhg8YGzW0ReD0rw_sOaFJbu3kucvS3Bp1PRfvgcxZIYiFWyahoWV0lPtTUxaf2AbsdhqJqvu9bBOwsb-JcCHZJdl74DE3v7fY820tDd8i8-IDh_NC_iv035x6HmirK0aqE4bBtuonPNfutpMSd-wtsZT9txe9JWZncmDDx5G26Rnbi8wNeW_ljH-OQXPAYsNfrr-7FEpZl8O_bU5XP1e64AI7agspIn9qZWOM_OK_ltWjMwkOG4HeATE6IGja3SF6anjqp5kJO6qtvkpYzpTEbT0wC4pQloW6YO91wTTv5g-_hHGiYPCqwTIhPlpkqaaZTiRJ7hEX89BFOlyZMk_32Vs4rtb3oGx3C2YyjR2RDGaBds4Eu1yOqeSD81ABBrjc5-6QgHmdg2ox7YkVejv3u66D18UgG80nOTxZksxwATmwN2XCOnTCxxdM0zilhMqgEpjpG3VcRgfuhrUa65K8xHibarrrHb3qi8-w5LVKj0Y-DahvO760WV_0WEJ1tlFwQMUI3G77gUfAUbVZ0WroUYZBdv0_oiyXrB0ZnmGTbHx5WwnjlKEre2W3G_7RdntuOMwSVQfho6tZaOqQjLDPfqrPlQM1TeyGCzfjH95wIGm69PnD7ru0JBV6T3dIq71SOIqazQ1HvH7RNSqZMdXfpByTWweRAvFbSPbdSZRYhdvWJZWexdm4sOnBwYKF2Lw6s_iI1rV7am86aBrqJRO9e4IDHv9jt4g8ANwyBnP4CJf97HCjZUpG17uj8mkSFwexOGj-RoKD2oquXuPxHvnSvD_yinXZyWn7Djt5J0wg5xfjeeZGyOeuW0VQYY2jjnVA6DQaurb25lJJq2qnxYvU0XKuyNhDOWX6s0QFFLcPxGpa_iQAve4VI0P3TdbQH7vrWIM81xZ4d0Tbd7QqyzNuq3dR0AjR8trSuMJeekDJI6q7sjfih7UVA_ttcC6wX6SYZdzwp1ce5wdAuZmFDdGeNFxz2mxYWj-SKSjaa4WmmA5dYIRDXXiITJ6bSHAXyCBzzCcPF8MN1Ul0csZ5FnAx0WrlMy3rpNeqpNRogWlqJeKpdN9rnKfu0FBb5rNCzXK8jHGTEyqBEA6575yKk-FXxsnLCHLmtD9AZM5HjX8VzMIfw8oz06wIP9waGpIcbc8PM3iYP0gRITbszBVHm3AciOUWMXMf8s-UummV9sm-J6TgdU7xv6gNEhxSoFTxP2-iDYjVL3XKzXeNOKllZF8L25IL5_uOVduuTWMnwORApZbqHTh2Fr3vgJ4zxpoY1S_LssK5ouoHJmVkk3JV0nuY83NjqFOUaLCCl_TQb8GymmFfjxjUt3O5BFBo8FVQr1MDUc38PPj5524yXM9iJ1SjmwNq6t10nRnA3CL02BStEhAWBS1jlS_x2j_qAjIoDmTIpVTILa8vxLT48uredbyZGQJUGlXeU1wI9mb4SW_vKz-Slr2Q1QjpFHYr1IKHp5Staib48jb2RP_AsRq5TZ337qmJ2DwXinRBSHq0FQ46XODbtfeDYNs_3_DFGgU-YOrhB_5G1aoiuVZhQr2tXUgENy8Nt3YzpM8MLB-kcSgozRwuDikR6x_dmZ-ceWanZw8aEEbWB7vlnQnbaxoGv6BlN2D3Eu60em-WGlyp9-Pw_IRQ-gSU3V2Q0u-PFwlmr0IkaqJffJPOX4PW-5okQBE96iTPCueUbvRSAE5iM-01kA6J2M5bY3f7Ub0Ky_Zb5UYYw0ub0A-0PDY0lgW6OPUDlqdOtWJY50pxvkbQoKFmj7b-Ieb4FdRHvg9Z-w_4kQf4GGm-UcBlp9kIl4aOoC5qYn0FT8B4y33727f-4GkAUiv43cf5EVJZA_gy-fwtm_4swEN4a_3Aag4LCGtr46wXJlgXcZhvUNohOJayAluEy0Wmt4aZoPgShEjkUdb7cVM5zGNkf8tQrhmKZPlPjmc7HKWfWEnHZ5tg7ykXSgjF_IzMeW9LwQwBSGlzX6a5ETXCZXRdVONwemYnhS5O4X1UM-XHNpcgvzwT29SXUjnW55d0yeEpmrg-dhaMvnCcOLOkNUJFUmxM0iVTmHM61sWoZWvIL901O2F3DIgGsz9oOSRE3reFwJm-m4Pa7ByRXkf3U5gZl068TBDlIozlwDJMsFPdgNPlyoNhHYeagv89MUnr7lON1EZi07GT804MmOFnDS-zjXmwpOWTGbrJy8_qLo-ddJg7nOsmXUCNfv8rVUCrI8D5-Ne4TOhZvf_Tj5P5O6Zhe92m-kMW9JKEwTgp4kmdUriBMOSpUIgGsiZVS2wNYVxKuCt_wK27B-JTc2MXp5v7yv47N7vSeamF3OoGYp42Uk6-tECtw2poma1EVQ6-f8SxuQ7KX7BzMVvVKqZ8ocWd81qFwNE-EO4dRhnmsY5rot7VnxZxAoYBrUh06NtCIJgi7S5KCwD5aUvae2OyjgZlAq6pRnKF_-jntYGAH23L65V6A9LfOGWNizgshnlKJHJQ4VflgGEUoswSmrvj8YXJJMM6S7QW11HrVA-093QsD-ERQxvFbzTPJXO4Y2AobJ_vP9OJdVYgjSazVeWj3PUpsDJpEusjnQxiBNsSLKw5yPWevjTNtzf0zDlEwEN9Kko4TQqzo-JBNWi1iuuag3C-CSX5IJvEqzGbalqVRympeMmL0KhWKWTF1RfUvtzhZnTQpcFCu4MLrwnYtW_FqWXMwZSk_oY8E6qXbjG_pdTNLd9nt9op_aZq9VzZ669culo8DJYhjAXgbXdkqG9K8I-XAzOEzqCYGEZj-0pAkckeUoxMuJ7SMIc6lOyAeIqNcppDO61yXsaVMWArg52DK7YSVBIazuemXLvfgRD3v_YLnD3ASb20cs-B8wYavDGMltVDh6v9sf70VGMijQ4H3O0UZ-84YanOXNGZEBwRwGTMsPhfPqFG2Hi0WJhk7dYRaGb2R-K071UjrtxbmxHDedlcMnUggVselk4pGqWXSO1fp4JY82hrtBux0w0RAmxqOxr16s8gm6pjWS1CJhgdBrJpirA_mBUWq2GGagB_3pWMRItk5R4i2ObC2L4V8TXkxJR_EozMuJqAbFRw0Qn3R-hoHPaSPuEibH5NvTT-YldozH5OvA1ZNU3e4AvfZoVBr7mV6BM4TYrqBVu2hGquUWUjisDhLsNpbBA2eayVSRJbaBoN6JLy8g7Zc5ugBz76zkP-vmUxYzyNrz6qrecfFuEtM&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11716
x-xss-protection
0
server
cafe
etag
11026421231030424798
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:26:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame BA88 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgYIN0pMwoJwLgBYYMlYavDU1hjsh0W8pHTpx3DU9IfDWOHlfXHp3_EV7jlWdq-LyzrY6tRy9SzmzhUZuug_2y5tNARA&cry=1&dbm_d=AKAmf-BsewIJFQtijEmRnCaswSM5sMTCgSk5aJolpGCeDYdAaEhg8YGzW0ReD0rw_sOaFJbu3kucvS3Bp1PRfvgcxZIYiFWyahoWV0lPtTUxaf2AbsdhqJqvu9bBOwsb-JcCHZJdl74DE3v7fY820tDd8i8-IDh_NC_iv035x6HmirK0aqE4bBtuonPNfutpMSd-wtsZT9txe9JWZncmDDx5G26Rnbi8wNeW_ljH-OQXPAYsNfrr-7FEpZl8O_bU5XP1e64AI7agspIn9qZWOM_OK_ltWjMwkOG4HeATE6IGja3SF6anjqp5kJO6qtvkpYzpTEbT0wC4pQloW6YO91wTTv5g-_hHGiYPCqwTIhPlpkqaaZTiRJ7hEX89BFOlyZMk_32Vs4rtb3oGx3C2YyjR2RDGaBds4Eu1yOqeSD81ABBrjc5-6QgHmdg2ox7YkVejv3u66D18UgG80nOTxZksxwATmwN2XCOnTCxxdM0zilhMqgEpjpG3VcRgfuhrUa65K8xHibarrrHb3qi8-w5LVKj0Y-DahvO760WV_0WEJ1tlFwQMUI3G77gUfAUbVZ0WroUYZBdv0_oiyXrB0ZnmGTbHx5WwnjlKEre2W3G_7RdntuOMwSVQfho6tZaOqQjLDPfqrPlQM1TeyGCzfjH95wIGm69PnD7ru0JBV6T3dIq71SOIqazQ1HvH7RNSqZMdXfpByTWweRAvFbSPbdSZRYhdvWJZWexdm4sOnBwYKF2Lw6s_iI1rV7am86aBrqJRO9e4IDHv9jt4g8ANwyBnP4CJf97HCjZUpG17uj8mkSFwexOGj-RoKD2oquXuPxHvnSvD_yinXZyWn7Djt5J0wg5xfjeeZGyOeuW0VQYY2jjnVA6DQaurb25lJJq2qnxYvU0XKuyNhDOWX6s0QFFLcPxGpa_iQAve4VI0P3TdbQH7vrWIM81xZ4d0Tbd7QqyzNuq3dR0AjR8trSuMJeekDJI6q7sjfih7UVA_ttcC6wX6SYZdzwp1ce5wdAuZmFDdGeNFxz2mxYWj-SKSjaa4WmmA5dYIRDXXiITJ6bSHAXyCBzzCcPF8MN1Ul0csZ5FnAx0WrlMy3rpNeqpNRogWlqJeKpdN9rnKfu0FBb5rNCzXK8jHGTEyqBEA6575yKk-FXxsnLCHLmtD9AZM5HjX8VzMIfw8oz06wIP9waGpIcbc8PM3iYP0gRITbszBVHm3AciOUWMXMf8s-UummV9sm-J6TgdU7xv6gNEhxSoFTxP2-iDYjVL3XKzXeNOKllZF8L25IL5_uOVduuTWMnwORApZbqHTh2Fr3vgJ4zxpoY1S_LssK5ouoHJmVkk3JV0nuY83NjqFOUaLCCl_TQb8GymmFfjxjUt3O5BFBo8FVQr1MDUc38PPj5524yXM9iJ1SjmwNq6t10nRnA3CL02BStEhAWBS1jlS_x2j_qAjIoDmTIpVTILa8vxLT48uredbyZGQJUGlXeU1wI9mb4SW_vKz-Slr2Q1QjpFHYr1IKHp5Staib48jb2RP_AsRq5TZ337qmJ2DwXinRBSHq0FQ46XODbtfeDYNs_3_DFGgU-YOrhB_5G1aoiuVZhQr2tXUgENy8Nt3YzpM8MLB-kcSgozRwuDikR6x_dmZ-ceWanZw8aEEbWB7vlnQnbaxoGv6BlN2D3Eu60em-WGlyp9-Pw_IRQ-gSU3V2Q0u-PFwlmr0IkaqJffJPOX4PW-5okQBE96iTPCueUbvRSAE5iM-01kA6J2M5bY3f7Ub0Ky_Zb5UYYw0ub0A-0PDY0lgW6OPUDlqdOtWJY50pxvkbQoKFmj7b-Ieb4FdRHvg9Z-w_4kQf4GGm-UcBlp9kIl4aOoC5qYn0FT8B4y33727f-4GkAUiv43cf5EVJZA_gy-fwtm_4swEN4a_3Aag4LCGtr46wXJlgXcZhvUNohOJayAluEy0Wmt4aZoPgShEjkUdb7cVM5zGNkf8tQrhmKZPlPjmc7HKWfWEnHZ5tg7ykXSgjF_IzMeW9LwQwBSGlzX6a5ETXCZXRdVONwemYnhS5O4X1UM-XHNpcgvzwT29SXUjnW55d0yeEpmrg-dhaMvnCcOLOkNUJFUmxM0iVTmHM61sWoZWvIL901O2F3DIgGsz9oOSRE3reFwJm-m4Pa7ByRXkf3U5gZl068TBDlIozlwDJMsFPdgNPlyoNhHYeagv89MUnr7lON1EZi07GT804MmOFnDS-zjXmwpOWTGbrJy8_qLo-ddJg7nOsmXUCNfv8rVUCrI8D5-Ne4TOhZvf_Tj5P5O6Zhe92m-kMW9JKEwTgp4kmdUriBMOSpUIgGsiZVS2wNYVxKuCt_wK27B-JTc2MXp5v7yv47N7vSeamF3OoGYp42Uk6-tECtw2poma1EVQ6-f8SxuQ7KX7BzMVvVKqZ8ocWd81qFwNE-EO4dRhnmsY5rot7VnxZxAoYBrUh06NtCIJgi7S5KCwD5aUvae2OyjgZlAq6pRnKF_-jntYGAH23L65V6A9LfOGWNizgshnlKJHJQ4VflgGEUoswSmrvj8YXJJMM6S7QW11HrVA-093QsD-ERQxvFbzTPJXO4Y2AobJ_vP9OJdVYgjSazVeWj3PUpsDJpEusjnQxiBNsSLKw5yPWevjTNtzf0zDlEwEN9Kko4TQqzo-JBNWi1iuuag3C-CSX5IJvEqzGbalqVRympeMmL0KhWKWTF1RfUvtzhZnTQpcFCu4MLrwnYtW_FqWXMwZSk_oY8E6qXbjG_pdTNLd9nt9op_aZq9VzZ669culo8DJYhjAXgbXdkqG9K8I-XAzOEzqCYGEZj-0pAkckeUoxMuJ7SMIc6lOyAeIqNcppDO61yXsaVMWArg52DK7YSVBIazuemXLvfgRD3v_YLnD3ASb20cs-B8wYavDGMltVDh6v9sf70VGMijQ4H3O0UZ-84YanOXNGZEBwRwGTMsPhfPqFG2Hi0WJhk7dYRaGb2R-K071UjrtxbmxHDedlcMnUggVselk4pGqWXSO1fp4JY82hrtBux0w0RAmxqOxr16s8gm6pjWS1CJhgdBrJpirA_mBUWq2GGagB_3pWMRItk5R4i2ObC2L4V8TXkxJR_EozMuJqAbFRw0Qn3R-hoHPaSPuEibH5NvTT-YldozH5OvA1ZNU3e4AvfZoVBr7mV6BM4TYrqBVu2hGquUWUjisDhLsNpbBA2eayVSRJbaBoN6JLy8g7Zc5ugBz76zkP-vmUxYzyNrz6qrecfFuEtM&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:24:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BA88 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFFRKoX3_DDpiZweVQMaaZMwVFD6vSxzwsgbhvzHMm7bCEdRr56KQD15ZkMupkzIwLmg8Op3d-k8WMLH6ofshlVLSmAXAuAIMEkbjXUxr7f-uo3O39k-jhmxSoe_IwuX6N3AE07evnLDgWERf3gqoTsVAvjoMJCF8Wdp6geePqDpGYMCqXInVwIWj3FTrZio6LVNhITahZ8yiosiPHJ0eV9Cu1dHJI0WrVKlgUMMggxbbGLzWOl51CD_dS3PAc877efZ7QMhi3DpaF8Jn8Sy1bhOmfRHb49ldMna8yels6zNKuelSy8237CRQgHbXkGSK2pNbz4cvrmOQL12RM1wN7zRsnM2T_ol6NNAt9EcJZ1LLwCFP8Bmmu_e4vB2_Yc1-qe8HMQtZ09HWhZ6Zbz-V5imahF5Zig1XiXBdoTn7hcP1V4po4j66fYqDYCoNIwmTfsr8AGLeYKNDK1yDCYoMKtx2crofFVA_YwVMzkC_0cHOTcMN4AgCMRAcov0QvfWGK6sl3fsr9A6x1PYAOcdPyH7M5SwwXFyR-wZp2ZyB5_tMQnIhbL5e1GsTtGB_BFuYGXqwExJUy-CZ24BxcJ5amuzRDUee2ZrhzKPiNNvT6lY6nBdd5bsGe0zIQ9pOaYapiVUaHUvp3bO1FrPI7smxrwfQ0xPxl3UouQOeUfG1ZDlMcoD6OWRVVq3xfPqWFnb-YzqeN2vuWvj0hODQ3chElmDcHnMGA4gMCfBSyB6OFhHK8Gv4pAY_zghsH45lBmrhqV5OzT5viv5miG396JD3e7aY-rfz0FB842v09cFsuy6BOkCnfe0-bNXhDN5DT2a8zRL3LOnXH1gvoBOKQ1CTw3jsWgG2hetH-mT1ouElr9fqMVEgb5gB6wjkhNA-pWfMC79I3gTi4EzeKkpofaHp_ezCcxBcLA0zyZlImOOTFvht0a4-EWhoJC8MNPUj_mD6-jNE6bZ_NhT3oygGMN9F2dcXwxN_5wS3XOh2IwsWyuZaSig81BcWqtzvNoeaKdCzD_TbmguCBccOSjvC6RoyOgMj_jM_xiP9wdh3dwGrctwQNNrP1Y7tjdRz_B5dPslwyZz5AcQIUzgeSHoW42BM3Na26cmuz9dRe8Gzs_9rWALULxrxRG7W7suYz6h_U32Vhn17yXB4rZ5_wZDhpzhgV7x0-Xcpd3yNEYV2nJlO856yVG9M2WIW0GdnzUR6UqQThTPp3tuWwGLh9Ew7W&sai=AMfl-YSa-d2_rSE5jJblJMJvBW-pCEhozg3t_F1Xk3jSmLWAomsneecSg9Fx7BVlEOvWBYDLQRECTA9IcGzSxLs1Ci9pDXP1ZlBJopGUoRA8kK6zpMzLkzctt8dOrx1yFQj2i__AE5g-fimHqQmBYsT4jKyTrLrtC7kXUK3h2JygWR5QK8pUpFrp-v_tVjJ--bj7v5iJHghE33tj0FZHUv3q_WRkDZdYfqI&sig=Cg0ArKJSzDWUzviS0VsIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220912.41928&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgYIN0pMwoJwLgBYYMlYavDU1hjsh0W8pHTpx3DU9IfDWOHlfXHp3_EV7jlWdq-LyzrY6tRy9SzmzhUZuug_2y5tNARA&cry=1&dbm_d=AKAmf-BsewIJFQtijEmRnCaswSM5sMTCgSk5aJolpGCeDYdAaEhg8YGzW0ReD0rw_sOaFJbu3kucvS3Bp1PRfvgcxZIYiFWyahoWV0lPtTUxaf2AbsdhqJqvu9bBOwsb-JcCHZJdl74DE3v7fY820tDd8i8-IDh_NC_iv035x6HmirK0aqE4bBtuonPNfutpMSd-wtsZT9txe9JWZncmDDx5G26Rnbi8wNeW_ljH-OQXPAYsNfrr-7FEpZl8O_bU5XP1e64AI7agspIn9qZWOM_OK_ltWjMwkOG4HeATE6IGja3SF6anjqp5kJO6qtvkpYzpTEbT0wC4pQloW6YO91wTTv5g-_hHGiYPCqwTIhPlpkqaaZTiRJ7hEX89BFOlyZMk_32Vs4rtb3oGx3C2YyjR2RDGaBds4Eu1yOqeSD81ABBrjc5-6QgHmdg2ox7YkVejv3u66D18UgG80nOTxZksxwATmwN2XCOnTCxxdM0zilhMqgEpjpG3VcRgfuhrUa65K8xHibarrrHb3qi8-w5LVKj0Y-DahvO760WV_0WEJ1tlFwQMUI3G77gUfAUbVZ0WroUYZBdv0_oiyXrB0ZnmGTbHx5WwnjlKEre2W3G_7RdntuOMwSVQfho6tZaOqQjLDPfqrPlQM1TeyGCzfjH95wIGm69PnD7ru0JBV6T3dIq71SOIqazQ1HvH7RNSqZMdXfpByTWweRAvFbSPbdSZRYhdvWJZWexdm4sOnBwYKF2Lw6s_iI1rV7am86aBrqJRO9e4IDHv9jt4g8ANwyBnP4CJf97HCjZUpG17uj8mkSFwexOGj-RoKD2oquXuPxHvnSvD_yinXZyWn7Djt5J0wg5xfjeeZGyOeuW0VQYY2jjnVA6DQaurb25lJJq2qnxYvU0XKuyNhDOWX6s0QFFLcPxGpa_iQAve4VI0P3TdbQH7vrWIM81xZ4d0Tbd7QqyzNuq3dR0AjR8trSuMJeekDJI6q7sjfih7UVA_ttcC6wX6SYZdzwp1ce5wdAuZmFDdGeNFxz2mxYWj-SKSjaa4WmmA5dYIRDXXiITJ6bSHAXyCBzzCcPF8MN1Ul0csZ5FnAx0WrlMy3rpNeqpNRogWlqJeKpdN9rnKfu0FBb5rNCzXK8jHGTEyqBEA6575yKk-FXxsnLCHLmtD9AZM5HjX8VzMIfw8oz06wIP9waGpIcbc8PM3iYP0gRITbszBVHm3AciOUWMXMf8s-UummV9sm-J6TgdU7xv6gNEhxSoFTxP2-iDYjVL3XKzXeNOKllZF8L25IL5_uOVduuTWMnwORApZbqHTh2Fr3vgJ4zxpoY1S_LssK5ouoHJmVkk3JV0nuY83NjqFOUaLCCl_TQb8GymmFfjxjUt3O5BFBo8FVQr1MDUc38PPj5524yXM9iJ1SjmwNq6t10nRnA3CL02BStEhAWBS1jlS_x2j_qAjIoDmTIpVTILa8vxLT48uredbyZGQJUGlXeU1wI9mb4SW_vKz-Slr2Q1QjpFHYr1IKHp5Staib48jb2RP_AsRq5TZ337qmJ2DwXinRBSHq0FQ46XODbtfeDYNs_3_DFGgU-YOrhB_5G1aoiuVZhQr2tXUgENy8Nt3YzpM8MLB-kcSgozRwuDikR6x_dmZ-ceWanZw8aEEbWB7vlnQnbaxoGv6BlN2D3Eu60em-WGlyp9-Pw_IRQ-gSU3V2Q0u-PFwlmr0IkaqJffJPOX4PW-5okQBE96iTPCueUbvRSAE5iM-01kA6J2M5bY3f7Ub0Ky_Zb5UYYw0ub0A-0PDY0lgW6OPUDlqdOtWJY50pxvkbQoKFmj7b-Ieb4FdRHvg9Z-w_4kQf4GGm-UcBlp9kIl4aOoC5qYn0FT8B4y33727f-4GkAUiv43cf5EVJZA_gy-fwtm_4swEN4a_3Aag4LCGtr46wXJlgXcZhvUNohOJayAluEy0Wmt4aZoPgShEjkUdb7cVM5zGNkf8tQrhmKZPlPjmc7HKWfWEnHZ5tg7ykXSgjF_IzMeW9LwQwBSGlzX6a5ETXCZXRdVONwemYnhS5O4X1UM-XHNpcgvzwT29SXUjnW55d0yeEpmrg-dhaMvnCcOLOkNUJFUmxM0iVTmHM61sWoZWvIL901O2F3DIgGsz9oOSRE3reFwJm-m4Pa7ByRXkf3U5gZl068TBDlIozlwDJMsFPdgNPlyoNhHYeagv89MUnr7lON1EZi07GT804MmOFnDS-zjXmwpOWTGbrJy8_qLo-ddJg7nOsmXUCNfv8rVUCrI8D5-Ne4TOhZvf_Tj5P5O6Zhe92m-kMW9JKEwTgp4kmdUriBMOSpUIgGsiZVS2wNYVxKuCt_wK27B-JTc2MXp5v7yv47N7vSeamF3OoGYp42Uk6-tECtw2poma1EVQ6-f8SxuQ7KX7BzMVvVKqZ8ocWd81qFwNE-EO4dRhnmsY5rot7VnxZxAoYBrUh06NtCIJgi7S5KCwD5aUvae2OyjgZlAq6pRnKF_-jntYGAH23L65V6A9LfOGWNizgshnlKJHJQ4VflgGEUoswSmrvj8YXJJMM6S7QW11HrVA-093QsD-ERQxvFbzTPJXO4Y2AobJ_vP9OJdVYgjSazVeWj3PUpsDJpEusjnQxiBNsSLKw5yPWevjTNtzf0zDlEwEN9Kko4TQqzo-JBNWi1iuuag3C-CSX5IJvEqzGbalqVRympeMmL0KhWKWTF1RfUvtzhZnTQpcFCu4MLrwnYtW_FqWXMwZSk_oY8E6qXbjG_pdTNLd9nt9op_aZq9VzZ669culo8DJYhjAXgbXdkqG9K8I-XAzOEzqCYGEZj-0pAkckeUoxMuJ7SMIc6lOyAeIqNcppDO61yXsaVMWArg52DK7YSVBIazuemXLvfgRD3v_YLnD3ASb20cs-B8wYavDGMltVDh6v9sf70VGMijQ4H3O0UZ-84YanOXNGZEBwRwGTMsPhfPqFG2Hi0WJhk7dYRaGb2R-K071UjrtxbmxHDedlcMnUggVselk4pGqWXSO1fp4JY82hrtBux0w0RAmxqOxr16s8gm6pjWS1CJhgdBrJpirA_mBUWq2GGagB_3pWMRItk5R4i2ObC2L4V8TXkxJR_EozMuJqAbFRw0Qn3R-hoHPaSPuEibH5NvTT-YldozH5OvA1ZNU3e4AvfZoVBr7mV6BM4TYrqBVu2hGquUWUjisDhLsNpbBA2eayVSRJbaBoN6JLy8g7Zc5ugBz76zkP-vmUxYzyNrz6qrecfFuEtM&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 15 Sep 2022 13:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame BA88 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgYIN0pMwoJwLgBYYMlYavDU1hjsh0W8pHTpx3DU9IfDWOHlfXHp3_EV7jlWdq-LyzrY6tRy9SzmzhUZuug_2y5tNARA&cry=1&dbm_d=AKAmf-BsewIJFQtijEmRnCaswSM5sMTCgSk5aJolpGCeDYdAaEhg8YGzW0ReD0rw_sOaFJbu3kucvS3Bp1PRfvgcxZIYiFWyahoWV0lPtTUxaf2AbsdhqJqvu9bBOwsb-JcCHZJdl74DE3v7fY820tDd8i8-IDh_NC_iv035x6HmirK0aqE4bBtuonPNfutpMSd-wtsZT9txe9JWZncmDDx5G26Rnbi8wNeW_ljH-OQXPAYsNfrr-7FEpZl8O_bU5XP1e64AI7agspIn9qZWOM_OK_ltWjMwkOG4HeATE6IGja3SF6anjqp5kJO6qtvkpYzpTEbT0wC4pQloW6YO91wTTv5g-_hHGiYPCqwTIhPlpkqaaZTiRJ7hEX89BFOlyZMk_32Vs4rtb3oGx3C2YyjR2RDGaBds4Eu1yOqeSD81ABBrjc5-6QgHmdg2ox7YkVejv3u66D18UgG80nOTxZksxwATmwN2XCOnTCxxdM0zilhMqgEpjpG3VcRgfuhrUa65K8xHibarrrHb3qi8-w5LVKj0Y-DahvO760WV_0WEJ1tlFwQMUI3G77gUfAUbVZ0WroUYZBdv0_oiyXrB0ZnmGTbHx5WwnjlKEre2W3G_7RdntuOMwSVQfho6tZaOqQjLDPfqrPlQM1TeyGCzfjH95wIGm69PnD7ru0JBV6T3dIq71SOIqazQ1HvH7RNSqZMdXfpByTWweRAvFbSPbdSZRYhdvWJZWexdm4sOnBwYKF2Lw6s_iI1rV7am86aBrqJRO9e4IDHv9jt4g8ANwyBnP4CJf97HCjZUpG17uj8mkSFwexOGj-RoKD2oquXuPxHvnSvD_yinXZyWn7Djt5J0wg5xfjeeZGyOeuW0VQYY2jjnVA6DQaurb25lJJq2qnxYvU0XKuyNhDOWX6s0QFFLcPxGpa_iQAve4VI0P3TdbQH7vrWIM81xZ4d0Tbd7QqyzNuq3dR0AjR8trSuMJeekDJI6q7sjfih7UVA_ttcC6wX6SYZdzwp1ce5wdAuZmFDdGeNFxz2mxYWj-SKSjaa4WmmA5dYIRDXXiITJ6bSHAXyCBzzCcPF8MN1Ul0csZ5FnAx0WrlMy3rpNeqpNRogWlqJeKpdN9rnKfu0FBb5rNCzXK8jHGTEyqBEA6575yKk-FXxsnLCHLmtD9AZM5HjX8VzMIfw8oz06wIP9waGpIcbc8PM3iYP0gRITbszBVHm3AciOUWMXMf8s-UummV9sm-J6TgdU7xv6gNEhxSoFTxP2-iDYjVL3XKzXeNOKllZF8L25IL5_uOVduuTWMnwORApZbqHTh2Fr3vgJ4zxpoY1S_LssK5ouoHJmVkk3JV0nuY83NjqFOUaLCCl_TQb8GymmFfjxjUt3O5BFBo8FVQr1MDUc38PPj5524yXM9iJ1SjmwNq6t10nRnA3CL02BStEhAWBS1jlS_x2j_qAjIoDmTIpVTILa8vxLT48uredbyZGQJUGlXeU1wI9mb4SW_vKz-Slr2Q1QjpFHYr1IKHp5Staib48jb2RP_AsRq5TZ337qmJ2DwXinRBSHq0FQ46XODbtfeDYNs_3_DFGgU-YOrhB_5G1aoiuVZhQr2tXUgENy8Nt3YzpM8MLB-kcSgozRwuDikR6x_dmZ-ceWanZw8aEEbWB7vlnQnbaxoGv6BlN2D3Eu60em-WGlyp9-Pw_IRQ-gSU3V2Q0u-PFwlmr0IkaqJffJPOX4PW-5okQBE96iTPCueUbvRSAE5iM-01kA6J2M5bY3f7Ub0Ky_Zb5UYYw0ub0A-0PDY0lgW6OPUDlqdOtWJY50pxvkbQoKFmj7b-Ieb4FdRHvg9Z-w_4kQf4GGm-UcBlp9kIl4aOoC5qYn0FT8B4y33727f-4GkAUiv43cf5EVJZA_gy-fwtm_4swEN4a_3Aag4LCGtr46wXJlgXcZhvUNohOJayAluEy0Wmt4aZoPgShEjkUdb7cVM5zGNkf8tQrhmKZPlPjmc7HKWfWEnHZ5tg7ykXSgjF_IzMeW9LwQwBSGlzX6a5ETXCZXRdVONwemYnhS5O4X1UM-XHNpcgvzwT29SXUjnW55d0yeEpmrg-dhaMvnCcOLOkNUJFUmxM0iVTmHM61sWoZWvIL901O2F3DIgGsz9oOSRE3reFwJm-m4Pa7ByRXkf3U5gZl068TBDlIozlwDJMsFPdgNPlyoNhHYeagv89MUnr7lON1EZi07GT804MmOFnDS-zjXmwpOWTGbrJy8_qLo-ddJg7nOsmXUCNfv8rVUCrI8D5-Ne4TOhZvf_Tj5P5O6Zhe92m-kMW9JKEwTgp4kmdUriBMOSpUIgGsiZVS2wNYVxKuCt_wK27B-JTc2MXp5v7yv47N7vSeamF3OoGYp42Uk6-tECtw2poma1EVQ6-f8SxuQ7KX7BzMVvVKqZ8ocWd81qFwNE-EO4dRhnmsY5rot7VnxZxAoYBrUh06NtCIJgi7S5KCwD5aUvae2OyjgZlAq6pRnKF_-jntYGAH23L65V6A9LfOGWNizgshnlKJHJQ4VflgGEUoswSmrvj8YXJJMM6S7QW11HrVA-093QsD-ERQxvFbzTPJXO4Y2AobJ_vP9OJdVYgjSazVeWj3PUpsDJpEusjnQxiBNsSLKw5yPWevjTNtzf0zDlEwEN9Kko4TQqzo-JBNWi1iuuag3C-CSX5IJvEqzGbalqVRympeMmL0KhWKWTF1RfUvtzhZnTQpcFCu4MLrwnYtW_FqWXMwZSk_oY8E6qXbjG_pdTNLd9nt9op_aZq9VzZ669culo8DJYhjAXgbXdkqG9K8I-XAzOEzqCYGEZj-0pAkckeUoxMuJ7SMIc6lOyAeIqNcppDO61yXsaVMWArg52DK7YSVBIazuemXLvfgRD3v_YLnD3ASb20cs-B8wYavDGMltVDh6v9sf70VGMijQ4H3O0UZ-84YanOXNGZEBwRwGTMsPhfPqFG2Hi0WJhk7dYRaGb2R-K071UjrtxbmxHDedlcMnUggVselk4pGqWXSO1fp4JY82hrtBux0w0RAmxqOxr16s8gm6pjWS1CJhgdBrJpirA_mBUWq2GGagB_3pWMRItk5R4i2ObC2L4V8TXkxJR_EozMuJqAbFRw0Qn3R-hoHPaSPuEibH5NvTT-YldozH5OvA1ZNU3e4AvfZoVBr7mV6BM4TYrqBVu2hGquUWUjisDhLsNpbBA2eayVSRJbaBoN6JLy8g7Zc5ugBz76zkP-vmUxYzyNrz6qrecfFuEtM&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:59f::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ea9878db622a55c5e1440e5c5a11b2e7281180ff83805c21f3b2b83cbd7d1c44

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 13:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 10:17:42 GMT
Server
Microsoft-IIS/10.0
ETag
"067d263ecc8d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3315
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BA88 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgYIN0pMwoJwLgBYYMlYavDU1hjsh0W8pHTpx3DU9IfDWOHlfXHp3_EV7jlWdq-LyzrY6tRy9SzmzhUZuug_2y5tNARA&cry=1&dbm_d=AKAmf-BsewIJFQtijEmRnCaswSM5sMTCgSk5aJolpGCeDYdAaEhg8YGzW0ReD0rw_sOaFJbu3kucvS3Bp1PRfvgcxZIYiFWyahoWV0lPtTUxaf2AbsdhqJqvu9bBOwsb-JcCHZJdl74DE3v7fY820tDd8i8-IDh_NC_iv035x6HmirK0aqE4bBtuonPNfutpMSd-wtsZT9txe9JWZncmDDx5G26Rnbi8wNeW_ljH-OQXPAYsNfrr-7FEpZl8O_bU5XP1e64AI7agspIn9qZWOM_OK_ltWjMwkOG4HeATE6IGja3SF6anjqp5kJO6qtvkpYzpTEbT0wC4pQloW6YO91wTTv5g-_hHGiYPCqwTIhPlpkqaaZTiRJ7hEX89BFOlyZMk_32Vs4rtb3oGx3C2YyjR2RDGaBds4Eu1yOqeSD81ABBrjc5-6QgHmdg2ox7YkVejv3u66D18UgG80nOTxZksxwATmwN2XCOnTCxxdM0zilhMqgEpjpG3VcRgfuhrUa65K8xHibarrrHb3qi8-w5LVKj0Y-DahvO760WV_0WEJ1tlFwQMUI3G77gUfAUbVZ0WroUYZBdv0_oiyXrB0ZnmGTbHx5WwnjlKEre2W3G_7RdntuOMwSVQfho6tZaOqQjLDPfqrPlQM1TeyGCzfjH95wIGm69PnD7ru0JBV6T3dIq71SOIqazQ1HvH7RNSqZMdXfpByTWweRAvFbSPbdSZRYhdvWJZWexdm4sOnBwYKF2Lw6s_iI1rV7am86aBrqJRO9e4IDHv9jt4g8ANwyBnP4CJf97HCjZUpG17uj8mkSFwexOGj-RoKD2oquXuPxHvnSvD_yinXZyWn7Djt5J0wg5xfjeeZGyOeuW0VQYY2jjnVA6DQaurb25lJJq2qnxYvU0XKuyNhDOWX6s0QFFLcPxGpa_iQAve4VI0P3TdbQH7vrWIM81xZ4d0Tbd7QqyzNuq3dR0AjR8trSuMJeekDJI6q7sjfih7UVA_ttcC6wX6SYZdzwp1ce5wdAuZmFDdGeNFxz2mxYWj-SKSjaa4WmmA5dYIRDXXiITJ6bSHAXyCBzzCcPF8MN1Ul0csZ5FnAx0WrlMy3rpNeqpNRogWlqJeKpdN9rnKfu0FBb5rNCzXK8jHGTEyqBEA6575yKk-FXxsnLCHLmtD9AZM5HjX8VzMIfw8oz06wIP9waGpIcbc8PM3iYP0gRITbszBVHm3AciOUWMXMf8s-UummV9sm-J6TgdU7xv6gNEhxSoFTxP2-iDYjVL3XKzXeNOKllZF8L25IL5_uOVduuTWMnwORApZbqHTh2Fr3vgJ4zxpoY1S_LssK5ouoHJmVkk3JV0nuY83NjqFOUaLCCl_TQb8GymmFfjxjUt3O5BFBo8FVQr1MDUc38PPj5524yXM9iJ1SjmwNq6t10nRnA3CL02BStEhAWBS1jlS_x2j_qAjIoDmTIpVTILa8vxLT48uredbyZGQJUGlXeU1wI9mb4SW_vKz-Slr2Q1QjpFHYr1IKHp5Staib48jb2RP_AsRq5TZ337qmJ2DwXinRBSHq0FQ46XODbtfeDYNs_3_DFGgU-YOrhB_5G1aoiuVZhQr2tXUgENy8Nt3YzpM8MLB-kcSgozRwuDikR6x_dmZ-ceWanZw8aEEbWB7vlnQnbaxoGv6BlN2D3Eu60em-WGlyp9-Pw_IRQ-gSU3V2Q0u-PFwlmr0IkaqJffJPOX4PW-5okQBE96iTPCueUbvRSAE5iM-01kA6J2M5bY3f7Ub0Ky_Zb5UYYw0ub0A-0PDY0lgW6OPUDlqdOtWJY50pxvkbQoKFmj7b-Ieb4FdRHvg9Z-w_4kQf4GGm-UcBlp9kIl4aOoC5qYn0FT8B4y33727f-4GkAUiv43cf5EVJZA_gy-fwtm_4swEN4a_3Aag4LCGtr46wXJlgXcZhvUNohOJayAluEy0Wmt4aZoPgShEjkUdb7cVM5zGNkf8tQrhmKZPlPjmc7HKWfWEnHZ5tg7ykXSgjF_IzMeW9LwQwBSGlzX6a5ETXCZXRdVONwemYnhS5O4X1UM-XHNpcgvzwT29SXUjnW55d0yeEpmrg-dhaMvnCcOLOkNUJFUmxM0iVTmHM61sWoZWvIL901O2F3DIgGsz9oOSRE3reFwJm-m4Pa7ByRXkf3U5gZl068TBDlIozlwDJMsFPdgNPlyoNhHYeagv89MUnr7lON1EZi07GT804MmOFnDS-zjXmwpOWTGbrJy8_qLo-ddJg7nOsmXUCNfv8rVUCrI8D5-Ne4TOhZvf_Tj5P5O6Zhe92m-kMW9JKEwTgp4kmdUriBMOSpUIgGsiZVS2wNYVxKuCt_wK27B-JTc2MXp5v7yv47N7vSeamF3OoGYp42Uk6-tECtw2poma1EVQ6-f8SxuQ7KX7BzMVvVKqZ8ocWd81qFwNE-EO4dRhnmsY5rot7VnxZxAoYBrUh06NtCIJgi7S5KCwD5aUvae2OyjgZlAq6pRnKF_-jntYGAH23L65V6A9LfOGWNizgshnlKJHJQ4VflgGEUoswSmrvj8YXJJMM6S7QW11HrVA-093QsD-ERQxvFbzTPJXO4Y2AobJ_vP9OJdVYgjSazVeWj3PUpsDJpEusjnQxiBNsSLKw5yPWevjTNtzf0zDlEwEN9Kko4TQqzo-JBNWi1iuuag3C-CSX5IJvEqzGbalqVRympeMmL0KhWKWTF1RfUvtzhZnTQpcFCu4MLrwnYtW_FqWXMwZSk_oY8E6qXbjG_pdTNLd9nt9op_aZq9VzZ669culo8DJYhjAXgbXdkqG9K8I-XAzOEzqCYGEZj-0pAkckeUoxMuJ7SMIc6lOyAeIqNcppDO61yXsaVMWArg52DK7YSVBIazuemXLvfgRD3v_YLnD3ASb20cs-B8wYavDGMltVDh6v9sf70VGMijQ4H3O0UZ-84YanOXNGZEBwRwGTMsPhfPqFG2Hi0WJhk7dYRaGb2R-K071UjrtxbmxHDedlcMnUggVselk4pGqWXSO1fp4JY82hrtBux0w0RAmxqOxr16s8gm6pjWS1CJhgdBrJpirA_mBUWq2GGagB_3pWMRItk5R4i2ObC2L4V8TXkxJR_EozMuJqAbFRw0Qn3R-hoHPaSPuEibH5NvTT-YldozH5OvA1ZNU3e4AvfZoVBr7mV6BM4TYrqBVu2hGquUWUjisDhLsNpbBA2eayVSRJbaBoN6JLy8g7Zc5ugBz76zkP-vmUxYzyNrz6qrecfFuEtM&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 16:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 16:41:18 GMT
