tardivedyskinesiaearlysigns.com Open in urlscan Pro
104.17.157.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tardivedyskinesiaearlysigns.com/
Submission: On March 05 via api (March 5th 2024, 11:16:26 pm UTC) from US — Scanned from US

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 56 HTTP transactions. The main IP is 104.17.157.1, located in and belongs to CLOUDFLARENET, US. The main domain is tardivedyskinesiaearlysigns.com.
TLS certificate: Issued by E1 on March 4th 2024. Valid for: 3 months.

This is the only time tardivedyskinesiaearlysigns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.157.1 104.17.157.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:215f:a600:9:bf39:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	3.161.213.100 3.161.213.100	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
5	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c08::68	15169 (GOOGLE) (GOOGLE)
3 6	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
3	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c17::66	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c06::66	15169 (GOOGLE) (GOOGLE)
2	18.208.0.174 18.208.0.174	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
56	16

1 104.17.157.1 (None, )

ASN13335 (CLOUDFLARENET, US)

tardivedyskinesiaearlysigns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:a600:9:bf39:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.greencolumnblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.161.213.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-100.yul62.r.cloudfront.net

s.flocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.greencolumnblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c08::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c09::9d (Washington, United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.0.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-0-174.compute-1.amazonaws.com

soflopxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 148	53 KB
10	flocdn.com s.flocdn.com — Cisco Umbrella Rank: 25265	571 KB
8	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	5 KB
7	greencolumnblog.com ob.greencolumnblog.com — Cisco Umbrella Rank: 32506 obs.greencolumnblog.com — Cisco Umbrella Rank: 28675	39 KB
5	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2527	56 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	385 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124 partner.googleadservices.com — Cisco Umbrella Rank: 5045	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	41 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 9742	1 KB
2	soflopxl.com soflopxl.com — Cisco Umbrella Rank: 22549	407 B
1	tardivedyskinesiaearlysigns.com tardivedyskinesiaearlysigns.com	3 KB
56	11

	Domain	Requested by
10	s.flocdn.com	tardivedyskinesiaearlysigns.com s.flocdn.com
8	www.google.com	s.flocdn.com tardivedyskinesiaearlysigns.com
6	googleads.g.doubleclick.net	3 redirects www.googletagmanager.com
6	obs.greencolumnblog.com	ob.greencolumnblog.com tardivedyskinesiaearlysigns.com
5	www.adsensecustomsearchads.com	www.google.com tardivedyskinesiaearlysigns.com www.adsensecustomsearchads.com
5	www.googletagmanager.com	ob.greencolumnblog.com s.flocdn.com www.googletagmanager.com
3	www.google-analytics.com	s.flocdn.com www.google-analytics.com
3	www.googleadservices.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	afs.googleusercontent.com	tardivedyskinesiaearlysigns.com
2	soflopxl.com	s.flocdn.com
1	partner.googleadservices.com	www.google.com
1	ob.greencolumnblog.com	tardivedyskinesiaearlysigns.com
1	tardivedyskinesiaearlysigns.com
56	15

This site contains no links.

Subject Issuer	Validity	Valid
tardivedyskinesiaearlysigns.com E1	`2024-03-04` - `2024-06-02`	3 months	crt.sh
*.greencolumnblog.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-16`	a year	crt.sh
*.flocdn.com Amazon RSA 2048 M02	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
pxtres.com Amazon RSA 2048 M02	`2024-01-20` - `2025-02-16`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://tardivedyskinesiaearlysigns.com/
Frame ID: 60805972FC99282F4BA6AF0BE2CD385E
Requests: 44 HTTP requests in this frame