3360411224730920845
s0.2mdn.net/simgad/ Frame BA88 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3360411224730920845
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0d17ee87413179ec98bddcd17de6c5334a8d9902390d0725bcb8efd4a9c25dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:56:35 GMT
x-content-type-options
nosniff
age
232212
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119180
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 15:05:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 20:56:35 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E1C6 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360&iu=%2F7326%2C22597733940%2Ffr.sendtonews_nhl.web&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.habsetlnh.com%2F&description_url=https%3A%2F%2Fwww.sendtonews.com%2F&cust_params=stn_sport%3Dstnnhl%26stn_site%3Dhabsetlnh.com&correlator=1230791390890522&vconp=2&vpa=auto&vpmute=1&sdkv=h.3.530.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=false&gdpr=0&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.530.1&sid=9EB26978-F5AE-42CD-B51A-F552F6B9CC80&nel=0&eid=44748969%2C44754420%2C44760950%2C44765701&dlt=1663248404826&idt=1413&dt=1663248407120&cookie_enabled=1&scor=3619730531690050&fbidx=-1&ged=ve4_td2_tt1_pd2_la2000_er475.130.700.530_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D275
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzMzVPREMtMUItNDhZMg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzMzVPREMtMUItNDhZMg==
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgzMzVPREMtMUItNDhZMg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D275
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ouvTgY7Ktg8yyb-e-8Ii9cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8261881613525723844
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8261881613525723844
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif

Redirect headers

date
Thu, 15 Sep 2022 13:26:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8261881613525723844
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
dcm
aax-eu.amazon-adsystem.com/s/ Frame D275 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:47 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
V0SF8GGJXQPG617V5CN5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame D275
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8335ODC-1B-48Y2
0
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8335ODC-1B-48Y2
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:46 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 50CF30FA1A00405FA8978B95704345FF Ref B: YTO01EDGE0710 Ref C: 2022-09-15T13:26:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXotzJ/DVyPKIr5T3eqdw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8335ODC-1B-48Y2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D275
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGJkNGE0NzYwYTc5NzM3MGRmNTkxNzVjMzAxYzRlYmVlMjlkZTg2NA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGJkNGE0NzYwYTc5NzM3MGRmNTkxNzVjMzAxYzRlYmVlMjlkZTg2NA
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGJkNGE0NzYwYTc5NzM3MGRmNTkxNzVjMzAxYzRlYmVlMjlkZTg2NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D275
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ed3c8bd3-4667-43c0-99a6-69a472397389&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame D275
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQQSWrFmH-Wid0ifbCALo8&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQQSWrFmH-Wid0ifbCALo8&google_cver=1
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQQSWrFmH-Wid0ifbCALo8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame D275
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=71EciXJfS8iQCBQK3lUYxA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=71EciXJfS8iQCBQK3lUYxA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=71EciXJfS8iQCBQK3lUYxA
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:47 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
J13PMENAQ7N3TGMTHFFM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=71EciXJfS8iQCBQK3lUYxA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=439985953251746&ev=Microdata&dl=https%3A%2F%2Fwww.habsetlnh.com%2F&rl=&if=false&ts=1663248407137&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22La%20r%C3%A9f%C3%A9rence%20du%20hockey%20%7C%20Chroniques%20et%20vid%C3%A9os%20-%20HabsEtLNH.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.81&r=stable&ec=1&o=30&fbp=fb.1.1663248405539.1551174894&it=1663248405259&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 15 Sep 2022 13:26:47 GMT
container.html
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD7C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
Fri, 15 Sep 2023 13:26:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0620 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:46 GMT
expires
Fri, 15 Sep 2023 13:26:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BA88 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFFRKoX3_DDpiZweVQMaaZMwVFD6vSxzwsgbhvzHMm7bCEdRr56KQD15ZkMupkzIwLmg8Op3d-k8WMLH6ofshlVLSmAXAuAIMEkbjXUxr7f-uo3O39k-jhmxSoe_IwuX6N3AE07evnLDgWERf3gqoTsVAvjoMJCF8Wdp6geePqDpGYMCqXInVwIWj3FTrZio6LVNhITahZ8yiosiPHJ0eV9Cu1dHJI0WrVKlgUMMggxbbGLzWOl51CD_dS3PAc877efZ7QMhi3DpaF8Jn8Sy1bhOmfRHb49ldMna8yels6zNKuelSy8237CRQgHbXkGSK2pNbz4cvrmOQL12RM1wN7zRsnM2T_ol6NNAt9EcJZ1LLwCFP8Bmmu_e4vB2_Yc1-qe8HMQtZ09HWhZ6Zbz-V5imahF5Zig1XiXBdoTn7hcP1V4po4j66fYqDYCoNIwmTfsr8AGLeYKNDK1yDCYoMKtx2crofFVA_YwVMzkC_0cHOTcMN4AgCMRAcov0QvfWGK6sl3fsr9A6x1PYAOcdPyH7M5SwwXFyR-wZp2ZyB5_tMQnIhbL5e1GsTtGB_BFuYGXqwExJUy-CZ24BxcJ5amuzRDUee2ZrhzKPiNNvT6lY6nBdd5bsGe0zIQ9pOaYapiVUaHUvp3bO1FrPI7smxrwfQ0xPxl3UouQOeUfG1ZDlMcoD6OWRVVq3xfPqWFnb-YzqeN2vuWvj0hODQ3chElmDcHnMGA4gMCfBSyB6OFhHK8Gv4pAY_zghsH45lBmrhqV5OzT5viv5miG396JD3e7aY-rfz0FB842v09cFsuy6BOkCnfe0-bNXhDN5DT2a8zRL3LOnXH1gvoBOKQ1CTw3jsWgG2hetH-mT1ouElr9fqMVEgb5gB6wjkhNA-pWfMC79I3gTi4EzeKkpofaHp_ezCcxBcLA0zyZlImOOTFvht0a4-EWhoJC8MNPUj_mD6-jNE6bZ_NhT3oygGMN9F2dcXwxN_5wS3XOh2IwsWyuZaSig81BcWqtzvNoeaKdCzD_TbmguCBccOSjvC6RoyOgMj_jM_xiP9wdh3dwGrctwQNNrP1Y7tjdRz_B5dPslwyZz5AcQIUzgeSHoW42BM3Na26cmuz9dRe8Gzs_9rWALULxrxRG7W7suYz6h_U32Vhn17yXB4rZ5_wZDhpzhgV7x0-Xcpd3yNEYV2nJlO856yVG9M2WIW0GdnzUR6UqQThTPp3tuWwGLh9Ew7W&sai=AMfl-YSa-d2_rSE5jJblJMJvBW-pCEhozg3t_F1Xk3jSmLWAomsneecSg9Fx7BVlEOvWBYDLQRECTA9IcGzSxLs1Ci9pDXP1ZlBJopGUoRA8kK6zpMzLkzctt8dOrx1yFQj2i__AE5g-fimHqQmBYsT4jKyTrLrtC7kXUK3h2JygWR5QK8pUpFrp-v_tVjJ--bj7v5iJHghE33tj0FZHUv3q_WRkDZdYfqI&sig=Cg0ArKJSzDWUzviS0VsIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=120&vt=11&dtpt=119&dett=2&cstd=0&cisv=r20220912.41928&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgYIN0pMwoJwLgBYYMlYavDU1hjsh0W8pHTpx3DU9IfDWOHlfXHp3_EV7jlWdq-LyzrY6tRy9SzmzhUZuug_2y5tNARA&cry=1&dbm_d=AKAmf-BsewIJFQtijEmRnCaswSM5sMTCgSk5aJolpGCeDYdAaEhg8YGzW0ReD0rw_sOaFJbu3kucvS3Bp1PRfvgcxZIYiFWyahoWV0lPtTUxaf2AbsdhqJqvu9bBOwsb-JcCHZJdl74DE3v7fY820tDd8i8-IDh_NC_iv035x6HmirK0aqE4bBtuonPNfutpMSd-wtsZT9txe9JWZncmDDx5G26Rnbi8wNeW_ljH-OQXPAYsNfrr-7FEpZl8O_bU5XP1e64AI7agspIn9qZWOM_OK_ltWjMwkOG4HeATE6IGja3SF6anjqp5kJO6qtvkpYzpTEbT0wC4pQloW6YO91wTTv5g-_hHGiYPCqwTIhPlpkqaaZTiRJ7hEX89BFOlyZMk_32Vs4rtb3oGx3C2YyjR2RDGaBds4Eu1yOqeSD81ABBrjc5-6QgHmdg2ox7YkVejv3u66D18UgG80nOTxZksxwATmwN2XCOnTCxxdM0zilhMqgEpjpG3VcRgfuhrUa65K8xHibarrrHb3qi8-w5LVKj0Y-DahvO760WV_0WEJ1tlFwQMUI3G77gUfAUbVZ0WroUYZBdv0_oiyXrB0ZnmGTbHx5WwnjlKEre2W3G_7RdntuOMwSVQfho6tZaOqQjLDPfqrPlQM1TeyGCzfjH95wIGm69PnD7ru0JBV6T3dIq71SOIqazQ1HvH7RNSqZMdXfpByTWweRAvFbSPbdSZRYhdvWJZWexdm4sOnBwYKF2Lw6s_iI1rV7am86aBrqJRO9e4IDHv9jt4g8ANwyBnP4CJf97HCjZUpG17uj8mkSFwexOGj-RoKD2oquXuPxHvnSvD_yinXZyWn7Djt5J0wg5xfjeeZGyOeuW0VQYY2jjnVA6DQaurb25lJJq2qnxYvU0XKuyNhDOWX6s0QFFLcPxGpa_iQAve4VI0P3TdbQH7vrWIM81xZ4d0Tbd7QqyzNuq3dR0AjR8trSuMJeekDJI6q7sjfih7UVA_ttcC6wX6SYZdzwp1ce5wdAuZmFDdGeNFxz2mxYWj-SKSjaa4WmmA5dYIRDXXiITJ6bSHAXyCBzzCcPF8MN1Ul0csZ5FnAx0WrlMy3rpNeqpNRogWlqJeKpdN9rnKfu0FBb5rNCzXK8jHGTEyqBEA6575yKk-FXxsnLCHLmtD9AZM5HjX8VzMIfw8oz06wIP9waGpIcbc8PM3iYP0gRITbszBVHm3AciOUWMXMf8s-UummV9sm-J6TgdU7xv6gNEhxSoFTxP2-iDYjVL3XKzXeNOKllZF8L25IL5_uOVduuTWMnwORApZbqHTh2Fr3vgJ4zxpoY1S_LssK5ouoHJmVkk3JV0nuY83NjqFOUaLCCl_TQb8GymmFfjxjUt3O5BFBo8FVQr1MDUc38PPj5524yXM9iJ1SjmwNq6t10nRnA3CL02BStEhAWBS1jlS_x2j_qAjIoDmTIpVTILa8vxLT48uredbyZGQJUGlXeU1wI9mb4SW_vKz-Slr2Q1QjpFHYr1IKHp5Staib48jb2RP_AsRq5TZ337qmJ2DwXinRBSHq0FQ46XODbtfeDYNs_3_DFGgU-YOrhB_5G1aoiuVZhQr2tXUgENy8Nt3YzpM8MLB-kcSgozRwuDikR6x_dmZ-ceWanZw8aEEbWB7vlnQnbaxoGv6BlN2D3Eu60em-WGlyp9-Pw_IRQ-gSU3V2Q0u-PFwlmr0IkaqJffJPOX4PW-5okQBE96iTPCueUbvRSAE5iM-01kA6J2M5bY3f7Ub0Ky_Zb5UYYw0ub0A-0PDY0lgW6OPUDlqdOtWJY50pxvkbQoKFmj7b-Ieb4FdRHvg9Z-w_4kQf4GGm-UcBlp9kIl4aOoC5qYn0FT8B4y33727f-4GkAUiv43cf5EVJZA_gy-fwtm_4swEN4a_3Aag4LCGtr46wXJlgXcZhvUNohOJayAluEy0Wmt4aZoPgShEjkUdb7cVM5zGNkf8tQrhmKZPlPjmc7HKWfWEnHZ5tg7ykXSgjF_IzMeW9LwQwBSGlzX6a5ETXCZXRdVONwemYnhS5O4X1UM-XHNpcgvzwT29SXUjnW55d0yeEpmrg-dhaMvnCcOLOkNUJFUmxM0iVTmHM61sWoZWvIL901O2F3DIgGsz9oOSRE3reFwJm-m4Pa7ByRXkf3U5gZl068TBDlIozlwDJMsFPdgNPlyoNhHYeagv89MUnr7lON1EZi07GT804MmOFnDS-zjXmwpOWTGbrJy8_qLo-ddJg7nOsmXUCNfv8rVUCrI8D5-Ne4TOhZvf_Tj5P5O6Zhe92m-kMW9JKEwTgp4kmdUriBMOSpUIgGsiZVS2wNYVxKuCt_wK27B-JTc2MXp5v7yv47N7vSeamF3OoGYp42Uk6-tECtw2poma1EVQ6-f8SxuQ7KX7BzMVvVKqZ8ocWd81qFwNE-EO4dRhnmsY5rot7VnxZxAoYBrUh06NtCIJgi7S5KCwD5aUvae2OyjgZlAq6pRnKF_-jntYGAH23L65V6A9LfOGWNizgshnlKJHJQ4VflgGEUoswSmrvj8YXJJMM6S7QW11HrVA-093QsD-ERQxvFbzTPJXO4Y2AobJ_vP9OJdVYgjSazVeWj3PUpsDJpEusjnQxiBNsSLKw5yPWevjTNtzf0zDlEwEN9Kko4TQqzo-JBNWi1iuuag3C-CSX5IJvEqzGbalqVRympeMmL0KhWKWTF1RfUvtzhZnTQpcFCu4MLrwnYtW_FqWXMwZSk_oY8E6qXbjG_pdTNLd9nt9op_aZq9VzZ669culo8DJYhjAXgbXdkqG9K8I-XAzOEzqCYGEZj-0pAkckeUoxMuJ7SMIc6lOyAeIqNcppDO61yXsaVMWArg52DK7YSVBIazuemXLvfgRD3v_YLnD3ASb20cs-B8wYavDGMltVDh6v9sf70VGMijQ4H3O0UZ-84YanOXNGZEBwRwGTMsPhfPqFG2Hi0WJhk7dYRaGb2R-K071UjrtxbmxHDedlcMnUggVselk4pGqWXSO1fp4JY82hrtBux0w0RAmxqOxr16s8gm6pjWS1CJhgdBrJpirA_mBUWq2GGagB_3pWMRItk5R4i2ObC2L4V8TXkxJR_EozMuJqAbFRw0Qn3R-hoHPaSPuEibH5NvTT-YldozH5OvA1ZNU3e4AvfZoVBr7mV6BM4TYrqBVu2hGquUWUjisDhLsNpbBA2eayVSRJbaBoN6JLy8g7Zc5ugBz76zkP-vmUxYzyNrz6qrecfFuEtM&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
skeleton.js
fw.adsafeprotected.com/rjss/st/1116018/64712417/ Frame 3EBD 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1116018/64712417/skeleton.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.168.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-168-235.compute-1.amazonaws.com
Software
/
Resource Hash
1f9a117b780237814ca320826581d3f04a388246029186a142a814820b106ee8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3EBD 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Origin
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 15:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 15:29:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame 3EBD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxmqABLW2jXPXZJdmuHp7RpdE0IUj30yJmmsVKByp97ZRReCLnOQTCVUtX6q_O7hfuHZKNqGklbQFfwJvDUXpmzrroPA&cry=1&dbm_d=AKAmf-DtfS_BOpQ2-PcWFENx3MQaYFyMQPmCIpKNK5-vXDYI31hCkxdF7iCyuoXUZgM2z15iwdFK5P44PIK5heDdE4i-6vs68dfYrKgvDSIy016t3wiREwjpSUMYxaxmdchisVC832f0tMQYYdyyCBZzT79E7rEJG00ED8oMZjA_-Kzq_UwKjn8EzFLAe1CxpwEWb75NM2T2M6oACTXwZlyFMYnDOBHxZfqRLVfch0Lo9NTfk_i_5AIvUEZKvRDMnYcaxHMtPQtGdpNsBHxPuqmPir5H4nFIeK9Nsk6T4aIczQHnUeE3CC_D7oYZuyCF-8ka06MSonFleZPUh7uBoEC3VAzAdPJOBCLA-NeE52EqGcnqMshPhoZlMcVyPcakbSpMcH4WJiXNZ1GlmtjtyUUHDd9ZqxvWdtusWYBx-6RLdJT51a9mZo06Ww9xx74T5TKW1ErXZnShqa_4IuQkqFeQoRflrKtVwn8JP6mpVdr2jdlN2uZy1UtuRAX_uCY0DlNGFqQU3guuDEjCsqoXbZMi0NVECIpGQtbxUh9yXuzi9DhVr5XWjQSae0Ib6TEF_HPcDAarj2NIgWA2l4iORqCe86mj1KvFyABmMNtfy0gynmqtT_LmxQKiDStxaOIE2nYvGrTH2yPf1BlWc_fUqyHlkPU25fL5sVHKml1swFrKR-PZql4uzJ-X0v8MGTbDQ-Y5_v-tSFhJI-9v-oEHSxyr5-JoldsZS7qNMicLasa8tudeED8eqz5363_dHGfAHjKBAlbccWAXbyn3nCIyhlKgXcAscAgz8zirTfrV6IBq3tAtSvl95kZG9UxcJaB6_wiXr8xH1ax2zlL2jZiS-BKNB-6zxsUxvQ_tD_P-v0c0J_0NyIrR92OnM5xZsfaobsuZ3828X4RBOeIqOSUVicJ84DxVdgttaZdA9mzOvUKU9AvUj9Bb6uUIi50jPeWdAL2IJLKTI7SWi2BIClox0Izh0vKx1pxTgQ8IQp7KqoT20-9Q2wK_cxKS-Cb6v_LKmH8K4ur4GcYMXWx8r0YB_vcdkqX8VMBNFKWkFESLTyFXN0clJtnk3dtxoj1p4Ipjzx4Q-9kolcjW47LRwxryve4X9L2t3tKBkFo0q1BFin1rPkBV6bUlCjnI_a4i5m1XT5lVa1twttQyQHIZhjTPJ7T3GfqNKC4r2SDfzFlgsU3IF99MKnAj_RygHVslcUQfU3CBL07hb6NRh6USsYauO1zOvWPmId0JuGrwMytesqA_gTIoVIP6bU-3LXlLe-wHHuWUUQ_klBIcWjknLNBEZnzjB-EmHtISlkEOz9jZk1qbYY7m3JlDUsrmU25tL5w3WFMMN0lVcXLVXiX5fZG2N7vwtHsVVi6VVv1AFSaX7ZNDrietxn0VaWz25Uvgv3IqRA8QU46EPv4DGxqBSbXfsoS3lJTrzqQe_tLor-LKoTNoosz6E5SD4pRh63o3A41f0034YEusDd0PkV2jVqwHSKA9kNGqd1W0hOIJyCRF_QcSfgZ4sFBH7KN9sgH_26fMFHByIW_cub8-VOg4u8AfLKS28b93PCjshn2DzFop0uu0DqBPYRohRZbG4LpM81LHRZofXjinSJj8I117sW44tOT6RRKv9OVM5CoYl2S-GbuAVy73Z2ZP1tfN44EXk3RxAkR_uT0B2StjpaUaWPS4PEC5hSGwdcZU9bdMp9bGUuvVYUX-wL5m-Ojorl8Ar8GT5C-EvdAkffQqqdzFhtNsjv6oC9-SWWLQCRvF7L9YSS-FxFcTjBpyZEXJO4aWd6TWRxln8cDUvWc0GMGAcowVMoUauVQJ10tVakOAt1WhQ7AW0Vi9wslFn2mBpqlXlQsa8rfA5rqVqUyPjZCWSJkrgweh0dY2-6GEwVw48cwHm_VEUzdBxeb2lTlChYIWmKazlrl_Ywk25F5Ntuch_4NHX9c8RzbbwqSI2hcHdSB3NCicKCrAIWaAkF7_ucXynqjzd64e_NzRCSMJTmeTTHr6g1vWxg8lg8FPMXJF4NfeaJhxhlqXi9amEiw9J64OzUe5NQsJxsJidOQk_D-oZbvlsbXagomdRpxU3CDXjEw8CcH1lr-IbC3rnNMoQ_EP5VQls0QleWPWK2TCE-7_VOeYbEiCaHZI30RgqrLKY8qp_aKk9eVjxAemn9LK1gAk47Iy8JTKM_aGWg4FibOMlRTVo-6bmD8nOYo06GrLu1WCBX8ruYD5dAC92OwgX6Ig11rgTt8XaybgcZkkVETYNsCVmn9_dJVg4Fng196fN_PgbRfuNx8JqQL2FILujA27jes-STQUzeQr15bu9BFijUoSp-Mr8BNu6NTn6T_bLrhLP7_We9Nj07gRJbzZXe0PsNg14vzdyZSzI4SStuTOB5a0ZsFKvLF3B6DlPuxCLePHjoXp8rXD7K00gi76I25smIv0eeupBhOwqbG7s8GkwAlTLRNIPmlbCmjNfBaCU1vfprRnzp30D0yutPx8ODbCwzAEajIdEfibNWtqm965fT24dyMFnuVPnhYMgxsV4sWplR7mMFc_ukx8sQOc6yt-qh3PoYGKnpKVmodNGkaNqcsnsJwWs0qqATdjSZNRE8gAyaJSS1_r7M9oLyb7mw7xUAD-3uvfT8u7ag0jTzAGsQNMEXLce-JUHuz9YZKqt4-WSPx74OeiCtBMr50SX9m5K_WQJVmrxa1gaRynkJF9OzIDhR1GMHi03zyUCJWSXl8xkbmGC7Wzuq92vKESJLnqvOncyACYx_jOZswtQhW5UjrvvipsVIQwuE__R0u1ixmfYK_665NZXhyy2Q-7a7XwcJg8IYEwm_UTBV1DHzWDA7Mrr24VMcF5muWhYFjgWjYTbyg7FpE9M3u0Qr4E0iiKOwbXUMCPFPlpBhbUTg6Jh1me9SJFG7ZD-J5AJfp6eD2YFzpN6cJ3ig0PEh2PqJux273zGF-glkZzjdNAIhSv-CeA-MbgvWu3NWqNpP18zftGkCXhBcWipu0du82tXWQ9s3OS2MZZGcI0_lRS-Uz9iGz0WbS9RAFrvnWTWMRfBeltZFIF7yMqkFi6_iEfZYMUolrCGyPbM_-ETG5J-gG3Tr4IfS0SR68MS2MoQJSaqGPCnUavu2_5torSL1Vsrt8wnY4oowELkmN4LKLmRorSwHunzTZWLC-YvxzaQwAHKppnEPPW1u8mPRjQpTfU2Gao8bS5dxX2Lj_wfMxIOMInM4PUW0tdvkmfUYN5mw&cid=CAASKORoTyUFGHxOnCeIfNUpOK_1wqULsFItWZMkLUmQOzXVW3GRQVXNi8Q&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:24:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 3EBD 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxmqABLW2jXPXZJdmuHp7RpdE0IUj30yJmmsVKByp97ZRReCLnOQTCVUtX6q_O7hfuHZKNqGklbQFfwJvDUXpmzrroPA&cry=1&dbm_d=AKAmf-DtfS_BOpQ2-PcWFENx3MQaYFyMQPmCIpKNK5-vXDYI31hCkxdF7iCyuoXUZgM2z15iwdFK5P44PIK5heDdE4i-6vs68dfYrKgvDSIy016t3wiREwjpSUMYxaxmdchisVC832f0tMQYYdyyCBZzT79E7rEJG00ED8oMZjA_-Kzq_UwKjn8EzFLAe1CxpwEWb75NM2T2M6oACTXwZlyFMYnDOBHxZfqRLVfch0Lo9NTfk_i_5AIvUEZKvRDMnYcaxHMtPQtGdpNsBHxPuqmPir5H4nFIeK9Nsk6T4aIczQHnUeE3CC_D7oYZuyCF-8ka06MSonFleZPUh7uBoEC3VAzAdPJOBCLA-NeE52EqGcnqMshPhoZlMcVyPcakbSpMcH4WJiXNZ1GlmtjtyUUHDd9ZqxvWdtusWYBx-6RLdJT51a9mZo06Ww9xx74T5TKW1ErXZnShqa_4IuQkqFeQoRflrKtVwn8JP6mpVdr2jdlN2uZy1UtuRAX_uCY0DlNGFqQU3guuDEjCsqoXbZMi0NVECIpGQtbxUh9yXuzi9DhVr5XWjQSae0Ib6TEF_HPcDAarj2NIgWA2l4iORqCe86mj1KvFyABmMNtfy0gynmqtT_LmxQKiDStxaOIE2nYvGrTH2yPf1BlWc_fUqyHlkPU25fL5sVHKml1swFrKR-PZql4uzJ-X0v8MGTbDQ-Y5_v-tSFhJI-9v-oEHSxyr5-JoldsZS7qNMicLasa8tudeED8eqz5363_dHGfAHjKBAlbccWAXbyn3nCIyhlKgXcAscAgz8zirTfrV6IBq3tAtSvl95kZG9UxcJaB6_wiXr8xH1ax2zlL2jZiS-BKNB-6zxsUxvQ_tD_P-v0c0J_0NyIrR92OnM5xZsfaobsuZ3828X4RBOeIqOSUVicJ84DxVdgttaZdA9mzOvUKU9AvUj9Bb6uUIi50jPeWdAL2IJLKTI7SWi2BIClox0Izh0vKx1pxTgQ8IQp7KqoT20-9Q2wK_cxKS-Cb6v_LKmH8K4ur4GcYMXWx8r0YB_vcdkqX8VMBNFKWkFESLTyFXN0clJtnk3dtxoj1p4Ipjzx4Q-9kolcjW47LRwxryve4X9L2t3tKBkFo0q1BFin1rPkBV6bUlCjnI_a4i5m1XT5lVa1twttQyQHIZhjTPJ7T3GfqNKC4r2SDfzFlgsU3IF99MKnAj_RygHVslcUQfU3CBL07hb6NRh6USsYauO1zOvWPmId0JuGrwMytesqA_gTIoVIP6bU-3LXlLe-wHHuWUUQ_klBIcWjknLNBEZnzjB-EmHtISlkEOz9jZk1qbYY7m3JlDUsrmU25tL5w3WFMMN0lVcXLVXiX5fZG2N7vwtHsVVi6VVv1AFSaX7ZNDrietxn0VaWz25Uvgv3IqRA8QU46EPv4DGxqBSbXfsoS3lJTrzqQe_tLor-LKoTNoosz6E5SD4pRh63o3A41f0034YEusDd0PkV2jVqwHSKA9kNGqd1W0hOIJyCRF_QcSfgZ4sFBH7KN9sgH_26fMFHByIW_cub8-VOg4u8AfLKS28b93PCjshn2DzFop0uu0DqBPYRohRZbG4LpM81LHRZofXjinSJj8I117sW44tOT6RRKv9OVM5CoYl2S-GbuAVy73Z2ZP1tfN44EXk3RxAkR_uT0B2StjpaUaWPS4PEC5hSGwdcZU9bdMp9bGUuvVYUX-wL5m-Ojorl8Ar8GT5C-EvdAkffQqqdzFhtNsjv6oC9-SWWLQCRvF7L9YSS-FxFcTjBpyZEXJO4aWd6TWRxln8cDUvWc0GMGAcowVMoUauVQJ10tVakOAt1WhQ7AW0Vi9wslFn2mBpqlXlQsa8rfA5rqVqUyPjZCWSJkrgweh0dY2-6GEwVw48cwHm_VEUzdBxeb2lTlChYIWmKazlrl_Ywk25F5Ntuch_4NHX9c8RzbbwqSI2hcHdSB3NCicKCrAIWaAkF7_ucXynqjzd64e_NzRCSMJTmeTTHr6g1vWxg8lg8FPMXJF4NfeaJhxhlqXi9amEiw9J64OzUe5NQsJxsJidOQk_D-oZbvlsbXagomdRpxU3CDXjEw8CcH1lr-IbC3rnNMoQ_EP5VQls0QleWPWK2TCE-7_VOeYbEiCaHZI30RgqrLKY8qp_aKk9eVjxAemn9LK1gAk47Iy8JTKM_aGWg4FibOMlRTVo-6bmD8nOYo06GrLu1WCBX8ruYD5dAC92OwgX6Ig11rgTt8XaybgcZkkVETYNsCVmn9_dJVg4Fng196fN_PgbRfuNx8JqQL2FILujA27jes-STQUzeQr15bu9BFijUoSp-Mr8BNu6NTn6T_bLrhLP7_We9Nj07gRJbzZXe0PsNg14vzdyZSzI4SStuTOB5a0ZsFKvLF3B6DlPuxCLePHjoXp8rXD7K00gi76I25smIv0eeupBhOwqbG7s8GkwAlTLRNIPmlbCmjNfBaCU1vfprRnzp30D0yutPx8ODbCwzAEajIdEfibNWtqm965fT24dyMFnuVPnhYMgxsV4sWplR7mMFc_ukx8sQOc6yt-qh3PoYGKnpKVmodNGkaNqcsnsJwWs0qqATdjSZNRE8gAyaJSS1_r7M9oLyb7mw7xUAD-3uvfT8u7ag0jTzAGsQNMEXLce-JUHuz9YZKqt4-WSPx74OeiCtBMr50SX9m5K_WQJVmrxa1gaRynkJF9OzIDhR1GMHi03zyUCJWSXl8xkbmGC7Wzuq92vKESJLnqvOncyACYx_jOZswtQhW5UjrvvipsVIQwuE__R0u1ixmfYK_665NZXhyy2Q-7a7XwcJg8IYEwm_UTBV1DHzWDA7Mrr24VMcF5muWhYFjgWjYTbyg7FpE9M3u0Qr4E0iiKOwbXUMCPFPlpBhbUTg6Jh1me9SJFG7ZD-J5AJfp6eD2YFzpN6cJ3ig0PEh2PqJux273zGF-glkZzjdNAIhSv-CeA-MbgvWu3NWqNpP18zftGkCXhBcWipu0du82tXWQ9s3OS2MZZGcI0_lRS-Uz9iGz0WbS9RAFrvnWTWMRfBeltZFIF7yMqkFi6_iEfZYMUolrCGyPbM_-ETG5J-gG3Tr4IfS0SR68MS2MoQJSaqGPCnUavu2_5torSL1Vsrt8wnY4oowELkmN4LKLmRorSwHunzTZWLC-YvxzaQwAHKppnEPPW1u8mPRjQpTfU2Gao8bS5dxX2Lj_wfMxIOMInM4PUW0tdvkmfUYN5mw&cid=CAASKORoTyUFGHxOnCeIfNUpOK_1wqULsFItWZMkLUmQOzXVW3GRQVXNi8Q&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11716
x-xss-protection
0
server
cafe
etag
11026421231030424798
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:26:27 GMT
truncated
/ Frame BA88 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fcc7ab087ae2d3bf848aa9eba414a1f48ef6ec08675c1bf0365f7eef1d42345

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.715166387750465
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wc4INikL1YlDEHWVWz4QAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-wc4INikL1YlDEHWVWz4QAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:26:47 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.880784726036941
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-SxzhHM31wOmC3kqaGP5TDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-SxzhHM31wOmC3kqaGP5TDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:26:47 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A7A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsYivSYzgEwAQ&v=APEucNVgtwuBOTJJ0jL4UHM3FZIWxynrfLDL1fNttd47Z9QPqOijGIOVhDns5D6z-H4gNfbYYIup6Kec8cRTRHKJyTJsSYgUnuzpLHsVdQ8oqE3a3nF4CeI
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b23379faa1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMiLTxkd6nj5N6fVMdGJM6gRJcZj0jyTWlcLJkmXdLgIilcQJowmPDXZ%2BeNJeDDmwWoQI7Wm0JGfX8PD6mk2TGjgNNIr2WLqm0zh0QUb6nOZuP71RFEDWo%2BJU5OnybAP5ZAJoQMUhTbgfg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A7A8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyMoFrNhHiM6znH3tYb22QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsYivSYzgEwAQ&v=APEucNVgtwuBOTJJ0jL4UHM3FZIWxynrfLDL1fNttd47Z9QPqOijGIOVhDns5D6z-H4gNfbYYIup6Kec8cRTRHKJyTJsSYgUnuzpLHsVdQ8oqE3a3nF4CeI
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b1b2341ae1a1e7-YYZ
pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1oeDE%2BQDJ978Qvie%2FXCV9EvPELdlfy8g6MmC%2FcESrnb2pULQouL9m2zBJDZ2fVXLrkfnlhrgZcykej210mRNRLeEBEfGDN6j5GL%2FFtkJErGseF%2Fm%2FYNbhPPoYsVOcWN%2F%2Bie569Bh4Cpzg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKF7yXiOSWde-TpDsytv6o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A7A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsYivSYzgEwAQ&v=APEucNVgtwuBOTJJ0jL4UHM3FZIWxynrfLDL1fNttd47Z9QPqOijGIOVhDns5D6z-H4gNfbYYIup6Kec8cRTRHKJyTJsSYgUnuzpLHsVdQ8oqE3a3nF4CeI
Protocol
HTTP/1.1
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:47 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
358b892b-f7ce-4a7e-8bfc-b81a779b8c4f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEHvCcsPVNjKrr9tgoZKpSI4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A7A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsYivSYzgEwAQ&v=APEucNVgtwuBOTJJ0jL4UHM3FZIWxynrfLDL1fNttd47Z9QPqOijGIOVhDns5D6z-H4gNfbYYIup6Kec8cRTRHKJyTJsSYgUnuzpLHsVdQ8oqE3a3nF4CeI
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:47 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
79c14792-dcc5-4ef6-b875-9b279c78891e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNzM3NzczODE5NjczNDMxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css2
fonts.googleapis.com/ Frame BD7C 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 13:10:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 13:26:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 13:26:47 GMT
css
fonts.googleapis.com/ Frame 6301 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 12:55:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 13:26:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 13:26:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 6301 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:10:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 6301 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
8244505166375133744
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:11:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 6301 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:08:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 6301 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:21:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6301 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Sep 2022 13:26:47 GMT
026517f4e3185bf0f4d8fd76517024ed.js
www.gstatic.com/mysidia/ Frame 6301 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 00:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 23:53:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 00:29:33 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame BD7C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8199
x-xss-protection
0
server
cafe
etag
4999025364649203088
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:13:44 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BD7C 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 22:40:56 GMT
x-content-type-options
nosniff
age
225951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 12 Sep 2023 22:40:56 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BD7C 		604 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 00:11:42 GMT
x-content-type-options
nosniff
age
393305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 11 Sep 2023 00:11:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3EBD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 16:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 16:41:18 GMT
truncated
/ Frame 3EBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9667f86a6f28e4d2dbf88fd0a67ff0c0f90d35742245c0ab116c50a63715582a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E1C6 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame E921 		668 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsY1-iYzgEwAQ&v=APEucNUZE2RcDKCt4EbaWyUUPkXifttdkBNFOuPJvGnvIuc5GdbNQwOZU-pJM4ThshI4ADYK8r_kZW9tPt7pEQs2npFkdXTBZrIxRBJmKJtAQqAlyFFQ_A4
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0620 		95 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BthvtQoqYk3DmXoO0eaJLj2cKe0uxN0HftucUiWqmjB0Mhlkp3d2kH279DZ7MXwffdAGpb6c7Zh-QHkR_R2vrnfzqYKg&cry=1&dbm_d=AKAmf-D66aCnBG3FJDuw9KQWd0PoqBxCBmSHE90EJae4iIn0lna9SaHJQJWNSQZew_n2J4rOUm3r_alVMZrRv0seUgXGer2BT2lLwmnn0-miT04VlFHtFc4srwO37qf5LZTVoYAeW5pdlpMQqS16mzlBcI9_oIvQzUex7EPTr9x5NJdwMJhS3rcCDCCWYG0BQCqF1DcIVx7qEdKggNy5Xyrgc2I_shkzjmCVBiKi1OuCRcrBkCcQuoKb4ja7t_weD1whLCATOPVz98g_UuJO1LcLFRj5Gy4l-imF13xrf7oTXl40Kwf9Y_yBWkuSQp1v5bajGp6xFzEy7jX9dvjmvmeg3ym0xqunG4ampdskSW6gkPLjs5be38bbkvs9gvOendNtiud0dz1tDc_NVg6auQE-QSp8tVLEoURYOYAJ54jnvmeUwjosKR42egFRyMaSCRK1IQpf9Hj88takADtpfneKH3pc8y6uS_xGfCa7jNF7nhNJOUGNTvw5VEpy0RwS6nXRJcq9nDFo9jKsm2kXyuPOq8FAdsac3BiM8-l640KDwMbPdGm0Hw5oBI5VvPHC_RBAGPAUJiCARhtiELfiFM2AlUxdee2118bOHg9hr1EHNcbcp2mKDDPwglVpM5iA9c1e2r1ZYPGHFDYgUg7DEwZqM5oTE-hxNF3p7E09aueKgsl08HB5dIbp-yrnUY8tbBXyOBv-qauU0gNqAhekTC4xx16-KPuUt3zKScLZ7XcbVJc72HF8nuuTsbBr9HTIfC-on6fFVyLGQmKaMTR40xWY8umexpLR9faNfuXObgZVnchU-eCwICsIwUnP_Xf3xxYlFP5MlM9MKI230uXr-DFCpAlNiDf3bPHwg1mgllp23n9zI5UppLvts91U-41OEvdsKGR8OdRWJfCLVpkqT2JCl4V0Kg-Y9ooPzCha9e--58qbsISvseV8IlqVgttTRBQz2PzOsrxQ6zq3HP2p1sMo6GlWfdkXJF7ZvsQ0vtufsYfW_4DahRJjAiFlBrpXrH4g7BdmvGalgrP_5dm6xJHFfWOL53UygzrqfOUMR5zz8pDwwBBexygh-Wj0doWTDgBTKixVxOnSXVNLaWs56ah3ykXuAaZDFYxxyVp-ybv2Db-mZv62JmOdeHrvfpaCZ1I9fYpUTiGQV3-6o4uk02Chf52pGGXrKxNAu6OXm8RFzp0In-f2MhybUXQew-k7hc1PuDpxtRxMBlbA09-mstXb4OCXVSd2odTTzCCN6wGKZdy7FmVqzp0wcR8JRBKIVKWYIB3Z04TezgjjP0yu5mBOwmKzP3-jrRE5l-csfxPrlukdMU2JXuEsV-g-9HwQ5o36uW9NeQtuaYWbAxzn2SfbKnsB8wuAntygfDA-QoXgwyyXmgHzr8seHlb8t--JGmmhfhA_oX3G76Om0iCu81OomKzhpsLOjwrpdXzKh0qLIN2-wEXHGqS38OLzdva39OK2GWXDHrj1GcccRl2CCmuW3AsCBk65fa45t4P_kuLtWxiRepWoew9nibyiKAh3eB_WQD5Qv_N9i7ZovXJJH4a62mcjcsy6DSez2CgE1r5s6j6Jtm8cQ1p2j6-4Ll3qDYfKLQlmLV2kaQzj9ivOC9-V-8i3l3trZhToEMf3XslxID_yr2kFvJXyN6YAUkbfYEgKvSs3NIKJgGAkCQ1ygWZ4LoDgXE-rCopQpUr33DcP6dJHCHylBhU9EMj4qmBpzC93_UxQtajTsrKNSSoDOppGohBCOISHw-E5x8eaHZiPQZm8nuGCCbtWurJnXu5BYuVCJ0llmfPYzWIT6O3YCwjpDhP_nhU7eeBS_0smkk9T0U3TVDNI2FrlUdRTWc4VFT0C6bqrREZtEMiqwdIuBugXp_8uhObR3umMkxjGtLFApKrwc_QIztmSQ87JBQLj_sZMU6iipKEt-bKDU-Qc3pWDgXmh9t1futBTYfUSc9Xti1eaBPP2oud053qfJs3UzAlTJzGYZR5P322jNoHI0hlMxgbARZKs1PrDxK2UcHq7LuPbCbwSA4UEe2gSR61dP0JOAj71OekQqK35vp2uXMT0fvbrQb61UzkcQ-Gx3JeDXPpUdfHZ5iYfjU-X8mnwQEAd85hcUnayEyXElkoZS8SM62tLhAcHhJYpUz1xK403hoOruQcBCm-qGBLKLWwrMahG6TIlB5UfxNuFOuMHW-64P8drDshvbaMq4aFsyxczFxUhM0oXS3-_hdOx_04d3jvMx8UXZd7cxZzZCSzdFozQZ843pVVxoUlDtqio7614270KOL4YyexQ8lx9LKr6sI4H0Ea5GyAAss2YwqSQDSOp6bRMsgXfMyZNZ8Jg0ZRuWTG_EUtDE8rauwPT-KSXFLetQdIhfmGbGlDZ3ouSt7XH4ZaIZWGhjvfbUu2IByyd0yZTvFHoLO7LOllrOu-Sw4OlOWhg06Wdv7RNZ2tevse4Rm_X_y-IZD4NbjBhXmzlKvfoXC3I8o9UYwoYr-tRRatWctTYXWDKGbUbxouM0UYoDwavVlZZRTWO4Ict2OWqb9EtyAurmJdOxAKyEi8OOMe1951ij0Hy_cY8cwwLLSPuZfeULj_TEzGMsQQ5-KRh0xZuXK1QrafJEn_N_esnNcoAevfP-ayDtZWuCjlIhh4NDxgFsQZeBNIfqJGmTHpUr2U6QlB6vbSOLugM8XDQFhd8KXoY2NU8D2Dv1hni7OrOSfJv2ZKhLP2KrhEllZdpeHtpi-nU6cchjr12qhvpfSctyteIwiJrQVOv0EKtv-cRti9AP2Ki4MT8_PJZQnXyBAZRPBlMeB45bcwhIB_FCWpwocuzKhls79sX631rUBSIp-kn7PzDq1uEVwDklfW7Mp7fC8Ys0--LA_5qO2tQ4o2Ae-MFYMETdbRP6ntI_j3cu2DFroquc77rdiWX3SzAibyqDX0fb9QicZ8gEjzGu-Yn2B8JfUubscziHQ94D8Hso9PO5cEoy-ovYGQmKP9TaxMPN4eokToF9J9JG9hsYtk69YSvWJXirq--iROJ7cTknThkQKyoeRC0rZ2-NoQeReQsB3862BW7IwDL9VCarr8jR8IvLwbdCBLCn1CuGf_TuURoZUUCHHXTnYq47pqDmmFUIc0l4iIAB6Ctc66HYgIKyY6pqywBCHN8eBE4qghr8xc53DlB-au8JpOn-XC2I4P7Mxt3ep9LhIAlZ7gl26nJkTT8PEvLoJFg7eTm91m0c3H2Bl2VAmIjXSMf3Q7vSbLUtzQCkuMJeUDNwMOx3mKvGSsF466y&cid=CAASKORoSSkCwvX4fYXMs-vq0XNQjonop7yLOwQVwKH5J4aXD3qDpigxNjwgDQ&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e69d1c1638084126ea7f8fbf310d0a19511b9f1917fa20d892c2a75ae31d37f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0620 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4NAzj6yNo2xNgooV1vVc0FZym65t6eM5DBqByFljiI3HYKyZhpBmfj9G7myBzOULh7KKdYItbHfGvUwOckce10Lzryl1ZE0jeIutlpWAOhkEtOF8
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 0620 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:08:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 0620 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:21:18 GMT
l
www.google.com/ads/measurement/ Frame 0620 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXV12JgtYjiT_X8UBgyo-CLfroKwVwhbeGhXcAqE6P-HTOAy9huwsBUpHEAarE06wBfQDJJ2JDGYG6Efyw65e6gi251g
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0620 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Sep 2022 13:26:47 GMT
dv-measurements3068.js
cdn.doubleverify.com/ Frame 40BB 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3068.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:59f::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e17238bcf47934b27c9967237587ea09f08dfa619e9b42e55689591dcbe42d26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 13:26:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:36:13 GMT
Server
Microsoft-IIS/10.0
ETag
"807cceef8ec7d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106967
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE15 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
144909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 21:11:38 GMT
expires
Wed, 13 Sep 2023 21:11:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame E1C6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Byr7JFigjY_K5O62cvPIP8M-M2ATC1Yb4RQAAABABING9tz04AVi0rIChgwRg_eiigfADsgERd3d3LmhhYnNldGxuaC5jb226AQs0ODB4MjcwX3htbMgBBdoBGmh0dHBzOi8vd3d3LmhhYnNldGxuaC5jb20vmALktwHAAgLgAgDqAhsvOTIwNTYyODEvaGFic2V0bG5oLXByZW1pdW34AvLRHpAD4AOYA4wGqAMB0ASQTuAEAdIFBhDe8OKIFJAGAaAGJKgHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=e9dh_q4okYU&label=videoplayfailed303&sdkv=h.3.530.1&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUzODcxMDYzOThA6gFSGSUAAHBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatad.js
z.moatads.com/omdcarogersdcm798933297651/ Frame 3EBD 		304 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/omdcarogersdcm798933297651/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
292a139b34207ca11c7ab77e42fe0135ee01f52fa07b631fcf99a70a4788dd4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:23:34 GMT
server
AmazonS3
x-amz-request-id
RYKRXT170SJHF9N0
etag
"66d91b67efe006b8b27323df8e4d2d03"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31492
accept-ranges
bytes
content-length
106091
x-amz-id-2
nmdVTrfoB/8p0MpIDMNKuWkYeqjkqNaGZxNd27QSG4fFQzkXWDJraccNpERAGGtK1dPx7V8gS5w=
index.html
s0.2mdn.net/sadbundle/15557356539074672166/ Frame CD07 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fdf4a50bedb361f7935936df989f00391d7e2a803c9f58670719d98feeb959a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
57471
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2183
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 21:28:56 GMT
expires
Thu, 14 Sep 2023 21:28:56 GMT
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3EBD 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3di684490PDR-DI2gbLdz8UOU8tzJK_53dCtQRfKsjXFFhEoJuTHJhXr8VeBxSRwZlwVplyg2N-tYW8KWm7Q_WqJ3P2u0SFPa8nrCYFkehXK8SHfPp9DbY2uaQZfugQyuaTuV0DxR3xd-0XkYVyfj9qm7XF3llp2VDe9j-X7LpGiWXMQvap1tbK4dCCmWB3WhzW5WDukLUv3WAs2ziF5FOJljvuRA5ZFwlOyvmTaM6gELEIMjWxDslOcmi7rDD_DkMJDN8TtOAmluX2bM6KUeTvH0zLxuOurHZFs0xhQR-Ggu88g7PO3BINGn7yLOhH1skiqjJZeBEXemDjbBf8nvACIBSPX8_g7OmHX4xTx2DpZDVVB2d2lJXbsvBfCeHcSj5n7pw2Um8qJduVC2TnqSvLKcLSTg8gyZ9eKTpvWhAhL6I6DjfUdqXs5jmJz39vLiZYarczjuZSd9SflRzGmKy3m5IkPq9BQQaFs3CSdaI604sVDbiLkU5oU3S0BtyEqdcVwF9fa-GcfgReFux7TQuBL-ImCO3ysh7Ng0q4OGQzlsbea1m2c9cfibKlwNjWIq_wGm2fJeqojiUh0ZfPpDRa6cPaDtY9wMIX7YT6YCpBnY-fxJHMuohVilVMh1l3_4kvyqVyntrNK3zOsUx2gTz4Fq52lnM8FVLyWRqEBjt5zfvv6wUeV69GmYiAkv6-97xFXXnrM5reip7ngdUsaANysju8Kr0WVSmLKFhj93tiD2fc8PmfX3NXaimYQKyaQn4g2oZSuFouNed0bhKGuE6pnpjqIOBzcJd5OaqiRTYQOpmG-poHDahpMV5XyyNeqBL6J140ym6wlxS9L0s-s-8JA3jEEMSmvn2Pn_Ou4F45pNz_FzzHLYYlouei_JKxLwsBGBxocHeHFdcIsln2A0_nO3J7EBS9Dzw_9llefb9VkyEbGGzuwdBohNlNyoxjXXwGeRhx3M-iQ5IFqaChHxNzCRjZ-10qDkjjpVM4Sa48_rvV5xC3olzFII5vwtnu3alwvcyhKInYkeHH7OOHqPCEZD4VhpujoRJO2zv3Sepzfx07sWiTLJihQuENm2IJ8JC7vKADqh5v2bNb6I7fm5eoxJlVm2mgKuIdJC93--7HHFQjh4ho3snBpsnvsR5o4LT1jkMsZ0UpB1c4KjX-z_7RQVFsvuV4N0yqzzRlV0oT6yzK3B8HnPC5J3hI_fkRPGVJE&sai=AMfl-YQzwxgP63puz9JPxDBvhLIVitv8YG6jInZ3V40FxiShoHEHs7GjNDtIO8AwD0sL1Gvlblgr8M3Xz2MPHoPAQIbuYDCbgwJYvfTHPXPjP4AptXM3Wk6N-F-Fq3iHf7ZpEcq5zZQb6wrjCB9mP823rXEZMiCUaxA_7Pi2iLJBsGqDvU668kl5FSWSIYho7NTudbULQ9odE8ngGac06Bird6SOD0Ho_uskfg&sig=Cg0ArKJSzG29QdfTqQ4EEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=335&cbvp=1&cstd=331&cisv=r20220912.62219&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 15 Sep 2022 13:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
main.19.8.351.js
static.adsafeprotected.com/ Frame 3EBD 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.351.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1116018/64712417/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
575986ceb03b41a80e51883a5ed8747fe2e71d2dabae1cf0741f4ae4d4049ed6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:23:44 GMT
content-encoding
gzip
age
244983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Sep 2022 15:31:10 GMT
server
AmazonS3
etag
W/"0df365965004cd53d828c594d1347e57"
vary
Accept-Encoding
x-amz-version-id
tWQXZ1XKiON.B_hqWYolQkDu8mdZui5t
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
UkNmsHIjn92qxLXNyJEQp4vq2s9BjfxRGumf4cI3XmwUfAVgyxmtSw==
ssb
bc-ssb-iad.springserve.com/ Frame E1C6
Redirect Chain
  • https://vid.springserve.com/vast/676257?url=https://www.habsetlnh.com/&cb=1576633802&desc=%27Going+to+give+it+my+best+shot%27:+Jets%27+Lucius+hoping+to+make+roster+this+season&ic=IAB17&ap=0&vid=223...
  • https://bc-ssb-iad.springserve.com/ssb?r=f2e1e93a-b614-4788-86d3-7f7090b14e6a&t=1663248407&aid=500
11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-ssb-iad.springserve.com/ssb?r=f2e1e93a-b614-4788-86d3-7f7090b14e6a&t=1663248407&aid=500
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
52.6.2.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-2-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
600cabf9c7e14904a6918c7aebcaa3e60839e46353bf16df1fa597e68348a968

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
null
date
Thu, 15 Sep 2022 13:26:48 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml

Redirect headers

location
https://bc-ssb-iad.springserve.com/ssb?r=f2e1e93a-b614-4788-86d3-7f7090b14e6a&t=1663248407&aid=500
date
Thu, 15 Sep 2022 13:26:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
https://imasdk.googleapis.com
content-length
0
AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3arXzwthaSvefSQfTxkPvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://www.habsetlnh.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3arXzwthaSvefSQfTxkPvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 57F8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
144909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 21:11:38 GMT
expires
Wed, 13 Sep 2023 21:11:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1116018/64712426/ Frame 0620 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1116018/64712426/skeleton.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.168.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-168-235.compute-1.amazonaws.com
Software
/
Resource Hash
5e31423f91e201394ea0577180b8c8b7d60401a7c5d1b559442af7fba583a1df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0620 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Origin