Frame: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
Frame ID: 91E490D3AA3D8CCDD9F9F60B51D4759F
Requests: 9 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup20_3ph_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2Fserp%3Fsc%3Dn9YHF2S6BP5T10%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301421%2C17301431%2C17301433%2C17301436%2C71847096&client_gdprApplies=0&format=r5&nocache=5141709680579334&num=0&output=afd_ads&domain_name=tardivedyskinesiaearlysigns.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1709680579335&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=610814804&rurl=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F
Frame ID: 8C9B67264020A3F3EC51B9A135CA6564
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

tardivedyskinesiaearlysigns.com

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

56
Requests

91 %
HTTPS

73 %
IPv6

11
Domains

15
Subdomains

16
IPs

2
Countries

1162 kB
Transfer

3160 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=1272340469&cv=11&fst=1709680578682&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjlxcW1ZTlUtMkF3aW1wNE53bmk1Y2FZUTNJNEFYWWdtUHVwcklVLUdLTkZLSFFmeUNiaDJUWmgiEwjevum8oN6EAxUwS0cBHeMgAWIyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw HTTP 302
https://www.google.com/pagead/1p-conversion/932435890/?random=1272340469&cv=11&fst=1709680578682&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjlxcW1ZTlUtMkF3aW1wNE53bmk1Y2FZUTNJNEFYWWdtUHVwcklVLUdLTkZLSFFmeUNiaDJUWmgiEwjevum8oN6EAxUwS0cBHeMgAWIyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqLLgJOOE3lYIyZYLpmtp_sVEOfQHMrE1wJS-cQ2UW_3Kdlsi7&random=609223151

Request Chain 28

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=634360396&cv=11&fst=1709680579202&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjFaeFBLVDJ4U0NKV3pxOHJFZnhFOERLRXZxajJLNnc0Z1YzLVEyWXhPZ19oQWM0d1ZZckJKUWUiEwiht-q8oN6EAxUXYUcBHZLlDhkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw HTTP 302
https://www.google.com/pagead/1p-conversion/982246529/?random=634360396&cv=11&fst=1709680579202&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjFaeFBLVDJ4U0NKV3pxOHJFZnhFOERLRXZxajJLNnc0Z1YzLVEyWXhPZ19oQWM0d1ZZckJKUWUiEwiht-q8oN6EAxUXYUcBHZLlDhkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqwy9Ks2sA-3b0_Z2Rr7hjC-AZkBDlcuY9orkCIXFx2hu9miRG&random=2003316661

Request Chain 32

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1882653185&cv=11&fst=1709680579254&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cnh0X21tWWtUUjh4RTdHd3Q2bUMxNmxQZi1hQVYzRnBXUWdaNjZlV0NvbE1iVlBYbnRxbFVUSFciEwjftO28oN6EAxW0bkcBHc1RChwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw HTTP 302
https://www.google.com/pagead/1p-conversion/1058340534/?random=1882653185&cv=11&fst=1709680579254&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cnh0X21tWWtUUjh4RTdHd3Q2bUMxNmxQZi1hQVYzRnBXUWdaNjZlV0NvbE1iVlBYbnRxbFVUSFciEwjftO28oN6EAxW0bkcBHc1RChwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqqrULxXp5DmuyEMHT8Yay1rbDJ81rsFvaZyO0qqjmKXniXSJ8&random=1088625657

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tardivedyskinesiaearlysigns.com/ 7 KB
3 KB 1447ms
567ms Document
text/html 104.17.157.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d609fc82ce5c20777ad7203f18d01ece4f177ad2fe54f80654f66c7cc5f7a686

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 85fdd01419244216-EWR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 23:16:16 GMT
server: cloudflare
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALo4A9ch0h+1WaF7eiREQsF8ZSdjSPKx9KkKjCqabhCJSzV17noE3IU0F05CJ672CxyFRxdONAgr69GDBpn7MRECAwEAAQ==_VtDutrxNc6YFHPjsLyyMGVxOWrKSVfg4wzbpvhY/0+IUSYRi1pezl6xaAdfrKsnZtzY0LmEAyBgLsUsCG79KYQ==

GET
H2 200 35289458b2de2bf5220f730bdbc66486.