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 15:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 15:29:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 0620 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BthvtQoqYk3DmXoO0eaJLj2cKe0uxN0HftucUiWqmjB0Mhlkp3d2kH279DZ7MXwffdAGpb6c7Zh-QHkR_R2vrnfzqYKg&cry=1&dbm_d=AKAmf-D66aCnBG3FJDuw9KQWd0PoqBxCBmSHE90EJae4iIn0lna9SaHJQJWNSQZew_n2J4rOUm3r_alVMZrRv0seUgXGer2BT2lLwmnn0-miT04VlFHtFc4srwO37qf5LZTVoYAeW5pdlpMQqS16mzlBcI9_oIvQzUex7EPTr9x5NJdwMJhS3rcCDCCWYG0BQCqF1DcIVx7qEdKggNy5Xyrgc2I_shkzjmCVBiKi1OuCRcrBkCcQuoKb4ja7t_weD1whLCATOPVz98g_UuJO1LcLFRj5Gy4l-imF13xrf7oTXl40Kwf9Y_yBWkuSQp1v5bajGp6xFzEy7jX9dvjmvmeg3ym0xqunG4ampdskSW6gkPLjs5be38bbkvs9gvOendNtiud0dz1tDc_NVg6auQE-QSp8tVLEoURYOYAJ54jnvmeUwjosKR42egFRyMaSCRK1IQpf9Hj88takADtpfneKH3pc8y6uS_xGfCa7jNF7nhNJOUGNTvw5VEpy0RwS6nXRJcq9nDFo9jKsm2kXyuPOq8FAdsac3BiM8-l640KDwMbPdGm0Hw5oBI5VvPHC_RBAGPAUJiCARhtiELfiFM2AlUxdee2118bOHg9hr1EHNcbcp2mKDDPwglVpM5iA9c1e2r1ZYPGHFDYgUg7DEwZqM5oTE-hxNF3p7E09aueKgsl08HB5dIbp-yrnUY8tbBXyOBv-qauU0gNqAhekTC4xx16-KPuUt3zKScLZ7XcbVJc72HF8nuuTsbBr9HTIfC-on6fFVyLGQmKaMTR40xWY8umexpLR9faNfuXObgZVnchU-eCwICsIwUnP_Xf3xxYlFP5MlM9MKI230uXr-DFCpAlNiDf3bPHwg1mgllp23n9zI5UppLvts91U-41OEvdsKGR8OdRWJfCLVpkqT2JCl4V0Kg-Y9ooPzCha9e--58qbsISvseV8IlqVgttTRBQz2PzOsrxQ6zq3HP2p1sMo6GlWfdkXJF7ZvsQ0vtufsYfW_4DahRJjAiFlBrpXrH4g7BdmvGalgrP_5dm6xJHFfWOL53UygzrqfOUMR5zz8pDwwBBexygh-Wj0doWTDgBTKixVxOnSXVNLaWs56ah3ykXuAaZDFYxxyVp-ybv2Db-mZv62JmOdeHrvfpaCZ1I9fYpUTiGQV3-6o4uk02Chf52pGGXrKxNAu6OXm8RFzp0In-f2MhybUXQew-k7hc1PuDpxtRxMBlbA09-mstXb4OCXVSd2odTTzCCN6wGKZdy7FmVqzp0wcR8JRBKIVKWYIB3Z04TezgjjP0yu5mBOwmKzP3-jrRE5l-csfxPrlukdMU2JXuEsV-g-9HwQ5o36uW9NeQtuaYWbAxzn2SfbKnsB8wuAntygfDA-QoXgwyyXmgHzr8seHlb8t--JGmmhfhA_oX3G76Om0iCu81OomKzhpsLOjwrpdXzKh0qLIN2-wEXHGqS38OLzdva39OK2GWXDHrj1GcccRl2CCmuW3AsCBk65fa45t4P_kuLtWxiRepWoew9nibyiKAh3eB_WQD5Qv_N9i7ZovXJJH4a62mcjcsy6DSez2CgE1r5s6j6Jtm8cQ1p2j6-4Ll3qDYfKLQlmLV2kaQzj9ivOC9-V-8i3l3trZhToEMf3XslxID_yr2kFvJXyN6YAUkbfYEgKvSs3NIKJgGAkCQ1ygWZ4LoDgXE-rCopQpUr33DcP6dJHCHylBhU9EMj4qmBpzC93_UxQtajTsrKNSSoDOppGohBCOISHw-E5x8eaHZiPQZm8nuGCCbtWurJnXu5BYuVCJ0llmfPYzWIT6O3YCwjpDhP_nhU7eeBS_0smkk9T0U3TVDNI2FrlUdRTWc4VFT0C6bqrREZtEMiqwdIuBugXp_8uhObR3umMkxjGtLFApKrwc_QIztmSQ87JBQLj_sZMU6iipKEt-bKDU-Qc3pWDgXmh9t1futBTYfUSc9Xti1eaBPP2oud053qfJs3UzAlTJzGYZR5P322jNoHI0hlMxgbARZKs1PrDxK2UcHq7LuPbCbwSA4UEe2gSR61dP0JOAj71OekQqK35vp2uXMT0fvbrQb61UzkcQ-Gx3JeDXPpUdfHZ5iYfjU-X8mnwQEAd85hcUnayEyXElkoZS8SM62tLhAcHhJYpUz1xK403hoOruQcBCm-qGBLKLWwrMahG6TIlB5UfxNuFOuMHW-64P8drDshvbaMq4aFsyxczFxUhM0oXS3-_hdOx_04d3jvMx8UXZd7cxZzZCSzdFozQZ843pVVxoUlDtqio7614270KOL4YyexQ8lx9LKr6sI4H0Ea5GyAAss2YwqSQDSOp6bRMsgXfMyZNZ8Jg0ZRuWTG_EUtDE8rauwPT-KSXFLetQdIhfmGbGlDZ3ouSt7XH4ZaIZWGhjvfbUu2IByyd0yZTvFHoLO7LOllrOu-Sw4OlOWhg06Wdv7RNZ2tevse4Rm_X_y-IZD4NbjBhXmzlKvfoXC3I8o9UYwoYr-tRRatWctTYXWDKGbUbxouM0UYoDwavVlZZRTWO4Ict2OWqb9EtyAurmJdOxAKyEi8OOMe1951ij0Hy_cY8cwwLLSPuZfeULj_TEzGMsQQ5-KRh0xZuXK1QrafJEn_N_esnNcoAevfP-ayDtZWuCjlIhh4NDxgFsQZeBNIfqJGmTHpUr2U6QlB6vbSOLugM8XDQFhd8KXoY2NU8D2Dv1hni7OrOSfJv2ZKhLP2KrhEllZdpeHtpi-nU6cchjr12qhvpfSctyteIwiJrQVOv0EKtv-cRti9AP2Ki4MT8_PJZQnXyBAZRPBlMeB45bcwhIB_FCWpwocuzKhls79sX631rUBSIp-kn7PzDq1uEVwDklfW7Mp7fC8Ys0--LA_5qO2tQ4o2Ae-MFYMETdbRP6ntI_j3cu2DFroquc77rdiWX3SzAibyqDX0fb9QicZ8gEjzGu-Yn2B8JfUubscziHQ94D8Hso9PO5cEoy-ovYGQmKP9TaxMPN4eokToF9J9JG9hsYtk69YSvWJXirq--iROJ7cTknThkQKyoeRC0rZ2-NoQeReQsB3862BW7IwDL9VCarr8jR8IvLwbdCBLCn1CuGf_TuURoZUUCHHXTnYq47pqDmmFUIc0l4iIAB6Ctc66HYgIKyY6pqywBCHN8eBE4qghr8xc53DlB-au8JpOn-XC2I4P7Mxt3ep9LhIAlZ7gl26nJkTT8PEvLoJFg7eTm91m0c3H2Bl2VAmIjXSMf3Q7vSbLUtzQCkuMJeUDNwMOx3mKvGSsF466y&cid=CAASKORoSSkCwvX4fYXMs-vq0XNQjonop7yLOwQVwKH5J4aXD3qDpigxNjwgDQ&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:19:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 0620 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BthvtQoqYk3DmXoO0eaJLj2cKe0uxN0HftucUiWqmjB0Mhlkp3d2kH279DZ7MXwffdAGpb6c7Zh-QHkR_R2vrnfzqYKg&cry=1&dbm_d=AKAmf-D66aCnBG3FJDuw9KQWd0PoqBxCBmSHE90EJae4iIn0lna9SaHJQJWNSQZew_n2J4rOUm3r_alVMZrRv0seUgXGer2BT2lLwmnn0-miT04VlFHtFc4srwO37qf5LZTVoYAeW5pdlpMQqS16mzlBcI9_oIvQzUex7EPTr9x5NJdwMJhS3rcCDCCWYG0BQCqF1DcIVx7qEdKggNy5Xyrgc2I_shkzjmCVBiKi1OuCRcrBkCcQuoKb4ja7t_weD1whLCATOPVz98g_UuJO1LcLFRj5Gy4l-imF13xrf7oTXl40Kwf9Y_yBWkuSQp1v5bajGp6xFzEy7jX9dvjmvmeg3ym0xqunG4ampdskSW6gkPLjs5be38bbkvs9gvOendNtiud0dz1tDc_NVg6auQE-QSp8tVLEoURYOYAJ54jnvmeUwjosKR42egFRyMaSCRK1IQpf9Hj88takADtpfneKH3pc8y6uS_xGfCa7jNF7nhNJOUGNTvw5VEpy0RwS6nXRJcq9nDFo9jKsm2kXyuPOq8FAdsac3BiM8-l640KDwMbPdGm0Hw5oBI5VvPHC_RBAGPAUJiCARhtiELfiFM2AlUxdee2118bOHg9hr1EHNcbcp2mKDDPwglVpM5iA9c1e2r1ZYPGHFDYgUg7DEwZqM5oTE-hxNF3p7E09aueKgsl08HB5dIbp-yrnUY8tbBXyOBv-qauU0gNqAhekTC4xx16-KPuUt3zKScLZ7XcbVJc72HF8nuuTsbBr9HTIfC-on6fFVyLGQmKaMTR40xWY8umexpLR9faNfuXObgZVnchU-eCwICsIwUnP_Xf3xxYlFP5MlM9MKI230uXr-DFCpAlNiDf3bPHwg1mgllp23n9zI5UppLvts91U-41OEvdsKGR8OdRWJfCLVpkqT2JCl4V0Kg-Y9ooPzCha9e--58qbsISvseV8IlqVgttTRBQz2PzOsrxQ6zq3HP2p1sMo6GlWfdkXJF7ZvsQ0vtufsYfW_4DahRJjAiFlBrpXrH4g7BdmvGalgrP_5dm6xJHFfWOL53UygzrqfOUMR5zz8pDwwBBexygh-Wj0doWTDgBTKixVxOnSXVNLaWs56ah3ykXuAaZDFYxxyVp-ybv2Db-mZv62JmOdeHrvfpaCZ1I9fYpUTiGQV3-6o4uk02Chf52pGGXrKxNAu6OXm8RFzp0In-f2MhybUXQew-k7hc1PuDpxtRxMBlbA09-mstXb4OCXVSd2odTTzCCN6wGKZdy7FmVqzp0wcR8JRBKIVKWYIB3Z04TezgjjP0yu5mBOwmKzP3-jrRE5l-csfxPrlukdMU2JXuEsV-g-9HwQ5o36uW9NeQtuaYWbAxzn2SfbKnsB8wuAntygfDA-QoXgwyyXmgHzr8seHlb8t--JGmmhfhA_oX3G76Om0iCu81OomKzhpsLOjwrpdXzKh0qLIN2-wEXHGqS38OLzdva39OK2GWXDHrj1GcccRl2CCmuW3AsCBk65fa45t4P_kuLtWxiRepWoew9nibyiKAh3eB_WQD5Qv_N9i7ZovXJJH4a62mcjcsy6DSez2CgE1r5s6j6Jtm8cQ1p2j6-4Ll3qDYfKLQlmLV2kaQzj9ivOC9-V-8i3l3trZhToEMf3XslxID_yr2kFvJXyN6YAUkbfYEgKvSs3NIKJgGAkCQ1ygWZ4LoDgXE-rCopQpUr33DcP6dJHCHylBhU9EMj4qmBpzC93_UxQtajTsrKNSSoDOppGohBCOISHw-E5x8eaHZiPQZm8nuGCCbtWurJnXu5BYuVCJ0llmfPYzWIT6O3YCwjpDhP_nhU7eeBS_0smkk9T0U3TVDNI2FrlUdRTWc4VFT0C6bqrREZtEMiqwdIuBugXp_8uhObR3umMkxjGtLFApKrwc_QIztmSQ87JBQLj_sZMU6iipKEt-bKDU-Qc3pWDgXmh9t1futBTYfUSc9Xti1eaBPP2oud053qfJs3UzAlTJzGYZR5P322jNoHI0hlMxgbARZKs1PrDxK2UcHq7LuPbCbwSA4UEe2gSR61dP0JOAj71OekQqK35vp2uXMT0fvbrQb61UzkcQ-Gx3JeDXPpUdfHZ5iYfjU-X8mnwQEAd85hcUnayEyXElkoZS8SM62tLhAcHhJYpUz1xK403hoOruQcBCm-qGBLKLWwrMahG6TIlB5UfxNuFOuMHW-64P8drDshvbaMq4aFsyxczFxUhM0oXS3-_hdOx_04d3jvMx8UXZd7cxZzZCSzdFozQZ843pVVxoUlDtqio7614270KOL4YyexQ8lx9LKr6sI4H0Ea5GyAAss2YwqSQDSOp6bRMsgXfMyZNZ8Jg0ZRuWTG_EUtDE8rauwPT-KSXFLetQdIhfmGbGlDZ3ouSt7XH4ZaIZWGhjvfbUu2IByyd0yZTvFHoLO7LOllrOu-Sw4OlOWhg06Wdv7RNZ2tevse4Rm_X_y-IZD4NbjBhXmzlKvfoXC3I8o9UYwoYr-tRRatWctTYXWDKGbUbxouM0UYoDwavVlZZRTWO4Ict2OWqb9EtyAurmJdOxAKyEi8OOMe1951ij0Hy_cY8cwwLLSPuZfeULj_TEzGMsQQ5-KRh0xZuXK1QrafJEn_N_esnNcoAevfP-ayDtZWuCjlIhh4NDxgFsQZeBNIfqJGmTHpUr2U6QlB6vbSOLugM8XDQFhd8KXoY2NU8D2Dv1hni7OrOSfJv2ZKhLP2KrhEllZdpeHtpi-nU6cchjr12qhvpfSctyteIwiJrQVOv0EKtv-cRti9AP2Ki4MT8_PJZQnXyBAZRPBlMeB45bcwhIB_FCWpwocuzKhls79sX631rUBSIp-kn7PzDq1uEVwDklfW7Mp7fC8Ys0--LA_5qO2tQ4o2Ae-MFYMETdbRP6ntI_j3cu2DFroquc77rdiWX3SzAibyqDX0fb9QicZ8gEjzGu-Yn2B8JfUubscziHQ94D8Hso9PO5cEoy-ovYGQmKP9TaxMPN4eokToF9J9JG9hsYtk69YSvWJXirq--iROJ7cTknThkQKyoeRC0rZ2-NoQeReQsB3862BW7IwDL9VCarr8jR8IvLwbdCBLCn1CuGf_TuURoZUUCHHXTnYq47pqDmmFUIc0l4iIAB6Ctc66HYgIKyY6pqywBCHN8eBE4qghr8xc53DlB-au8JpOn-XC2I4P7Mxt3ep9LhIAlZ7gl26nJkTT8PEvLoJFg7eTm91m0c3H2Bl2VAmIjXSMf3Q7vSbLUtzQCkuMJeUDNwMOx3mKvGSsF466y&cid=CAASKORoSSkCwvX4fYXMs-vq0XNQjonop7yLOwQVwKH5J4aXD3qDpigxNjwgDQ&rfl=1%2Chttps%253A%252F%252Fwww.habsetlnh.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 13:13:41 GMT
sd
us-u.openx.net/w/1.0/ Frame E921
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI25Cd8ajU9LdOphtpWlj8k&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI25Cd8ajU9LdOphtpWlj8k&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsY1-iYzgEwAQ&v=APEucNUZE2RcDKCt4EbaWyUUPkXifttdkBNFOuPJvGnvIuc5GdbNQwOZU-pJM4ThshI4ADYK8r_kZW9tPt7pEQs2npFkdXTBZrIxRBJmKJtAQqAlyFFQ_A4
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI25Cd8ajU9LdOphtpWlj8k&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E921
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQ5ZDdiYzEtMTNiZC02ODc1LTQ5ODYtODc2ZDBjOWZjOWQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQ5ZDdiYzEtMTNiZC02ODc1LTQ5ODYtODc2ZDBjOWZjOWQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsY1-iYzgEwAQ&v=APEucNUZE2RcDKCt4EbaWyUUPkXifttdkBNFOuPJvGnvIuc5GdbNQwOZU-pJM4ThshI4ADYK8r_kZW9tPt7pEQs2npFkdXTBZrIxRBJmKJtAQqAlyFFQ_A4
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQ5ZDdiYzEtMTNiZC02ODc1LTQ5ODYtODc2ZDBjOWZjOWQx
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame E921
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEEqQrQQYjt3acIopSwJ6A3k&google_cver=1&gdpr=0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEqQrQQYjt3acIopSwJ6A3k&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsY1-iYzgEwAQ&v=APEucNUZE2RcDKCt4EbaWyUUPkXifttdkBNFOuPJvGnvIuc5GdbNQwOZU-pJM4ThshI4ADYK8r_kZW9tPt7pEQs2npFkdXTBZrIxRBJmKJtAQqAlyFFQ_A4
Protocol
H2
Server
23.64.61.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 15 Sep 2022 13:26:48 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEqQrQQYjt3acIopSwJ6A3k&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E921
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZiOTYzZGItMGI1ZC00MTA0LWEzZTgtNGNlNzZmNzA5MTlk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZiOTYzZGItMGI1ZC00MTA0LWEzZTgtNGNlNzZmNzA5MTlk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTVDhDxwUsY1-iYzgEwAQ&v=APEucNUZE2RcDKCt4EbaWyUUPkXifttdkBNFOuPJvGnvIuc5GdbNQwOZU-pJM4ThshI4ADYK8r_kZW9tPt7pEQs2npFkdXTBZrIxRBJmKJtAQqAlyFFQ_A4
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:47 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZiOTYzZGItMGI1ZC00MTA0LWEzZTgtNGNlNzZmNzA5MTlk
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 15 Sep 2022 13:26:47 GMT
redir.html
p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 02A4 		247 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
5347ddde7cdbd94e508d7218a425ab363c14c7a3a64bbeec76e2f19ee470a892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
205
content-security-policy-report-only
script-src 'nonce-9ff3iwpH1MImDAuqU7_UmQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/15557356539074672166/assets/css/ Frame CD07 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25f4824d5784c2c314d92b8591ca1e93a94ad3d46d0e68a1860c577cd72b98ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57470
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1588
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
gsap_3.1.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CD07 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22938
x-xss-protection
0
last-modified
Fri, 24 Jan 2020 21:59:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 13:26:47 GMT
base.js
s0.2mdn.net/sadbundle/15557356539074672166/assets/js/ Frame CD07 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/js/base.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e013c8290ebe66181ac095ef84c2151a173940e533369a7ba380ff51c04c2c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57470
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1213
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
custom.js
s0.2mdn.net/sadbundle/15557356539074672166/assets/js/ Frame CD07 		4 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/js/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab2860c033f0f457e5ff4032b11178caa6cad46820638b02e74a00d2b396d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57470
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
970
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
image-1.jpg
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/image-1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d16f2bbea39994859fa54d17a88c391b2a13b943dc4b926b5e811689ac5071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24426
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
image-2.jpg
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/image-2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4b79867696184dd2276109e4ba992a9ee4c97d1a0997435a84ae2d78a62ab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24855
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
image-3.jpg
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/image-3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cd3ea20381ea712ae11c7cec7343245613ba6cd2012f65883e67afe2016f8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20824
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
w-box.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		131 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/w-box.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cfaffe6268ae0e32f1c71d3d9cf9b884515938bd5ae391311d8e1b2a0e3edcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
text-1.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/text-1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e03035343cbdbf4fffab60aa1c37c4a557f629991cfacef1411bfdaf69d55d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2654
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
text-2.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/text-2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad7c9fcfbfaf3bf12c5568933f347356dcdea02f31d4aa43ca1f3e9fd397a5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2421
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
text-3.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/text-3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e27a9c38a67428de2d8655ef8208b1819a87b772436d6a62c761b6333ff9123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1585
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
text-4.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/text-4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
759b65ab18937d8442b1d767e315ca72a991998ae587417d7d605fb1bc2e47b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2225
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
text-5.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/text-5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aad0eeeae898e496f03907a80491b4b49930aca3c755b32790a92bd188a0385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7556
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
cta.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31157713c9a72d6bf7453b5b7ace43e14c59dd9bbd285f542095f9e6e302ddde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1588
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
teams-logo.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/teams-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76288850654418d3f032a1fa948bf74ea1e4dce71954ba045aab60af90853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2246
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
box-1.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		422 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/box-1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7c9b434ab3346615b63b786354a7c59b14fca4be11ab3e86bb7a3b3b25d0f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
422
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
box-2.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		367 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/box-2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b434300daf02cb34b52cf91924ca6d59fbf52eed24b088d1bde91a50fac9958b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
logo.png
s0.2mdn.net/sadbundle/15557356539074672166/assets/img/ Frame CD07 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15557356539074672166/assets/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42cf4f3baec553a35753bacca49d494306f09b9601577f8be61735f48bbe126e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15557356539074672166/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:28:57 GMT
x-content-type-options
nosniff
age
57471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3080
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:28:57 GMT
visit.js
tps.doubleverify.com/ Frame 40BB 		724 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=276&ttfrms=39&brid=3&brver=105.0.5195.125&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D923D6E%3D%3F9%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D923D6E%3D%3F9%5D4%40%3ETar9EEADTbpTauTaud3aha6c4ef6b7f2d%60%60b765a4heccc73h%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=390&ddur=250&uid=1663248407824589&jsCallback=dvCallback_1663248407824949&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=3068&tgjsver=3068&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&sdf=2&dvp_epl=227&noc=4&nav_pltfrm=Win32&ctx=20988482&cmp=27005557&sid=5249096&plc=324390916&crt=174213886&btreg=516482151&btadsrv=doubleclick&adsrv=1&advid=8574097&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=1961384166.397531&dvp_tukv=403564439.1768636&dvp_uuid=1082695414.1017983&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1566835288117
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3068.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
3fc155ea5334f82232a20057dad5f44fb5b7256c8d2a4c4ab6908637f2311058

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:48 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
close
Expires
09/14/2022 13:26:48
FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
pagead2.googlesyndication.com/bg/ Frame CE15 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16022
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 20:26:28 GMT
pixel.gif
px.moatads.com/ Frame 3EBD 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=OMD_CA_ROGERS_DCM1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408057&de=137851824427&m=0&ar=5aeef158bee-clean&iw=c0e1c72&q=2&cb=0&ym=0&cu=1663248408057&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=28097193%3A1922130%3A339756212%3A175204273&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&bo=habsetlnh.com&bd=habsetlnh.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=omdcarogersdcm798933297651&fd=1&it=500&ti=0&ih=2&pe=0%3A625%3A625%3A0%3A653&fs=200157&na=161306174&cs=0
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:48 GMT
main.19.8.351.js
static.adsafeprotected.com/ Frame 0620 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.351.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1116018/64712426/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
575986ceb03b41a80e51883a5ed8747fe2e71d2dabae1cf0741f4ae4d4049ed6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:23:44 GMT
content-encoding
gzip
age
244984
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Sep 2022 15:31:10 GMT
server
AmazonS3
etag
W/"0df365965004cd53d828c594d1347e57"
vary
Accept-Encoding
x-amz-version-id
tWQXZ1XKiON.B_hqWYolQkDu8mdZui5t
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
i9u4V5WSq1d0FJypGxNYuwYFRADyJue6byPBMjq1gVswjh5KJOK2_Q==
csi
csi.gstatic.com/ Frame E1C6 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8335ns3&c=4380402208467&slotId=2190201104233.5&qqid=CPKc4pPzlvoCFS0OTwgd8CcDSw&gqid=FigjY_zAOs6JvPIP9M2IkAc&fb=ima_html5-lima&sdkv=h.3.530.1&ppt=stnvideo%2Fplayer&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&ghmsh_eids=44748969%2C44754420%2C44760950%2C44765701&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:808::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame E1C6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BVBDBFigjY6_aPK2cvPIP8M-M2AT9gc7tRQAAABABING9tz04AVi6lNfKgwRg_eiigfADsgERd3d3LmhhYnNldGxuaC5jb226AQs0ODB4MjcwX3htbMgBBdoBGmh0dHBzOi8vd3d3LmhhYnNldGxuaC5jb20vmAKSXMACAuACAOoCGy85MjA1NjI4MS9oYWJzZXRsbmgtcHJlbWl1bfgC8tEekAPgA5gDjAaoAwHgBAHSBQYQ05L0pBKQBgGgBiSoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQNgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=vbL9DX7qDqA&label=video_ad_loaded&sdkv=h.3.530.1&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E1C6 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuknF094jfCVv_J9HTrZOY7_U4wY70aLA0IQRFGD9nQZq6JrMcpbzWc8Q5NFyD_-6yicvZybY4XXxm9sz4PwC55g3TY6nu46PjyI-kltjch_mIPLrJ29JMhm3r4aHryAAl_OEk572GGmVbbNVFFUFAE3N7PK6bQLJHy9j3YmuAiV4WYg-ZwKKidL4JrZTEhYfImITZI2iVoiokNC8X38noUKdpelJrt5per7gDoht8jnRvunX6ng0Q4PpCPlPKH0LMxtRAwVebbmdv1-4NFv5qcgG5Le6uA79p7DOxIIH10qdGz5sGo1Ujrr8Ym7agc6m2zOImucOGC6cWdy7M&sai=AMfl-YQHPHr2FiNpMCXTCOTkPawuw-tqpbPGGm7IV_euvD2hAN25vUu4LoyHVsJSZ-Hj667iOm89FUIMuAYswqNFOtRO-tzheiBr9pMJhWuP9rt_Xktvj0QLP2MKewW_MBA&sig=Cg0ArKJSzAsr14IVCOZBEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.530.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjQ5MDkyMzg2MTEyDDEzODQwMDg3NzExNEDqAQpMCAESE3ZpZC5zcHJpbmdzZXJ2ZS5jb20aCVZQQUlESU1BMyADKgRJTUEzQNAEUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
iframe.html
p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 02A4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
ef1864ec78cdc6903a62729f6152b94d4c9bec2d5f75eb30a1a58a42a168e23e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1861
content-security-policy-report-only
script-src 'nonce-9vgv0NLZFSWV-gZDrNXDHw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 54AB 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
549e28e64c1d1e321e414a292d06e623dcb9fc9e22c966969207d30c760ba955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20232
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 18:09:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Thu, 15 Sep 2022 13:30:51 GMT
FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
pagead2.googlesyndication.com/bg/ Frame 57F8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16022
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 20:26:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0620 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 16:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 16:41:18 GMT
truncated
/ Frame 0620 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c8f215d4ea3ece9d1e130aecd05bb15745133dd6a23696170b12f82fcf0de4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
moatad.js
z.moatads.com/omdcarogersdcm798933297651/ Frame 0620 		304 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/omdcarogersdcm798933297651/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
292a139b34207ca11c7ab77e42fe0135ee01f52fa07b631fcf99a70a4788dd4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:48 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:23:34 GMT
server
AmazonS3
x-amz-request-id
RYKRXT170SJHF9N0
etag
"66d91b67efe006b8b27323df8e4d2d03"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31491
accept-ranges
bytes
content-length
106091
x-amz-id-2
nmdVTrfoB/8p0MpIDMNKuWkYeqjkqNaGZxNd27QSG4fFQzkXWDJraccNpERAGGtK1dPx7V8gS5w=
index.html
s0.2mdn.net/sadbundle/9157592161976981131/ Frame 1534 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50827d139d8c7d47208f4131c3b9107d2e02d9c654dab712a3c4d1010f95f4ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
57040
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2172
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 21:36:08 GMT
expires
Thu, 14 Sep 2023 21:36:08 GMT
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0620 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz1Fu1_IJzCksjEEBbwmHWQCXU3x1znlXct_RE64bAMWzTRuL7Z8BpXOA1d4-eaFX80B0M0qA2LiOQ2iIX5QsqwrynFkVwjP8LtcwIa1ZTZ1E7MPxd6A6RAQ02AmUe2JusO-txEC0iIxhFihslZpE0z70js-XUqdfXDEiibBJ5JJzfWQMSxqm2QZrlBlYmiTXKaVO9qgw4N50SbSG_293hDaRGA8oWiI-6muF7-RCkUw66Rv9nKDUuO2YFrABLDK-aovs3xbyL5WbUzsFPShdpEqpLcgFs2Uuz4uMZLvYLfnmK3PADKNLvkglW_tva24QXtLdB4N2O9ScJUt5SkKZAAVIN1AvBzVPhzkyyfbWP-u6A8uZA6LuSnOlxrgBQ8IDH-tiipFfya9_Q0bIC9DVCtQ2hQknLMSj31ya5pRoCMtj-6OXXknwEncdgjWGddr27VXp1mdNKjDsyNgTcZMZ6YP_LNCF6nu8jSN7wyGC_KabgBQm6CsBvZf3LFq_UneLXVu_EpM-8b-cWki5c-q1CAJEZbwXLGlbnECIgUWqkFwwu70gvkvhCnGTV9JKSn6ErU0xvco9pPRvbTTBorv4zux1MC_WbBACb_sLNZo1pTwJunt3hnsGfOJcd5QMBq8sWVKb671aUHeyRpswC-HuLiKr-rwsn3WlEhX6DRzm2LyMEIQqFAHyK6lbzn2lAcEw4Hphk0ec77MWL0SAFF8qn7UXI0KUMLoO6ae2RjBiJWZGXSuPgvcPwBTs_2Yx9MSIgx4X_c4cTGzAykebuefUf_HUWdZgMQ28NuIKTB0p2xR_dgEAgitcxeneL7IIp4b4mnT8_kW4kT7z5TW8VssOYZC7PoWCGGTGAsnTQpxlUJzfqsd_67zW515wWMzRxsOWWAOSoZv8NXnGORa6EnnmyFwlYk8td7Nxavp5f3IxJJ1yF_nmMQduB6ma7fCdY1OxzLVnuyLV4D7mwNQ7tTKDb3IFiuElMBsCrCg-gSyVMj6MIOJs_WhlbTGHDA39pAzG_lx2xacIRHYcrzlRqVBkkTQnzfPu5GcfgkvGSGOngRfzp_m6KVzO8_JTL-W_vrlpOr5u4hUpj87-dp2xrR1auF0oPrO3j-neVshsVsmhHZo0wdEBvpx-Sf8Sag8sIU9WU3XO9YH8juq08SQ46Q2-71KkgWgqkjsJwv6VhxMp01Q2b6vw9SKZOzLUMVJU5qn2Z5Ln-nOGlmUh73hPmjIs&sai=AMfl-YQge1xnvTr5JAFiRqq9HlzzoHSsyecI8-c8Ibj_0FOEkPqaBc783iqJuvLIqgxgLNbvXNCe8dOTWYj4DqvxpYRHiqsmegtQ8dkGhUzV9xr72F7hF08jxlAYpoZF0Pex4cz4LKFBuc5eyc87Z1KkNIjk4f1QWfb9ST2N3FJjIWXjVEsQ68-iTNWQjkAcnBmpRHRmo9s3zpgw4x2d5vSa8g6aCyODUcu47q8k_w&sig=Cg0ArKJSzHQyB4uF7JtbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=686&cbvp=1&cstd=680&cisv=r20220914.09825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 15 Sep 2022 13:26:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
skeleton.js
static.adsafeprotected.com/ Frame 3EBD
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1116018/64712417/skeleton.js?adsafe_url=https%3A%2F%2Fwww.habsetlnh.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b292e4c67e3f7a5113fed2c96444fb9.safeframe.go...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:21dd:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 07:06:44 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
age
2960405
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tj-Lj2BKiPr5ozkHGfBXF0Ouw_1gHlZ-lnUbOxXKlztfj3PttlddNQ==

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
x-server-name
app01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 3429 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 06:50:21 GMT
content-encoding
gzip
age
7972588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
vut4OTyFjf3Vf8NQzLBxIIaqv7QYEkM3s3u-AuxoivPVisdUG_aCtg==
activeview
pagead2.googlesyndication.com/pcs/ Frame BA88 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7rR-9S6y3lxIGIn1KytIpI-g_ZA9nt5I3iKVN1IV2sy3l1It78hkTwdyA3QPLb19HKUmd2OGRJdHy08fho35x4bxdo2Ru7gcdnI7-JXnnxkN2Mi4Q8VFaHI3TKizzjWJJftyf&sai=AMfl-YQQCYm_LAM_jEYa34t6vUw5OFguLZgVkjDkeoY2uvWYHaURBwcAO4oJDLvJk9j7nsfxb7Wtpips8hSfspbvDIcnXeiycUBNDdIhCo5n5vsJsmLbzGX5Adi0Rz2MnSI&sig=Cg0ArKJSzL2jm3PMIC4bEAE&cid=CAASJ-RopU7t-Yg5B25oS3QmCbb9svfcazk-lPmddUc6oT9YnIqffohzQg&id=lidar2&mcvt=1106&p=440,1100,1040,1400&mtos=1106,1106,1106,1106,1106&tos=1106,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1680508225&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663248406727&rpt=615&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3EBD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=c2985b44-5117-8fb6-82d9-e8b29f4ce391&tv=%7Bc:oi0c5W,pingTime:-3,time:891,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:814%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:891,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:814,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19*.1116018-64712417%7C191%7C192%7C193%7C1a11%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:0,renddet:na,siq:816%7D&br=c
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 3EBD 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=c2985b44-5117-8fb6-82d9-e8b29f4ce391&tv=%7Bc:oi0c5Y,pingTime:-6,time:893,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:893,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:814,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19*.1116018-64712417%7C191%7C192%7C193%7C1a11%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:0,renddet:na,siq:816%7D&tpiLookup=ao:www.habsetlnh.com*&br=c
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel.gif
px.moatads.com/ Frame 3EBD 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F15557356539074672166%2Findex.html&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-JJ0pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408057&de=137851824427&cu=1663248408057&m=134&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A625%3A625%3A0%3A653&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=105&cd=0&ah=105&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28097193%3A1922130%3A339756212%3A175204273&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=446673448&cs=0
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3EBD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3di684490PDR-DI2gbLdz8UOU8tzJK_53dCtQRfKsjXFFhEoJuTHJhXr8VeBxSRwZlwVplyg2N-tYW8KWm7Q_WqJ3P2u0SFPa8nrCYFkehXK8SHfPp9DbY2uaQZfugQyuaTuV0DxR3xd-0XkYVyfj9qm7XF3llp2VDe9j-X7LpGiWXMQvap1tbK4dCCmWB3WhzW5WDukLUv3WAs2ziF5FOJljvuRA5ZFwlOyvmTaM6gELEIMjWxDslOcmi7rDD_DkMJDN8TtOAmluX2bM6KUeTvH0zLxuOurHZFs0xhQR-Ggu88g7PO3BINGn7yLOhH1skiqjJZeBEXemDjbBf8nvACIBSPX8_g7OmHX4xTx2DpZDVVB2d2lJXbsvBfCeHcSj5n7pw2Um8qJduVC2TnqSvLKcLSTg8gyZ9eKTpvWhAhL6I6DjfUdqXs5jmJz39vLiZYarczjuZSd9SflRzGmKy3m5IkPq9BQQaFs3CSdaI604sVDbiLkU5oU3S0BtyEqdcVwF9fa-GcfgReFux7TQuBL-ImCO3ysh7Ng0q4OGQzlsbea1m2c9cfibKlwNjWIq_wGm2fJeqojiUh0ZfPpDRa6cPaDtY9wMIX7YT6YCpBnY-fxJHMuohVilVMh1l3_4kvyqVyntrNK3zOsUx2gTz4Fq52lnM8FVLyWRqEBjt5zfvv6wUeV69GmYiAkv6-97xFXXnrM5reip7ngdUsaANysju8Kr0WVSmLKFhj93tiD2fc8PmfX3NXaimYQKyaQn4g2oZSuFouNed0bhKGuE6pnpjqIOBzcJd5OaqiRTYQOpmG-poHDahpMV5XyyNeqBL6J140ym6wlxS9L0s-s-8JA3jEEMSmvn2Pn_Ou4F45pNz_FzzHLYYlouei_JKxLwsBGBxocHeHFdcIsln2A0_nO3J7EBS9Dzw_9llefb9VkyEbGGzuwdBohNlNyoxjXXwGeRhx3M-iQ5IFqaChHxNzCRjZ-10qDkjjpVM4Sa48_rvV5xC3olzFII5vwtnu3alwvcyhKInYkeHH7OOHqPCEZD4VhpujoRJO2zv3Sepzfx07sWiTLJihQuENm2IJ8JC7vKADqh5v2bNb6I7fm5eoxJlVm2mgKuIdJC93--7HHFQjh4ho3snBpsnvsR5o4LT1jkMsZ0UpB1c4KjX-z_7RQVFsvuV4N0yqzzRlV0oT6yzK3B8HnPC5J3hI_fkRPGVJE&sai=AMfl-YQzwxgP63puz9JPxDBvhLIVitv8YG6jInZ3V40FxiShoHEHs7GjNDtIO8AwD0sL1Gvlblgr8M3Xz2MPHoPAQIbuYDCbgwJYvfTHPXPjP4AptXM3Wk6N-F-Fq3iHf7ZpEcq5zZQb6wrjCB9mP823rXEZMiCUaxA_7Pi2iLJBsGqDvU668kl5FSWSIYho7NTudbULQ9odE8ngGac06Bird6SOD0Ho_uskfg&sig=Cg0ArKJSzG29QdfTqQ4EEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1255&vt=11&dtpt=920&dett=3&cstd=331&cisv=r20220912.62219&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 3EBD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=c2985b44-5117-8fb6-82d9-e8b29f4ce391&tv=%7Bc:oi0c6B,pingTime:-2,time:932,type:a,im:%7Bsf:0,pci:%7Btdr:93%7D,pom:1,prf:%7BbdA:334,bdZ:504,beA:697,beZ:699,mfA:1481,cmA:1483,inA:1483,inZ:1491,prA:1491,prZ:1506,si:1513,poA:1514,poZ:1533,cmZ:1534,mfZ:1534,loA:1590,loZ:1593,ltA:1629,ltZ:1629,mdA:700,mdZ:873%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:814%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:932,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:814,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B143~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19*.1116018-64712417%7C191%7C192%7C193%7C1a11%7C1b1%7C1b2,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:816,sinceFw:114,readyFired:true%7D&br=c
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:48 GMT
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AB8B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
144910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 21:11:38 GMT
expires
Wed, 13 Sep 2023 21:11:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/9157592161976981131/assets/css/ Frame 1534 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25f4824d5784c2c314d92b8591ca1e93a94ad3d46d0e68a1860c577cd72b98ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1588
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
gsap_3.1.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1534 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22938
x-xss-protection
0
last-modified
Fri, 24 Jan 2020 21:59:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 13:26:48 GMT
base.js
s0.2mdn.net/sadbundle/9157592161976981131/assets/js/ Frame 1534 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/js/base.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e013c8290ebe66181ac095ef84c2151a173940e533369a7ba380ff51c04c2c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1213
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:37:14 GMT
custom.js
s0.2mdn.net/sadbundle/9157592161976981131/assets/js/ Frame 1534 		4 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/js/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae6bb9a268fd7ece7b420b2d3d536b757b922938ad06cccd7db8b6c3b96b1d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
915
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
w-box.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/w-box.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63fc851d371fc2fb2cb7cd639aa62752002480410575bfe9205c1310f71a5f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4847
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
image-1.jpg
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/image-1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
734c2c181323497c38e063605758d4384e32cfc13a364678d2323d48f912259e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61108
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
image-2.jpg
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/image-2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d597f8defd71ebde92744ed40af4563dddf664bab0c2a943b97ea6b3fca1f265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54604
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
image-3.jpg
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/image-3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e24f9cce92238ffc2ab52a92165e6e7373a4310121a4f7bfd764a29328bd34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:37:14 GMT
x-content-type-options
nosniff
age
56975
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60192
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:37:14 GMT
text-1.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/text-1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60b5170976c0df36dbd741823229125b56793cc6d10dcbd9ae23a5af8d20300e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5447
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
text-2.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/text-2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1897d6396c7d02ab61ceac318bd94cb92cab0fcc62e8c42ea4c92e76a982289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4538
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
text-3.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/text-3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147da6236bfe7c8d6a0a325b0c619126dcd22ee556e4f6451623734903e1a9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3213
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
text-4.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/text-4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3422698e0da3f1ece97d5e37a02a68faf43517c96260cdbda8da65d98f088bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4633
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
text-5.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/text-5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73ee8c9b9cd3c341e534d688ef0560c8469a8b953559866bbdf212b46e2b7fd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13596
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
cta.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
358a90c69fbbbd00f791dfbcbc2eca80f4c0c854cdb65ca09003860af59ac05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 04:36:06 GMT
x-content-type-options
nosniff
age
204643
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2714
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 04:36:06 GMT
teams-logo.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/teams-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
810f928c2db8b68d6c2128242c9602e7f57bab503fd44d23cff972ba2035f30f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:37:14 GMT
x-content-type-options
nosniff
age
56975
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4179
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:37:14 GMT
box-2.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		665 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/box-2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa085e867ce6bf867d6cd75836c6496398fa0687e0f850bd0edc9d8d7d67e9d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:36:08 GMT
x-content-type-options
nosniff
age
57041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:36:08 GMT
logo.png
s0.2mdn.net/sadbundle/9157592161976981131/assets/img/ Frame 1534 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9157592161976981131/assets/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f04405d60af379d444bece0e25ef586a1c8fdc5d0245c8c6ed11002dbf3242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9157592161976981131/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:37:14 GMT
x-content-type-options
nosniff
age
56975
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7085
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 21:05:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 21:37:14 GMT
adframe.
fundingchoicesmessages.google.com/f/AGSKWxXjqKYOgGeq6UyPh4Sj3Uzd9Jrfz_J9AwKjPysgJXkqE7ILRgZDu3pXmH5o3Je6TWqRPx1dr-M7NUkXwzYRVM4RehrkOoWNY_s2lIb42n2qFOUkWX_sXkz74dMapuFpWQqYw_jFmGP1zmM1IxYb_KPMgeVsR... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXjqKYOgGeq6UyPh4Sj3Uzd9Jrfz_J9AwKjPysgJXkqE7ILRgZDu3pXmH5o3Je6TWqRPx1dr-M7NUkXwzYRVM4RehrkOoWNY_s2lIb42n2qFOUkWX_sXkz74dMapuFpWQqYw_jFmGP1zmM1IxYb_KPMgeVsREJddGfscqdd_wYr_bdgzu8ke81VrLfM/__rightad1./ads/writecapture./ad_premium./728x90banner./adframe.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33af52e013b730f44078b1b83f51b4bd62f546dfff43ceb6d2b436e598da56fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E5uBPzkZJqTWRZMis4tMyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-E5uBPzkZJqTWRZMis4tMyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:26:48 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		150 B
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40b236f82ab80f86a107f3f515f08efd59e273ef9120c58ef6f1f92c5a59676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149
x-xss-protection
0
server
cafe
etag
8503686451332090603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 14:08:08 GMT
AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P0KqRwAPb27SF5MOmIWF5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Sep 2022 13:26:48 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://www.habsetlnh.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-P0KqRwAPb27SF5MOmIWF5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=OMD_CA_ROGERS_DCM1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&m=0&ar=5aeef158bee-clean&iw=c0e1c72&q=2&cb=0&ym=0&cu=1663248408765&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=28097193%3A1922130%3A339893382%3A175322621&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&bo=habsetlnh.com&bd=habsetlnh.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=omdcarogersdcm798933297651&fd=1&it=500&ti=0&ih=2&pe=0%3A1195%3A1195%3A0%3A1261&fs=200157&na=531798832&cs=0
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:49 GMT
skeleton.js
static.adsafeprotected.com/ Frame 0620
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1116018/64712426/skeleton.js?adsafe_url=https%3A%2F%2Fwww.habsetlnh.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b292e4c67e3f7a5113fed2c96444fb9.safeframe.go...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:21dd:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 07:06:44 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
age
2960406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
_07P4y4B6DJm51wVDZFGxXfmcWQD82u-sWUfmz7m8opfnmULLHUoeA==

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-server-name
app07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame F725 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 06:50:21 GMT
content-encoding
gzip
age
7972589
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
mgGMigwN0oROkRIw7Y7iXZYl5mFS6f0WP4KKPueOwDbV8HnoAYzhaQ==
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0cez,pingTime:-8,time:844,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:844,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thvCON5+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:844%7D&br=c
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame FD87 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 54AB 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/215787434/SendToNews/ROS_EN%26description_url%3D%7B%7BENCODED_URL%7D%7D%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp&correlator=1663248407724
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d33a7f9d4972317a05847a5e36531786936530ea5538df5cb4df1c294221901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16258
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 18:09:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Thu, 15 Sep 2022 13:41:49 GMT
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0cgY,pingTime:-3,time:993,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:843%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:993,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thvCON5+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:844%7D&br=c
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0cgZ,pingTime:-6,time:994,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:994,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B171~0%5D,as:%5B171~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thvCON5+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:844%7D&tpiLookup=ao:www.habsetlnh.com*&br=c
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F9157592161976981131%2Findex.html&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-gMqQnTcST%2BDrDg%3D%3D&sc=1&os=1-qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&cu=1663248408765&m=246&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A1195%3A1195%3A0%3A1261&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=214&cd=0&ah=214&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28097193%3A1922130%3A339893382%3A175322621&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=1656552265&cs=0
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:49 GMT
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0chW,pingTime:-2,time:1053,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:483,bdZ:516,beA:995,beZ:1002,mfA:1816,cmA:1817,inA:1817,inZ:1819,prA:1819,prZ:1828,si:1839,poA:1840,poZ:1854,cmZ:1854,mfZ:1854,loA:1989,loZ:1992,ltA:2048,ltZ:2048,mdA:1003,mdZ:1054%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:843%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1053,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B230~0%5D,as:%5B230~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19.1116018-64712417%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:844,sinceFw:208,readyFired:true%7D&br=c
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X_pF9ROFWyTM6Hqo8t-FRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.habsetlnh.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-X_pF9ROFWyTM6Hqo8t-FRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3EBD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=c2985b44-5117-8fb6-82d9-e8b29f4ce391&tv=%7Bc:oi0ckf,pingTime:-10,time:1778,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663248409399%7C%7C05c669eecbd9337fa98442c4a801a622%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cc7a41ed843369e8ca059f08b18287491%7C%7Cf6102d58fe43f2898e85762875757fb9%7C%7C4b3b74322bbe09589c8d86e0af8e9c6e%7C%7Ce15d2e7e7d5c13227b71cd6883a3e882%7C%7C2efd3abc41f4c4f16aca78e338774fbd%7C%7C1629390669,im:%7Bimprf:%7Bttecl:1912,ecd:229,tsecr:503%7D%7D,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D%7D
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
pagead2.googlesyndication.com/bg/ Frame 6730 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16022
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 20:26:28 GMT
FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
pagead2.googlesyndication.com/bg/ Frame AB8B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16022
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 20:26:28 GMT
AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Yx3xtGpaILGog3Y-tDMKDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.habsetlnh.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Yx3xtGpaILGog3Y-tDMKDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmN-PGd0HzXttOC-JdgFIkiIo78QLfuQ7dTPW_i2hBKCb0Clp6mdaOAEDlTbriJKTeXl5kyMTgvPPZinsssyp5o3NJaEqfgeNvWjPiiqiYMGwuFhGEcSR3oec0Eywjl8bOrKm8AA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Reyo-IssOYKQz9Cv7AChZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.habsetlnh.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-Reyo-IssOYKQz9Cv7AChZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHQKaB1PNg5oZNa1dRSf0IQ1hBjWYozEItk4RjnXmA5DR-XThOUtSTM16-kQ2EbMfG6rQHpBkiACng_AxcD3Uk8o0UzoKpRpLFevDkB4r0-cVTr7z3n9YB3BJ-lfFIQfvhiYuhgg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUHQKaB1PNg5oZNa1dRSf0IQ1hBjWYozEItk4RjnXmA5DR-XThOUtSTM16-kQ2EbMfG6rQHpBkiACng_AxcD3Uk8o0UzoKpRpLFevDkB4r0-cVTr7z3n9YB3BJ-lfFIQfvhiYuhgg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzMjQ4NDA5LDQ1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaGFic2V0bG5oLmNvbS8iLG51bGwsW1s4LCJLZ2JqVUNEN3VudyJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa496303b2d63742ec1576d59b62361ae55b6171de120cca9b818f4e19f77014
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4JrHpM-V-NDitCe__kJiaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4JrHpM-V-NDitCe__kJiaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:26:49 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0620 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvl3HKXXpdFTXI40Z6dKOlGojcGLwyrUTfgTwo4MngxOz18kJRnshX0OEKLoSLb7DkERUjChUF669Gg90pm9Pi4oq0dgn4Nxzg8fOZQhad5e18WvUFbmt1z0sW_0_OJZvraJ3fm&sai=AMfl-YRq5TlJ5lLDUJK0Ja7RJmwFw_fypgNrZiMwRx85KKGbCiMSIAX_v2jTuN1bl3BdJtptxGeAd8_9bHkrhANKSi7eV96OXctd_TXrfJ9FuFcp-gyHL4pZQsiGaLAQQRc3&sig=Cg0ArKJSzEsDyv2dnQrIEAE&cid=CAASKORoSSkCwvX4fYXMs-vq0XNQjonop7yLOwQVwKH5J4aXD3qDpigxNjwgDQ&id=lidar2&mcvt=1077&p=73,315,323,1285&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1435367635&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663248407208&rpt=1161&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-gMqQnTcST%2BDrDg%3D%3D&sc=1&os=1-qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&cu=1663248408765&m=411&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1195%3A1195%3A0%3A1261&aa=0&ad=89&cn=0&gk=89&gl=0&ik=89&ic=89&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=214&cd=214&ah=214&am=214&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28097193%3A1922130%3A339893382%3A175322621&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=2122910994&cs=0
Requested by
Host: 5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
URL: https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:49 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 54AB 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/215787434/SendToNews/ROS_EN%26description_url%3D%7B%7BENCODED_URL%7D%7D%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp&correlator=1663248407724
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90a1b56a6a1338b2615b9bdf2875b21dcbf0f5f16b03205c4452c9a2d67fc2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128594
x-xss-protection
0
expires
Thu, 15 Sep 2022 13:26:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.9017877401312933&wt=1663248409480&sdkv=h.3.530.1&xai=undefined&url=1,https%3A%2F%2Fwww.habsetlnh.com%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/215787434/SendToNews/ROS_EN%26description_url%3D%7B%7BENCODED_URL%7D%7D%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp&correlator=1663248407724
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0620 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz1Fu1_IJzCksjEEBbwmHWQCXU3x1znlXct_RE64bAMWzTRuL7Z8BpXOA1d4-eaFX80B0M0qA2LiOQ2iIX5QsqwrynFkVwjP8LtcwIa1ZTZ1E7MPxd6A6RAQ02AmUe2JusO-txEC0iIxhFihslZpE0z70js-XUqdfXDEiibBJ5JJzfWQMSxqm2QZrlBlYmiTXKaVO9qgw4N50SbSG_293hDaRGA8oWiI-6muF7-RCkUw66Rv9nKDUuO2YFrABLDK-aovs3xbyL5WbUzsFPShdpEqpLcgFs2Uuz4uMZLvYLfnmK3PADKNLvkglW_tva24QXtLdB4N2O9ScJUt5SkKZAAVIN1AvBzVPhzkyyfbWP-u6A8uZA6LuSnOlxrgBQ8IDH-tiipFfya9_Q0bIC9DVCtQ2hQknLMSj31ya5pRoCMtj-6OXXknwEncdgjWGddr27VXp1mdNKjDsyNgTcZMZ6YP_LNCF6nu8jSN7wyGC_KabgBQm6CsBvZf3LFq_UneLXVu_EpM-8b-cWki5c-q1CAJEZbwXLGlbnECIgUWqkFwwu70gvkvhCnGTV9JKSn6ErU0xvco9pPRvbTTBorv4zux1MC_WbBACb_sLNZo1pTwJunt3hnsGfOJcd5QMBq8sWVKb671aUHeyRpswC-HuLiKr-rwsn3WlEhX6DRzm2LyMEIQqFAHyK6lbzn2lAcEw4Hphk0ec77MWL0SAFF8qn7UXI0KUMLoO6ae2RjBiJWZGXSuPgvcPwBTs_2Yx9MSIgx4X_c4cTGzAykebuefUf_HUWdZgMQ28NuIKTB0p2xR_dgEAgitcxeneL7IIp4b4mnT8_kW4kT7z5TW8VssOYZC7PoWCGGTGAsnTQpxlUJzfqsd_67zW515wWMzRxsOWWAOSoZv8NXnGORa6EnnmyFwlYk8td7Nxavp5f3IxJJ1yF_nmMQduB6ma7fCdY1OxzLVnuyLV4D7mwNQ7tTKDb3IFiuElMBsCrCg-gSyVMj6MIOJs_WhlbTGHDA39pAzG_lx2xacIRHYcrzlRqVBkkTQnzfPu5GcfgkvGSGOngRfzp_m6KVzO8_JTL-W_vrlpOr5u4hUpj87-dp2xrR1auF0oPrO3j-neVshsVsmhHZo0wdEBvpx-Sf8Sag8sIU9WU3XO9YH8juq08SQ46Q2-71KkgWgqkjsJwv6VhxMp01Q2b6vw9SKZOzLUMVJU5qn2Z5Ln-nOGlmUh73hPmjIs&sai=AMfl-YQge1xnvTr5JAFiRqq9HlzzoHSsyecI8-c8Ibj_0FOEkPqaBc783iqJuvLIqgxgLNbvXNCe8dOTWYj4DqvxpYRHiqsmegtQ8dkGhUzV9xr72F7hF08jxlAYpoZF0Pex4cz4LKFBuc5eyc87Z1KkNIjk4f1QWfb9ST2N3FJjIWXjVEsQ68-iTNWQjkAcnBmpRHRmo9s3zpgw4x2d5vSa8g6aCyODUcu47q8k_w&sig=Cg0ArKJSzHQyB4uF7JtbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1791&vt=11&dtpt=1105&dett=3&cstd=680&cisv=r20220914.09825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
usync.html
eus.rubiconproject.com/ Frame BEC7 		281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 13:26:49 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE15 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVzDkFigjY9X1PLKZoPMP0LWm-A4AAAAAOAHgBAI&bg=!w8ClwITNAAbG3AOo5tw7ACkAdvg8WkXyS4lVqDodrcCOz6nKHKsKfkxyGJNi1a3I5SesC1eUJrzgzwIAAAPUUgAAAANoAQeZAz2m7DZtX6VgreQROtKLj_4CsZS_4xZaq0t7vovHdYHVxAGxmTCT3ft3uLLX38tqouHbFx6o1pnoE7kDyEhZCRSwQZFWJsijIU2tPsai7LnI4In9voYalK2etYk4RFrTejC5VCDX6eJiOddO2oDzL6CQp-twPbK2Xrt0yFOLgMq5QjGFIKeJ51iV6RBVf0BQEJvM5Cab_tKUbMYOj8EblDZqDJm7aqymtXtKNaACjreX9XZQFeJUU_ipiWEReU6saHo3UcojY7CP5nklLuj7u8kDCxYb7u0omcZn73nv7JFsO5F0FwcjdrMrUN9-6KToyNw4WGLTHThey4ZMNYm7g74yCRmc3jum7o0msZoofLrlhmJjpj241y07CeP2E4xHfdlIMyy5j-F8t4a7TzvvXIXi8QLNOF9q1CJok3vcr-K_LN0XhYMU__jbFX148TPFvjO-RGXj5BZDLbSu9oviFBa7i2phMaJ1CPJNGFkPF4Bqb8cmbXtaTcQ3kr6tLl48u6EDm8EVulz6wBvSEQUe3QdsnO-cCDdd6-j_CoEZAXYwovjIC87aXNim-TSsJ0McYqaZflYqSAJdk65-Mbe2nh-h9xHBSB1SeOPbxI9rmq3cQeHhslEowpHQdXYb3_xoSADWBWgVFXOi8VZJAA0bkzW_FqIiac6BJg-5ZhgA6uNGC09YhnVh5fOVGoS4RtzE4CKaUtCwemM6hU2eIRg7xEk0HG9HZefTBfk-WwNHnu8cM2y4NBvwV0ha8p6bkJMbUXktFbeOm08Eb16Yln3m68FQ1U2euCx9TOSqMZ-yXEoghoDD_Ob6X90d2gUHsyXc-YEJe4Y4t4eGkGUu1eezLFxpAiI75Muh11JBylkcDn1TY9n8lXYd2LaeIhNCKHD90QBu7OpI0NXp0Vz-5dQHmnPKOXocW4_c2xhO8tNHYPXVTGhrrS3bAOeI7CJWZtSHz-0S81Ika5SwednsFyNC2R6GMkoic1i87vOVLAVm9qMSbA1JAzUgPLZB-kSWvIlfi4PpprcB7S35Wte_0kNwAdTmdHjtHqy4eNtyBi3PJOGRAnAvI_lQpDVaAenuK0yJluWtyHRFPzr5-dS-viCN
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0cpX,pingTime:-10,time:1550,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663248409399%7C%7C05c669eecbd9337fa98442c4a801a622%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cc7a41ed843369e8ca059f08b18287491%7C%7Cf6102d58fe43f2898e85762875757fb9%7C%7C4b3b74322bbe09589c8d86e0af8e9c6e%7C%7Ce15d2e7e7d5c13227b71cd6883a3e882%7C%7C2efd3abc41f4c4f16aca78e338774fbd%7C%7C1629390669,im:%7Bpci:%7Btdr:456%7D,imprf:%7Bttecl:1826,ecd:248,tsecr:222%7D%7D,sca:%7Bspg:c2985b44-5117-8fb6-82d9-e8b29f4ce391%7D,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D%7D
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usync.js
eus.rubiconproject.com/ Frame BEC7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
23ac608aa544a4cebeae4cb056f4ccfd7e237194c0d15c9b913d8863a588ac4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 16:52:35 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=62490
content-type
text/html; charset=UTF-8
content-length
9453
expires
Fri, 16 Sep 2022 06:48:19 GMT
AGSKWxU2PMZ21vq6RrmQplvznAWvlPFHMjeYLsVG4Bs9tFzdNU4N133tG9z_cmg3pTeEM0_CmYqJKA4Y6UtUwYVJy-PRE2qBVrI4DqRPyXPAV0Q-AZNW6BFBeHWsntBK6o5V2iGaHWh4Hw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU2PMZ21vq6RrmQplvznAWvlPFHMjeYLsVG4Bs9tFzdNU4N133tG9z_cmg3pTeEM0_CmYqJKA4Y6UtUwYVJy-PRE2qBVrI4DqRPyXPAV0Q-AZNW6BFBeHWsntBK6o5V2iGaHWh4Hw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KgbjUCD7unw.es5.O/d=1/rs=AJlcJMymeY_wca4KbLGvKwMFwwvh_Sz_3Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GRiAxXmJFB5CjtEbMEs4BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.habsetlnh.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-GRiAxXmJFB5CjtEbMEs4BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.530.1_en.html
imasdk.googleapis.com/js/core/ Frame BDA2 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
475038
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211596
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 01:29:31 GMT
expires
Sun, 10 Sep 2023 01:29:31 GMT
last-modified
Sat, 10 Sep 2022 01:26:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 54AB 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 13:26:49 GMT
integrator.js
adservice.google.com/adsid/ Frame 54AB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.habsetlnh.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bu66bFygjY_TACYz__gSdmqf4CQAAAAA4AeAEAg&bg=!AwClAETNAAbG3AOo5tw7ACkAdvg8WuGXmgB6i-a3yfOLU8x6ztt2ON9I7Svwnlcf6dW8wA2QhpQJNwIAAATDUgAAAANoAQeZAxLaaPOaHsagdN93kkA11K61oEyU-18Wx2ZQhO4supNXAgG3W9qMlKnbZnvPJRvUU0JtIui_6LSwioqF_JrYn9HdJfw93sDg7PX2qMfzbAKV4UQ9PeI-aA7_LGRh_TO0Zf44qASgUxRaSm857iwbGKUUFmr3aAWIjpMEkPWvAIS9qsKt71qXrUDEycZFWd58aWRDV9o3IEbFA7KvmTBPP8A4TvELOSLyLbYWdzp95tDKHebCkdvpf5XqtQBcas9s2YQm38LreVI6aEFtAez2GgWo_NAsuBbtBGtn4fixuuO7QJzpSLlRAxjx2dmyQLsB24qiY3W58ZcjkV2NcsDovco6w-jybBxTqwa-UeynDaIq2X-iPok9djqgF2RGpsfRMGFZ5GoumnD1V14vnAMuKE6bklHbe8o-xCOYR34buQOnuFoUi8_9FHGRVkS_flQLFO0yK-rNBqKjI4mhxsTpkECg-APXrQkR9OloGIMfChp7B3JMlNOvIr1h3_6zY6PYHFVxuTaSh6kyKW64H0YWC1lOwucMTp7FN-XoE6lP0agf3-seRhQNCvNV2-bahhHWUYQdD0XzGrA5s64Q2bVo7DzKhMMZzj5Wj7UPUq-ntY7o001Lio9QM2hpNOC11AmDop0kyuArDvCL_JmXVDhQS6YctW5aZ6owFr7IkU076MwB7mvLxDfIyZhOUxyeNxK0x17rGhPuzeJyC6VxZ3MGeXyWeRoZLqNjyObq3IXPX64iAvHj0MCDDktefKo_QJTVdMyIGH7MAjROelxGQaJwuw1HR6Oh5SvVcOrI4QInfoVklKKn6IDYNZ7e6Ph3TFVxyPgZeREIbLFOGlcP766tqz7hEAEUkvSBP2qhpwu956E9MxUX6_GFlwEnFWEjH-I3tmLreEQqa1dWGfwqVyae16yRT5s3rbo89rV78GKOxNIhEPaKoylanNbj1FVIz6gMkb6HXbPl9TK-gJUoOPfvlelas5KyiTrIZFnaTUeu7i5E2pApdW5p27SGvn0qwv6GI1FJRlhVvQ7_ZPNQYGEi49mcIMw
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dfdf2edf0f109e4807a6405b8ed15ce58929c1b02a6603d99634983e14f01f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 13:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11241
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-gMqQnTcST%2BDrDg%3D%3D&sc=1&os=1-qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&cu=1663248408765&m=1329&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1195%3A1195%3A2499%3A1261&aa=1&ad=1008&cn=89&gn=1&gk=1008&gl=89&ik=1008&ic=1008&ez=1&co=1008&cp=980&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=980&cd=214&ah=980&am=214&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28097193%3A1922130%3A339893382%3A175322621&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=1516951544&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069585
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Sep 2022 13:26:50 GMT
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-gMqQnTcST%2BDrDg%3D%3D&sc=1&os=1-qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&cu=1663248408765&m=1330&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1195%3A1195%3A2499%3A1261&aa=1&ad=1008&cn=1008&gn=1&gk=1008&gl=1008&ik=1008&ic=1008&ez=1&co=1008&cp=980&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=980&cd=980&ah=980&am=980&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28097193%3A1922130%3A339893382%3A175322621&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=800784437&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:50 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame BDA2 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F215787434%2FSendToNews%2FROS_EN&description_url=%7B%7BENCODED_URL%7D%7D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=click&type=js&vad_type=linear&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.530.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&gdpr=0&sdki=44d&ptt=20&adk=1401888179&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.530.1&sid=B2148DF2-F1BF-4688-AB72-AE899CF4C2D6&nel=0&eid=44748969%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.habsetlnh.com%2F&url=https%3A%2F%2Fwww.habsetlnh.com%2F&dlt=1663248408308&idt=1772&dt=1663248410191&cookie=ID%3Ddba61469fcf5a138%3AT%3D1663248406%3AS%3DALNI_MYtmWR6Pv-IEm-AgiMm6c0UXmdpkQ&gpic=UID%3D00000575a9d6cf1e%3AT%3D1663248406%3ART%3D1663248406%3AS%3DALNI_Massq_zGEVYXCsVbbArVzMS4mR9FQ&correlator=1663248407724&scor=4335050450859182&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ab9e8a2a24421059bfd96fb7f087524f686c4bd5eaa5061031a77c2199a1483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3439
x-xss-protection
0
google-lineitem-id
6046419026
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138395360303
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-gMqQnTcST%2BDrDg%3D%3D&sc=1&os=1-qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&cu=1663248408765&m=1331&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1195%3A1195%3A2499%3A1261&aa=1&ad=1008&cn=1008&gn=1&gk=1008&gl=1008&ik=1008&ic=1008&ez=1&co=1008&cp=980&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=980&cd=980&ah=980&am=980&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28097193%3A1922130%3A339893382%3A175322621&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=682957014&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:50 GMT
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0cxT,pingTime:0,time:2042,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:843%7D,%7Bpiv:100,vs:i,r:,t:2042%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:2042,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1219~0,0~100%5D,as:%5B1219~970.250%5D%7D%7D,%7Bsl:i,t:2042,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1219~0,0~100%5D,as:%5B1219~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:145,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19.1116018-64712417%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:844,sis:1313%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:50 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5394 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
68955
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:17:35 GMT
expires
Thu, 14 Sep 2023 18:17:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8F78 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e25d44c119392921a7606d9a52a27ec64890839a9c8aef4109c41a653af50cc3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qf9zFgBWRKEeduSh8pV4oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.habsetlnh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Qf9zFgBWRKEeduSh8pV4oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:26:50 GMT
expires
Thu, 15 Sep 2022 13:26:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB8B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLEZmFygjY8uUIduhoPwP0JqhmAkAAAAAOAHgBAI&bg=!GBulG1_NAAbG3AOo5tw7ACkAdvg8WsXxjsI6jFsk3Xh07ousJc26ItkQq3Ji1YfjqDKwP3L1GHTCgAIAAAIvUgAAAARoAQeZA1MWBsPKxZ0XNn3OnFy5VsnHWrEiN8gmyAQXQP0a3kh8-iyF6QeTyM4D6uWNSM1R2q5H_5v5Y587ksDVEdXIar8pq2YtpQqVeCrJD7OuTVk7RBOhMmn8ZzFoC2-enYB1NALm0v_YaxJtg4NAtcksEqYHkYZ9VKv8kR4uTQP0dsc2X3kezIhDY2jHX0ssO-vNzZos06TwgSPZexhuI_JML7ydrz6sJU6CbkvL4pm0Ccrw4ngp-21jqxkTBTLAuoaskaKW5QLNHf2DvD3erIK31zURa1RKM1poXe8wQ-cjEEIIBOhdVEg2tp_rpEcH1r27oUBD7Ay07UVDfXtdKChmmkTD9PxYRf5LAsyXT6TJjhZsXomoHIKnkiKe4itCdf3TP9k85LMA6xu7_iCLoW-Hf_UdEzT3ZvS9qUZdXt7YFjZ4zTz1B8918u47JARKxd-OTbU4W8O3BJVqAovyDoni6AfhdTz2SZH03URi3g2TcDgnFqqv4xUDju-Xzva1ePwBKvu8r2kNR7Okzhjz0_ioOWDK4mygsBFrviKN8ZtJQEnLK-BfHyE3ayblKKgoBsEvMJzd24Fc1WhpDcg5ZHjvgw5bVt1eqs_iyKI5xFV4wePfxmwI6S11kfDHTKvaOMwvjyqQdOdsrWviNT4mSQ3rZwGM4IILJnPXJGnpCN2CpR082R4aHxM15FF_o1w5RvgxKslg8kvBUdqiMoiKmpHJQ9od7xiQFmXZSb3Q4pyRdYnmD617pXJHz9ue6N1Ttrqx3mvTovCkMIBN3kd_QntIyxevq0ubBNmDWLohdFXsAi_aGcWdO1-FP4eTw-rXQIW0WaOiNXhYajj3TUul4dJ2Bb-yQ5d61dI1Z2MHKK8NeXa3VfAmqU4y_bA1Jcy9TFwFofrFkE84INdcyNr9hOLp84eqlXSMNjofXlavy2ImaOI2fn0Ebtu2lylDYmlHC5h4cEjnYInabmaYAzfoMlswkw7PCbmwabZYKWD37bFKLlSUMW5OZci0Y55TibRbEzelVwzeE8TnfjJtNZEigqtZAMqGGvvDfWN6D2sGMtc_6PrSJ89HYiTLT-bJ5pfXVTfTQLF780hDcBq4MemTAJP19WbQTvvdySeUx0Ikg7pA9MlywYM-rQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091201&jk=1238308140559331&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
pagead2.googlesyndication.com/bg/ Frame 5394 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FHpShV1mxK7-vEDgabWRx1F_1C_sXVOjrUI6-UzV2sE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16022
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 20:26:28 GMT
generate_204
tpc.googlesyndication.com/ Frame 5394 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?d9hQjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ac
www15.smartadserver.com/ Frame BDA2 		129 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www15.smartadserver.com/ac?siteid=517962&pgid=1621891&fmtid=67412&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&vpt=1&visit=S&vcn=s&vpaidt=js&vpaidv=1,2&pgdomain=https://www.habsetlnh.com/&vpw=640&vph=480&tmstp=875671664
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.194 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:51 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
truncated
/ Frame BDA2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
/
pubads.g.doubleclick.net/pagead/interaction/ Frame BDA2 		0
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame E1C6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BVBDBFigjY6_aPK2cvPIP8M-M2AT9gc7tRQAAABABING9tz04AVi6lNfKgwRg_eiigfADsgERd3d3LmhhYnNldGxuaC5jb226AQs0ODB4MjcwX3htbMgBBdoBGmh0dHBzOi8vd3d3LmhhYnNldGxuaC5jb20vmAKSXMACAuACAOoCGy85MjA1NjI4MS9oYWJzZXRsbmgtcHJlbWl1bfgC8tEekAPgA5gDjAaoAwHgBAHSBQYQ05L0pBKQBgGgBiSoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQNgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=vbL9DX7qDqA&label=videoplayfailed901&sdkv=h.3.530.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjQ5MDkyMzg2MTEyDDEzODQwMDg3NzExNEDqAQpRCAESE3ZpZC5zcHJpbmdzZXJ2ZS5jb20aCVZQQUlESU1BMyADKgRJTUEzQNAEUiIQBCUAAPBBKAE6B3Vua25vd25CB3Vua25vd25IrhdQAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p2
sb.scorecardresearch.com/ Frame 4CB6
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663248405835&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663248405835&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663248405835&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=60777&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2238538&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1663248411254&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5419&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Rogers%20NHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.habsetlnh.com%2F&c8=&c9=https%3A%2F%2Fwww.habsetlnh.com%2F
Requested by
Host: www.habsetlnh.com
URL: https://www.habsetlnh.com/
Protocol
H2
Server
13.225.223.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-81.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:51 GMT
via
1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
43
x-amz-cf-id
QpqyrO7mjiMM7srzD7gAvE0MUjFwOS_eyHpkj-vD8jCr-BW_WzMEmg==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663248405835&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=60777&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2238538&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1663248411254&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5419&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Rogers%20NHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.habsetlnh.com%2F&c8=&c9=https%3A%2F%2Fwww.habsetlnh.com%2F
date
Thu, 15 Sep 2022 13:26:51 GMT
via
1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
0
x-amz-cf-id
Xn5qRyBfqVHeR0H9DTdtzCLB3oOJCtCkFArC4MySCBn-GekVNGqrlw==
x-cache
Miss from cloudfront
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091201&jk=1238308140559331&bg=!OzilOHzNAAbG3AOo5tw7ACkAdvg8WjUykqIAt9f1NTfStxVKEqTgQaNET7YIQlNvAAyU_X9wQED1hAIAAAEfUgAAAARoAQcKAEg17JG2OtW1otFVNuHV2p_cnsti6L8L7Whpus1YXgk6VBuGk4kFmMlLrPGd5mgwETqVptSSDntpnVwFOMKHWydCV5-uFDjzzmWZAulJZ2i9to0IKG76MGjG1JOHySB1iglfDbazsqUAwE-B5i4wJy5fbO_shzm6u5UW3BCNvoRrW6M61Wq8r3yMFRFVmt0oXz9Q8QP4otqfVUR_yW5EXKkKQmrAxy6EntSbyCFJLDYHnKygwz-bzUL-euXf4fm4m-v2nrRdv0PdhQOOH3HhtbHVhqd2osV_sMJ4_uHFYsszvMO6vtclEpnKq_rKu_TfJhyBDffT0mkMBmqC8kBWIcHfobUf98cSe0CRr-uTACjxJgcJq8VjmOQ2bIh6Dt3R0LVYdF_5DzsjQ2img343_WuNrKHoCXlaR8FbIlaRmAKaLvCwg7sbJApiLVccCM5Ncuqjdb6S55Z8PP0ugrN8FAHtVoxdyRys34Eoie-uYuosvJ0hwpYjRvTxcbAkuBfwVIL75km5B1YamdqRlFdKvK_DBXyBJhZzq0tYXYMMoDvLW0r0eGB5fetltxPsHBfoOiyjzElIAloLWqSEOWojg5pPL2Qbn8UnfWoT_o55yJOhfdd1401BqJA1Tc9X-PreboSJRkPoht3I0lDOiFqQ7uhoxnNbKOL7_ZelZmiCTKor_0nRryoIIZgEE5fZcod-bkGnEKCTVxzbMmC8k7uGdsEsaCSeJ7RSZWN8xIbGvakYezqd-dlOxRICIPyU5TE5jkdDWGo1sVNgSumd2HWnKTmPoBuwVq9hU1RrcaLBsjtz3T26cJHCqoWtIv08dsqA8BW6qaCiTcUGT83Pl7jSU6DMCYzgpRByUwAcnAy3wa7ZJPpz_ul_cnxjawg7Tf1vr7CzhVNZUbv9FCIstEIfDPnBndPPHwOtvJnmRIXpOQYVLYomHy-LxxCS9VEHG59NqOKIz1r787YWQewrtbMQRqf6pk_w1230TGroeQTcXOmxeolW5J78d9r2exTEjmvNJg9AyGq_HjfBPX6IAFT3yZusN83h95CUQAfsX7qNlTsBlfUiyhFbWs2EHOjwktxxvqCICJUx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0cOl,pingTime:1,time:3062,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:843%7D,%7Bpiv:100,vs:i,r:,t:2042%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1020,o:2042,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1219~0,1~100%5D,as:%5B1220~970.250%5D%7D%7D,%7Bsl:i,t:2042,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1019~100%5D,as:%5B1019~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:98,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19.1116018-64712417%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:844,sis:1313%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:51 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0cOm,pingTime:1,time:3063,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:843%7D,%7Bpiv:100,vs:i,r:,t:2042%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1021,o:2042,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1219~0,1~100%5D,as:%5B1220~970.250%5D%7D%7D,%7Bsl:i,t:2042,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1020~100%5D,as:%5B1020~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:98,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19.1116018-64712417%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:844,sis:1313,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:51 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=kmCiDPnmENDvt6qU&instance=214035433&version=7.8.0&age=220915&cmd=PLAY&key=8OhJreEl&c_id=10113&seq=1&order=7&absoluteTime=6509.2&relativeTime=5767.2&alt=0&sC_ID=8638&sm_id=2238538&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&playerCfg=BR
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:26:51 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=8OhJreEl&ES_key=8OhJreEl&ES_ID=33608&S_RKEY=c07nGh3slG&USR_ID=214035433&ST_usrKey=kmCiDPnmENDvt6qU&SM_ID=2238538&C_ID=10113&C_companyName=H%20and%20L%20&version=70080000&sC_ID=8638&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.habsetlnh.com/&REF=https://www.habsetlnh.com/&PLAYERWIDTH=400&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=1&STRIPQUERY=1&pposition=home
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Sep 2022 13:26:51 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 15 Sep 2022 13:26:52 GMT
event.png
tpsc-ue1.doubleverify.com/ Frame 40BB 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=20a7eac1a2d147b69526a6a96525384a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=255&eoid=11&msrjs=3068&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=250&tetms=15&msltms=108&vltms=255&sei=290&vetms=421&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=52&isumms=51&nvr=6&elmtp=6&isbxdms=2759&b0=100&b11=2844&adhgt=600&adwdth=300&norwdth=300&norhgt=600&vsos=9&dvp_vsosnmr=16&lftb=2944&sftb=2944&msrdp=8&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1303&isuiabvms=1303&ispmxpms=1303&engalms=49&engscrlms=261&dvp_pageEng=true&dvp_dpr=1&ttfurm=3715&cbust=1663248411502969
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3068.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 15 Sep 2022 13:26:51 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/14/2022 13:26:51
pixel.gif
px.moatads.com/ Frame 3EBD 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-JJ0pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408057&de=137851824427&cu=1663248408057&m=5297&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=38&vx=-%3A38%3A-&pe=0%3A625%3A625%3A2301%3A653&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&ez=1&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5077&cd=105&ah=5077&am=105&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=28097193%3A1922130%3A339756212%3A175204273&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=1726287901&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:53 GMT
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-gMqQnTcST%2BDrDg%3D%3D&sc=1&os=1-qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&cu=1663248408765&m=5394&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1195%3A1195%3A2499%3A1261&aa=1&ad=5074&cn=1008&gn=1&gk=5074&gl=1008&ik=5074&ic=5074&ez=1&co=1008&cp=980&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5175&cd=980&ah=5175&am=980&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=28097193%3A1922130%3A339893382%3A175322621&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=989916710&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:54 GMT
pixel.gif
px.moatads.com/ Frame 0620 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=OMD_CA_ROGERS_DCM1&ol=1042290778&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-gMqQnTcST%2BDrDg%3D%3D&sc=1&os=1-qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.habsetlnh.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.habsetlnh.com&lp=https%3A%2F%2Fwww.habsetlnh.com&t=1663248408765&de=91880802215&cu=1663248408765&m=5595&ar=5aeef158bee-clean&iw=c0e1c72&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1195%3A1195%3A2499%3A1261&aa=1&ad=5275&cn=5074&gn=1&gk=5275&gl=5074&ik=5275&ic=5275&ez=1&co=1008&cp=980&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5376&cd=5175&ah=5376&am=5175&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=28097193%3A1922130%3A339893382%3A175322621&bo=habsetlnh.com&bd=habsetlnh.com&gw=omdcarogersdcm798933297651&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200157&na=1905374213&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Sep 2022 13:26:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Sep 2022 13:26:54 GMT
dt
dt.adsafeprotected.com/ Frame 0620 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116018&asId=68abd385-275b-19df-960c-f793110d007e&tv=%7Bc:oi0dQy,pingTime:5,time:7043,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:843%7D,%7Bpiv:100,vs:i,r:,t:2042%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5001,o:2042,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:843,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1219~0,1~100%5D,as:%5B1220~970.250%5D%7D%7D,%7Bsl:i,t:2042,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:95,fm:thvCODH+11111%7C11112%7C11113%7C11114%7C111151%7C111152%7C111153%7C11116%7C11117%7C11118%7C11119%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C184%7C185%7C186%7C187%7C188%7C189%7C18a%7C18b%7C18c%7C18d%7C18e%7C18f%7C18g%7C18h%7C19.1116018-64712417%7C191%7C192%7C1931%7C194%7C1a11%7C1b*.1116018-64712426%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:844,sis:1313%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:26:55 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
8qo2o072q52rp38633739ossp1n92oq1-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		686 KB
688 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/8qo2o072q52rp38633739ossp1n92oq1-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da3348af82f8b0b09bca13b9baa85fa26c0017fc8d8a1c739751b6a5a50ebb95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.habsetlnh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:15:15 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
age
47502
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
702744
last-modified
Wed, 14 Sep 2022 22:52:16 GMT
server
AmazonS3
etag
"ee0100f5690daff91d5679163c605fb1"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P3
accept-ranges
bytes
x-amz-cf-id
_md7_r4ZYYucZHusMmYqYBfiRKFy2ToHGij_klARs3TWyAsg2nMKCw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BRMDOGigjY9edD62cj-8P8_aQwASFmbyjRgAAABABIMqz8yk4AVivuIbIgwRg_eiigfADsgERd3d3LmhhYnNldGxuaC5jb226AQ8xeDEsMzM2eDI2OV94bWzIAQXaARpodHRwczovL3d3dy5oYWJzZXRsbmguY29tL6kCNjKp1A5_qT7AAgLgAgDqAhwvMjE1Nzg3NDM0L1NlbmRUb05ld3MvUk9TX0VO-ALy0R6QA-ADmAPgA6gDAdAEkE7gBAHSBQYQ0pCUwxaQBgGgBiSoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHAdIIDwiAYRABGB0yAooCOgKAQNgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=pFmKdkGeVUM&label=videoplayfailed303&sdkv=h.3.530.1/vpaid_adapter&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYwNDY0MTkwMjZA8wNSGSUAAHBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| roc function| roi function| roo function| fct_alert function| fct_confirm function| OneSignal function| fbq function| _fbq object| dataLayer object| googletag boolean| parentAccessible number| _timeout object| _vendors string| _gdprTimeoutConsent function| getTCFVersion function| getCCPAVersion object| fskWindow function| Sizzle function| fskLib function| FSK_parseDFPKV function| FSK_getExtraParameters boolean| FskHasLoaded object| _fskparameters function| _fskParseGetParameters undefined| fskffc undefined| fskcfc function| _fskInsertScript function| _fskProcessInsertGDPR object| as function| fct_quiz_page function| gtag function| fct_to function| fct_change_score number| rebours_nombre_120 function| init function| fct_decompte function| fct_plus number| rebours120 object| e object| jQuery1705582998262304266 object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject function| ga number| __oneSignalSdkLoadCount function| __jp0 function| FskAds function| _FskGetCmpId boolean| _FskHasGgl object| _fskadsparameters object| _fskadunits object| _fskgeo function| _fskAddListener object| _FskAds function| FskRequestAnimationFrame number| __mobxInstanceCount undefined| __mobxGlobals boolean| isAllowed object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| google_reactive_ads_global_state object| headertag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_869205 object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YzI3NDNkMGVmMTIzMTBjYWxvYWRlcl9qcw== string| YzI3NDNkMGVmMTIzMTBjYWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| sas object| closure_lm_416791 object| closure_lm_308268 boolean| 8d5439dd-bb3f-4304-9478-8894b8df08f8 object| closure_lm_987366 object| GoogleGcLKhOms object| google_image_requests

111 Cookies

Domain/Path Name / Value
embed.sendtonews.com/ Name: AWSALBCORS
Value: EXJR1xRvAcxd48gH6bHVZf2Ug4jkZpz2t6Fop44ZGaW+TKWrVM+MBfjv4ZVKovcaMDEVlKkW/mZEyQqXrvZ74SgR5CcReWl1/iF0j2BfYaO1pw7B/zQjQjCj4Ls4
.freeskreen.com/ Name: a
Value: NTkyNT0xfHw7
.habsetlnh.com/ Name: _fbp
Value: fb.1.1663248405539.1551174894
.habsetlnh.com/ Name: _ga
Value: GA1.2.186059396.1663248406
.habsetlnh.com/ Name: _gid
Value: GA1.2.1613937494.1663248406
.habsetlnh.com/ Name: _gat_gtag_UA_82338304_1
Value: 1
.facebook.com/ Name: fr
Value: 0MiOgETpZWjF00ikL..BjIygV...1.0.BjIygV.
.admanmedia.com/ Name: admtr
Value: 57bc883a-b8ce-4fb5-b4ae-ebf3dd243e0e
.admanmedia.com/ Name: ac_r
Value: CS89
.tremorhub.com/ Name: tvid
Value: 68969fa6918b40ce8421e1378a4d60b1
.exelator.com/ Name: EE
Value: "07f345f399b603c268bb1d48bd524cd1"
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 747745654750095039
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=637988452058233780&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.tremorhub.com/ Name: tvssa
Value: 1663248405829
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHAPM3YxDTN2NIyyczAONnIzCIpyTDFxCIpxdTIJDnFcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6ImfHxUUpaQyLSopPBR9csAoAjM8qaQ%253D%253D"
.adsrvr.org/ Name: TDID
Value: ed3c8bd3-4667-43c0-99a6-69a472397389
.rkdms.com/ Name: sessionid
Value: h-6456129db6a82695a29b74f4c21da574_t-1663248405
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.adnxs.com/ Name: icu
Value: ChgI99FAEAoYASABKAEwltCMmQY4AUABSAEQltCMmQYYAA..
.adnxs.com/ Name: uuid2
Value: 5617377738196734319
.spotxchange.com/ Name: audience
Value: 0bd1c4e4-34fa-11ed-9129-1d15f0490003
.amazon-adsystem.com/ Name: ad-id
Value: A6lHGcz0tU1otbnectvYac8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smaato.net/ Name: SCM
Value: 93ef0e7d
.smaato.net/ Name: SCMaps
Value: 93ef0e7d
.lijit.com/ Name: ljt_reader
Value: FUgmZPZH_KKON8_cQrCogwnz
.zemanta.com/ Name: zuid
Value: lk_Q4DFpwRcLjTv79ELA
.simpli.fi/ Name: suid
Value: 02DD41C59D804A8CACCBBDAC9D58E6B5
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDMzMTG1MDAw01EygvCNjSwNzUB8E2M0eXOIvIWpsRGIb2iELF8LAJiIEEk%3D
.3lift.com/ Name: tluid
Value: 4133652731328787904155
.casalemedia.com/ Name: CMID
Value: YyMoFrNhHiM6znH3tYb22QAA
.casalemedia.com/ Name: CMPS
Value: 096
.yahoo.com/ Name: A3
Value: d=AQABBBYoI2MCEBnmit0MWGTrnRPP8YHgCgcFEgEBAQF5JGMtYwAAAAAA_eMAAA&S=AQAAAuj4ChZENkiABt2bhycaJLA
.sharethrough.com/ Name: stx_user_id
Value: f52706fa-c277-4d1a-8112-4f79a7fbdeaa
.analytics.yahoo.com/ Name: IDSYNC
Value: 18y3~276d
.360yield.com/ Name: tuuid
Value: 389952a0-4a72-4f8c-bf45-9c4c7dc99a21
.360yield.com/ Name: tuuid_lu
Value: 1663248406
.casalemedia.com/ Name: CMPRO
Value: 529
.casalemedia.com/ Name: CMRUM3
Value: 2d6323281605a0&696323281605a0&f16323281605a0&e6632328162760&406323281605a0&0a632328162760&7b6323281605a0&27632328160b40
.casalemedia.com/ Name: CMST
Value: YyMoFmMjKBYA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C00332E3-CB96-4A2F-A5DF-EADBA45E5908
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1664409600%3A197_201%7C1663804800%3A164%7C1663286400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1664409600%3A54_22_220_21_13%7C1663804800%3A2
.lijit.com/ Name: _ljtrtb_27
Value: ed3c8bd3-4667-43c0-99a6-69a472397389
.quantserve.com/ Name: d
Value: EAEBDQGNJ9-owQA
.quantserve.com/ Name: mc
Value: 63232816-b6d28-eb516-086cc
.sitescout.com/ Name: ssi
Value: dfaa4b2c-659b-4534-821c-0cee3ddb6b70#1663248406749
.bidswitch.net/ Name: tuuid
Value: a1fb6892-000b-4a07-b6b5-e0c7dd025162
.bidswitch.net/ Name: c
Value: 1663248406
.bidswitch.net/ Name: tuuid_lu
Value: 1663248406
.lijit.com/ Name: _ljtrtb_12
Value: 5617377738196734319
.lijit.com/ Name: _ljtrtb_43
Value: YytOkWcgTZR4ekrGZyBRxzctTZR4KESUNnvzF1Cv
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY2MzI0ODQwNjgyMSwiMzkiOjE2NjMyNDg0MDY4MjEsIjciOjE2NjMyNDg0MDY4MjF9
.openx.net/ Name: i
Value: 3b5e9752-734d-0926-06b0-153ca25a344c|1663248406
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6fc08256-9e5c-422b-5998-1d567f2e38fa.aebcRmO21GA%2Bt0ChrGcW%2BHjwj42vurvqUw7Vv8FZpJg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ab8CCVp5cQitZmB1Wfy44-pU4mbg.pn93itUBQRqbu5qY3dDlvUGA%2FJcLzni0lvJtnb0Eld0
.acuityplatform.com/ Name: auid
Value: 693012122059
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQVAqSUyqmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFQKklMqo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.turn.com/ Name: uid
Value: 7898369240051085363
.rubiconproject.com/ Name: khaos
Value: L8335ODC-1B-48Y2
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8244779106839357415
.mathtag.com/ Name: uuid
Value: 88a36323-2817-4a00-a1b8-486a0f4532f6
.doubleclick.net/ Name: IDE
Value: AHWqTUkUmniRBjzDI9nA1Nr30zxhtuk8tN0IN-pZyNOkwisbhGzFL63DKc9q2HMVGy0
.rlcdn.com/ Name: pxrc
Value: CJfQjJkGEgUI6AcQABIFCOhHEAA=
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 158ec378f13468dd732e8b274cce0fcd
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDS1SE02NrdIMzQ2MbNISTE3Nkq1SDIyN0lOTjVIS05hAIJkZQ1xEA0FAEeCCeI%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIVtYQB1JQAAAKIADG"
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjsu5-K_8mLOxAFEhYKB3J1Ymljb24SCwjQwpCM_8mLOxAFGAEgAigCMgsI7LOit5XKizsQBTgBWghwdWJtYXRpY2AC
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU(d=BZ=!]tbPl1M>e)ZlrFUfJ+tGXxo3V@-Gl8f^tIKB]O9<YBnQK@wM5Q<<ep7^yg>*bpRz*qF1`*b^^:)wZ-7
.habsetlnh.com/ Name: __gpi
Value: UID=00000575a9d6cf1e:T=1663248406:RT=1663248406:S=ALNI_Massq_zGEVYXCsVbbArVzMS4mR9FQ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBcCrmPouWXhIjO_TpaX9HU&KRTB&16514-CAESEBcCrmPouWXhIjO_TpaX9HU&KRTB&23025-CAESEBcCrmPouWXhIjO_TpaX9HU&KRTB&23386-CAESEBcCrmPouWXhIjO_TpaX9HU
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:02DD41C59D804A8CACCBBDAC9D58E6B5
.pippio.com/ Name: did
Value: MnHHxe7NxMrrIdxK
.pippio.com/ Name: didts
Value: 1663248407
.pippio.com/ Name: nnls
Value:
.tapad.com/ Name: TapAd_TS
Value: 1663248407368
.tapad.com/ Name: TapAd_DID
Value: 4e29f315-d8c6-4c7a-804b-3b988877a8bb
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-ed3c8bd3-4667-43c0-99a6-69a472397389&KRTB&22918-ed3c8bd3-4667-43c0-99a6-69a472397389&KRTB&23031-ed3c8bd3-4667-43c0-99a6-69a472397389
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7898369240051085363&KRTB&23150-7898369240051085363
.pubmatic.com/ Name: PugT
Value: 1663248405
pool.admedo.com/ Name: tuuid
Value: 15748475-8e07-4bff-98ab-6359de728cc1
pool.admedo.com/ Name: c
Value: 1663248407
pool.admedo.com/ Name: tuuid_lu
Value: 1663248407
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&dc29a3ac-41d9-48cc-85e7-1464e7a2dca2"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2788:u=1:x=1:i=1663248407:t=1663334807:v=2:sig=AQFTHoDcuck8g-K3g7L2EJTqM5WCivqT"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.rubiconproject.com/ Name: audit
Value: 1|D5f0D3Mag10IVrIstIcVcSVMGSrLaN1ZCSY80B4ToFAeECEUBMheimW7w9h5HFL9Bif3EYQ0jq7qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.lijit.com/ Name: _ljtrtb_16
Value: dfaa4b2c-659b-4534-821c-0cee3ddb6b70-63232816-4341
.freeskreen.com/ Name: scmtid
Value: "c2FpZD03NDc3NDU2NTQ3NTAwOTUwMzl8MTY2MzI0ODQwNjE1NyZzY21pZD1jYmJmYWVpZWNkZ2diaTlwRlUzVWpHZXwxNjYzMjQ4NDA1MTEyJm1naWQ9TDgzMzVPREMtMUItNDhZMnwxNjYzMjQ4NDA3NjIxJmFjaWQ9NTdiYzg4M2EtYjhjZS00ZmI1LWI0YWUtZWJmM2RkMjQzZTBlfDE2NjMyNDg0MDU4MjgmbmlkPTA3ZjM0NWYzOTliNjAzYzI2OGJiMWQ0OGJkNTI0Y2QxfDE2NjMyNDg0MDU5NzY="
.pippio.com/ Name: pxrc
Value: CJfQjJkGEgQIAhAAEgYI7OsBEAA=
.casalemedia.com/ Name: CMTS
Value: 029
.springserve.com/ Name: ssid
Value: 340ebc7c-a948-42d6-b232-3e6b3abe94dc
.springserve.com/ Name: sst
Value: 1663248407724
.linksynergy.com/ Name: rmuid
Value: 84eef1c3-8d29-461c-adb1-b39a7a3ac0ae
.linksynergy.com/ Name: icts
Value: 2022-09-15T13:26:47Z
.teads.tv/ Name: tt_viewer
Value: bfb963db-0b5d-4104-a3e8-4ce76f70919d
.rlcdn.com/ Name: rlas3
Value: ccXmFQv2Tld0EMvgB+s1gG+1SJc95QRxYLuS102PGa8=
.lijit.com/ Name: ljtrtb
Value: eJwVjbsKwkAQRf9lawcyO5OZXUtFLQSFqIjpsg8tAhYSgon4767l5dzD%2BRi0ZmlqQSVVJYdelJjQm4VBKSjdu46DjSC1D8A1MTiLEaqYM6UUJGgFQpasQwEmxmJaLWZOFF1IBCyihcQKvO8ExHeslnyp%2FStM5XubhmN%2FjY9z23DuX7t2WjXvOQ7%2Fvd%2BcLofnOG9xPZrvD7sBLfU%3D
.lijit.com/ Name: _ljtrtb_26
Value: a1fb6892-000b-4a07-b6b5-e0c7dd025162
.habsetlnh.com/ Name: __gads
Value: ID=dba61469fcf5a138:T=1663248406:S=ALNI_MYtmWR6Pv-IEm-AgiMm6c0UXmdpkQ
.pubmatic.com/ Name: SPugT
Value: 1663248409
.habsetlnh.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-fm6fuS5N9JYryH6lLah5ymYjrM69SfU7XucO-BGCHbG-w39Pgv_MtD2ysu-iLvr8VBqu1Yw0AqFhoK0sf8csnk2GWcCYBN6lE6C9l1hzXF2O401_9DbJg8VfE8QIVlw7Dc43GZrUTVTfeI8-tMfhO8pPV2g%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.smartadserver.com/ Name: vs
Value: 104685=5104166&517962=5104166
.scorecardresearch.com/ Name: UID
Value: 1001b5eb6bfef1eb019ddd11663248411

5 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript warning URL: https://z.moatads.com/omdcarogersdcm798933297651/moatad.js(Line 137)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://z.moatads.com/omdcarogersdcm798933297651/moatad.js(Line 137)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b292e4c67e3f7a5113fed2c96444fb9.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
adservice.google.ca
adservice.google.com
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
b1sync.zemanta.com
bc-ssb-iad.springserve.com
c.amazon-adsystem.com
c1.adform.net
cdn.doubleverify.com
cdn.onesignal.com
cdn.resonate.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
cs.admanmedia.com
csi.gstatic.com
d.adroll.com
d29xw9s9x32j3w.cloudfront.net
data.adsrvr.org
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
habsetlnh.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.marqueur.com
ib.adnxs.com
id.sv.rkdms.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
loadeu.exelator.com
match.adsrvr.org
match.sharethrough.com
onesignal.com
p4-gtlenbxmbayyi-eyfypn2zpppd4stg-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-west.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.sendtonews.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px.moatads.com
r.casalemedia.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s2l.sendtonews.com
sb.freeskreen.com
sb.scorecardresearch.com
scm.publishers.tremorhub.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.freeskreen.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
tags.rd.linksynergy.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vid.springserve.com
ww1772.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.habsetlnh.com
www.hetlmedia.com
www15.smartadserver.com
x.bidswitch.net
z.moatads.com
pubads.g.doubleclick.net
104.118.9.242
104.18.12.242
104.18.18.126
104.18.19.126
104.36.115.111
104.36.115.113
104.36.115.114
104.76.100.229
107.178.246.49
107.178.254.65
108.138.106.50
13.224.205.195
13.224.214.81
13.225.223.81
142.250.72.99
142.250.80.98
142.251.32.98
151.101.130.49
18.208.240.0
185.167.164.49
185.64.189.110
192.35.249.143
199.187.193.182
199.187.193.192
199.187.193.194
2001:4860:4802:38::178
2001:4de0:ac18::1:a:2a
207.198.113.88
23.105.12.161
23.217.153.125
23.64.61.72
23.78.168.242
23.92.190.69
2600:141b:5000:59f::4469
2600:1f13:800:7780:5601:6478:79f5:9959
2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1
2600:1f18:612b:4264:562f:45f1:d263:2a9f
2600:9000:2105:9000:1b:5138:8a40:93a1
2600:9000:21dd:e800:8:48e:53c0:93a1
2606:4700::6811:190e
2606:4700::6812:e134
2607:f8b0:4004:c06::9a
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80b::200a
2607:f8b0:4006:817::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::2006
2607:f8b0:4006:81f::2001
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2008
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a00:1450:400a:808::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.220.70.111
3.223.247.87
3.225.142.71
3.33.220.150
3.94.28.30
34.117.228.201
34.120.155.137
34.150.170.96
34.194.93.50
34.199.89.150
34.234.134.156
34.239.50.221
34.98.64.218
34.98.67.3
35.168.96.81
35.170.30.54
35.190.60.146
35.210.53.219
35.211.178.172
44.199.168.235
44.210.205.198
51.222.105.170
52.0.156.250
52.223.22.214
52.45.33.138
52.46.128.147
52.6.2.205
52.85.61.93
52.95.126.160
54.198.189.0
64.202.112.223
68.67.160.24
68.67.160.75
69.173.151.100
69.192.109.53
69.90.254.78
72.251.238.254
74.121.140.14
8.28.7.83
8.28.7.84
8.39.36.142
88.214.206.247
96.16.25.77
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
0643526bca58153b4313d85ed24061c3c024cc1fe0ce6d2c1dc2e524894859c8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096a6b1fe930ad78399843d453125bc077ca84498327e0108aa253319546e23c
0ae105fb92bf8830f822ffab74d0be4eee8dea40ef0d62a35c17180b51e587fe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf87c1b267f3e0107336bd2cae012543146d04ec2db9c8e2d057276b2188bf8
0d0f2e242b01e1d051c2d7d6025d21e37bb64d31933577b6e7795aa375effaf5
0d33a7f9d4972317a05847a5e36531786936530ea5538df5cb4df1c294221901
0fcc7ab087ae2d3bf848aa9eba414a1f48ef6ec08675c1bf0365f7eef1d42345
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4
12150fbbbd8d62063c19929696cfd1458f8ce4f762c3fae8d67131a38340ed25
126d9cb63dd62c90dfee70015895775d3e28aaa517da60fd1a588bc72fc7c218
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147a52855d66c4aefebc40e069b591c7517fd42fec5d53a3ad423af94cd5dac1
147da6236bfe7c8d6a0a325b0c619126dcd22ee556e4f6451623734903e1a9f6
16418464296bd4cf674c4c8fb6debd8c7cfe8f2f7cc31e32f7597808fea83308
16a9bc1d49f0cf2b286fc2c7c6c6a797cb0a84e5a4599624d7a8ccf8870604b3
1824b35181ba5c192931905d3d10dfbcdbc86dbc74597411f8d8c78dc44376f1
184721b858c6c6cb31a3fdf9c7d7740d15d68499e506590aa8d184400ca1a48c
18da83c7afb3f3bdd29b799c0484a24f76c09daf9d28ce03f381489d3bb28c82
18e84a9592ef0c123eb26bb2d692e4b3792b4b6e96f61e2995d8457724413011
1f574aec2c5c09259f55f3b7f06076ec06908dcc8d3fb9f61994ba02af7f96c7
1f9a117b780237814ca320826581d3f04a388246029186a142a814820b106ee8
20cfd031c632512834430f5f7ae33221f93df49217c8b527779592dddf0a5333
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
239aebb5090d52fc4de8e32637ed6cf900b15b1b908416fc36b19b440a271449
23ac608aa544a4cebeae4cb056f4ccfd7e237194c0d15c9b913d8863a588ac4b
2444b20b28c18d89accf5ab8a6dfa4698fa053aaf043abcce252588c2ce45528
25f4824d5784c2c314d92b8591ca1e93a94ad3d46d0e68a1860c577cd72b98ac
2690d31fc5c9631e32ee1a5f6ded32a64523e6c06455023ee90171a62f0647fc
2800870d442eb07ae7456d64bbfb43ae004dd0f8c154ada437076d29af265d6c
28eab2d884da211224709788c009e88bf87b90df5e05039f80e89531085dc297
292a139b34207ca11c7ab77e42fe0135ee01f52fa07b631fcf99a70a4788dd4e
2cb30c26ed1e1288640e6f5162f57382b0ccd062072af76375bf71c2d53c503f
2cd3ea20381ea712ae11c7cec7343245613ba6cd2012f65883e67afe2016f8fb
2dfdf2edf0f109e4807a6405b8ed15ce58929c1b02a6603d99634983e14f01f0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3c0fa59279dcf7c06dad513d33b0ede9ee6cd080f9c16eee456b93a0b4a2bd
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
2fdf4a50bedb361f7935936df989f00391d7e2a803c9f58670719d98feeb959a
31157713c9a72d6bf7453b5b7ace43e14c59dd9bbd285f542095f9e6e302ddde
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
339fe05fd93c2916e6215d079ab5a83db03dde2ce5620d53edc6f0b9c9f6eaa0
33af52e013b730f44078b1b83f51b4bd62f546dfff43ceb6d2b436e598da56fb
3422698e0da3f1ece97d5e37a02a68faf43517c96260cdbda8da65d98f088bf3
348ec52e04083b6c7678c4bef4445529a60e9821ca9258c8b18fb23121bde738
358a90c69fbbbd00f791dfbcbc2eca80f4c0c854cdb65ca09003860af59ac05c
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
3814d09145a50713a6ff9d153a226d88a1290b9e4b1bc33feaffcb3c70e46afc
3a7f29248c5ca288e812df85179541b77f330e2ffc942d41c9c57a1e70abf845
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3b8c23e8d5a50847eb5839c094bafc08de40ee00135949f3526ab6c93bc0423b
3e013c8290ebe66181ac095ef84c2151a173940e533369a7ba380ff51c04c2c7
3e03035343cbdbf4fffab60aa1c37c4a557f629991cfacef1411bfdaf69d55d8
3e556126ca390a7632728e97997ef48e46f557c3b6963693d2663dc9463b9128
3f099745927a7e1173fa37b4955e23e53350dc02e7894fa86ccf4c133457e988
3f7177bc16658dd7ebfd585dafcfff1f50cd34e58aa12eb52a445a2b66d15531
3fc155ea5334f82232a20057dad5f44fb5b7256c8d2a4c4ab6908637f2311058
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40312534c8161680b614d55871dcc1602d230b55ad2c08763263512186ee6ad7
40b236f82ab80f86a107f3f515f08efd59e273ef9120c58ef6f1f92c5a59676f
4178272e2a664db116028e49ec3f9bf1fc7f3cef213c3096ade6c58894a10721
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
42cf4f3baec553a35753bacca49d494306f09b9601577f8be61735f48bbe126e
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
48a1cdee54f813cc598751de8f59eca9fd1d08202d0c337c084b48ea59b400ad
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b595c61f82a395fa370e737be4782329ffe73ad315f837b2c3c7b96ed60b926
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d27371d236fa7547c90c974165abffcbae1236b64a80da2c85df41d40086f83
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4b79867696184dd2276109e4ba992a9ee4c97d1a0997435a84ae2d78a62ab3
4d7c9b434ab3346615b63b786354a7c59b14fca4be11ab3e86bb7a3b3b25d0f7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50827d139d8c7d47208f4131c3b9107d2e02d9c654dab712a3c4d1010f95f4ca
509452ffe78327cf5e647d8d633b25f174699d9401ad4f53374387481ffe5d6e
5347ddde7cdbd94e508d7218a425ab363c14c7a3a64bbeec76e2f19ee470a892
549e28e64c1d1e321e414a292d06e623dcb9fc9e22c966969207d30c760ba955
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575986ceb03b41a80e51883a5ed8747fe2e71d2dabae1cf0741f4ae4d4049ed6
5863de83de86bc9d0c9ca7c8a788a62ee645e6ca5a8b7ca2039464dda56832b6
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5b0af9fbe69ad6183c0adef24a0d2c361fae9f5b46aa6c2f3b00afcad177cb1d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfaffe6268ae0e32f1c71d3d9cf9b884515938bd5ae391311d8e1b2a0e3edcc
5d3282e9686fc4bf241f7ebcc1e2465d3000944c1d7a0b481a63ae4eddead18f
5e31423f91e201394ea0577180b8c8b7d60401a7c5d1b559442af7fba583a1df
600cabf9c7e14904a6918c7aebcaa3e60839e46353bf16df1fa597e68348a968
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b5170976c0df36dbd741823229125b56793cc6d10dcbd9ae23a5af8d20300e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63fc851d371fc2fb2cb7cd639aa62752002480410575bfe9205c1310f71a5f29
65884bf6f123e5af8335daec778c07dcea0baefb415464f71978f9971bfef1aa
69c81808f39fdffcad8fa37eba45f9564ee73fee7bb497bf6cdca143fda57f05
6aad0eeeae898e496f03907a80491b4b49930aca3c755b32790a92bd188a0385
6b7de92106affa843bd77aa66f0e44f53c3d56c5dd184e0942b6e74b0657dedf
6d04b5132ed94c98fecec06caefd9e0ade5108d534a94fe1fcedd719753ac9dc
7014330dae736d7949f20130ecb3767f37caebf374eaf4ffa0e2b4a79c8e08ad
7022081296da69c010616da25ebf4f6be7628d468b45d8e36a14d29ef1356e53
71636a4580f3eb7fdcaa448012dab2246ef02a72688a9ccb91031d7b89344ca1
717b10593d54204f670e8962fbe282f51357d361b0cec4ec5b979429fe08f86e
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
734c2c181323497c38e063605758d4384e32cfc13a364678d2323d48f912259e
73ee8c9b9cd3c341e534d688ef0560c8469a8b953559866bbdf212b46e2b7fd6
759b65ab18937d8442b1d767e315ca72a991998ae587417d7d605fb1bc2e47b8
782b3db4b660ee3596371df50adf8acb63a61214e9c6c871552167d0e92fb9fb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1f64d66a17b5461816bd41a1870a152690c7f01666462aca8202d2d24a205f
7bcfd6cc4a4f71ef06ad392c5e4e90078fcf2dfdb377285a98b48bf644938712
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7e2fbbdb15a1853c7cdaff74c4dfd935b29fa637e28701c37243958375fa03dc
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
803159dc3bfde882ec74fb0f473a9dadf2541a240e4d51f80ef0fcad22062f0f
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c
810f928c2db8b68d6c2128242c9602e7f57bab503fd44d23cff972ba2035f30f
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857da87f996c90a46ffc09abe3c50a6d31b523196231c1a4593a4f3881f731ab
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
877697c46cd713b1a2d0ffada4395b87777fc205a214d8db8bb023674d944621
8996cc3e681aa4ec53eda55b7dae056055f2b95d4935b217e01e79908443d7c3
8a0289823bd88e6c832f77c32c1e54f5b709c35bfb388ecf49e9aa627cb4281b
8a62d4cc047382cd05f8a86737279d84a9e76b7777ede854a87338387eecf860
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2c1ee8a85d15f532c682dc0a2f1472d11b3f3f735940ddf0cade61355302ce
8c37581867ed807eb0e3977f563ebf404ab83ea1ec48ed2bb37764568582cef3
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e27a9c38a67428de2d8655ef8208b1819a87b772436d6a62c761b6333ff9123
8efa950be6d28aa1103053638a776ab8f2dcda011254bab316bc409018714e33
900e51ac9b0cf64c22776fc320c05f8aef265a347f456e0117866018f7a6d867
90a1b56a6a1338b2615b9bdf2875b21dcbf0f5f16b03205c4452c9a2d67fc2f2
922f43db0823cc12a2016d19e2bad70352125f6866ba80c0dd11c681834e9efd
9390db0a41168151d32b899406df86105086085cf192de90a472ff73497315d1
948bc997de34a28c7a7d609bce002a86ec86c9744f03127c3c4867fbbd2dad36
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94fe1549aac5f24170f5201d02572132b8b36d97124d144681861589dacd30b2
954900be982eea49cb42456fbafac12e1889ab56ce02dc50e912b6446b5da755
965cbd36ea5a201fdfd333ff316c16d365090941f35f88d1a6c0a6007b78f44f
9667f86a6f28e4d2dbf88fd0a67ff0c0f90d35742245c0ab116c50a63715582a
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9a2446a2e7da493b667f5b27a9da132526c04d3ebd729ae67031160d7f059442
9ab9e8a2a24421059bfd96fb7f087524f686c4bd5eaa5061031a77c2199a1483
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a16fd889926abb35748c2117d3d8b02f56c5ae97b67b715d25272c9a838bd65b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c76288850654418d3f032a1fa948bf74ea1e4dce71954ba045aab60af90853
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8e24f9cce92238ffc2ab52a92165e6e7373a4310121a4f7bfd764a29328bd34
a9f3abc483ad462816dd49e04a7aa4261c28ea4bcceb8a9d58b3e9d76f374db2
aa085e867ce6bf867d6cd75836c6496398fa0687e0f850bd0edc9d8d7d67e9d5
aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0
aa496303b2d63742ec1576d59b62361ae55b6171de120cca9b818f4e19f77014
ad7c9fcfbfaf3bf12c5568933f347356dcdea02f31d4aa43ca1f3e9fd397a5fd
ae6bb9a268fd7ece7b420b2d3d536b757b922938ad06cccd7db8b6c3b96b1d9b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b434300daf02cb34b52cf91924ca6d59fbf52eed24b088d1bde91a50fac9958b
b8847bba3b7043510b1582025fb908b096ac188c332dff3521ac9ba76edf01b1
b8970b1f19d05dd6cc34c852734b07ec12ec1eb85e86b734ba9a857686a514a1
b9d16f2bbea39994859fa54d17a88c391b2a13b943dc4b926b5e811689ac5071
bb8c34012fba5143653013ef74900fc346dc115bc642b51859811df54354c141
bd591aad1112cd8fd1ff7d062b45609a6e6b29df7cada5409d0c9dc0118cceba
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bff1b51c0f334c0fb3bb8fe66e299eb69e1a3ca2826fb0808e26711ce2eab5fb
c05bcac63a948f672e0dbb9bbfbabf0141bc79762a72f1246b5482a0e621b550
c1897d6396c7d02ab61ceac318bd94cb92cab0fcc62e8c42ea4c92e76a982289
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2d921aefcf0ffc0f8d59825cbbc0a4c659f6b92b10a183c7cb596321fee6825
c5a3df9e44bd41b6dc5b1f458f607d046b92e1e48c1b14e72f6c4a1ebbd81a33
c7bf9c6f42cf09ee3f7a00dbfd1d510dc753193a5910f7785b40d7b287b1c825
c8961cbf24ee673f1d960621d4aa1199a71d15ec9d131e204b4d9931c27426e9
c8c0342a14d36f561472916a47f20dafac323040ca4a888fb233da0620facb75
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
cb9f9582d696929ff38ac12ab9123a291e2baa8f82b62bf61c9225b708b4aa44
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
cc961d0ae1d4f3f86f6512522666e41ed941942cb1553b23569b98181ce951af
cf0948ccbfc22dbfa5e7ce5b8c771a6686f007c6f4d0c939a0cb19620b89882d
cf299ad20718aeed38f9254026b6d22eb310162a134cfb18afbd732beb87562f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc5e979d649c22f7bbd217047384d4fb21cd48ff9831832d4e91345b34a3654
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d30df161a40b22066b528e73386575dd1326083c5ade6213bd59f867532b401b
d32500829d7e957d45c02e1ccdbe548cb3bd300a2b6e855c1f6518006954760e
d3c8f215d4ea3ece9d1e130aecd05bb15745133dd6a23696170b12f82fcf0de4
d597f8defd71ebde92744ed40af4563dddf664bab0c2a943b97ea6b3fca1f265
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
da3348af82f8b0b09bca13b9baa85fa26c0017fc8d8a1c739751b6a5a50ebb95
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de42f0fcb249085ae2ff08d335a98eb468e366f23b80f18578f4c10a2049e2a6
e03515f92eb3f9da1542fda3aba456d358b7f77abf96502e315139ffb898ae6d
e17238bcf47934b27c9967237587ea09f08dfa619e9b42e55689591dcbe42d26
e25d44c119392921a7606d9a52a27ec64890839a9c8aef4109c41a653af50cc3
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ffd36023384c874705274f37c04978f10e9b39fe294fbd778f6bdb5d98adad
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e660d9c050d18532fcce58ded06b3e8d9a545f43107ec0b149e736d170974976
e69d1c1638084126ea7f8fbf310d0a19511b9f1917fa20d892c2a75ae31d37f0
ea24f23e3904d8725fe2429924bfe5720279f477856440be7a208bee4609049d
ea9878db622a55c5e1440e5c5a11b2e7281180ff83805c21f3b2b83cbd7d1c44
eb0a9b45b15188210d0d3f50395cc39b672226ed40932f0c77b5964aebcc8218
ebab2860c033f0f457e5ff4032b11178caa6cad46820638b02e74a00d2b396d6
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1864ec78cdc6903a62729f6152b94d4c9bec2d5f75eb30a1a58a42a168e23e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff68bbb52e107c83d6f8ee48a9a300cc083cf453dd32bfac99d14d934a4dfc0
f0d17ee87413179ec98bddcd17de6c5334a8d9902390d0725bcb8efd4a9c25dc
f7f04405d60af379d444bece0e25ef586a1c8fdc5d0245c8c6ed11002dbf3242
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f85bfb5a9def40ff2ad80bc3ccda333435d09ed1b74baa4f1bde76aa78730ced
fbf9c175f0304ab17dfbfd0e0f5d8a1e8a4bd2e9776225ede498f707ab20c576
feb6fb7964ff50524c107524c1773ae1fa2a13d37c9c2c81a9a7c87da8c970b8
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce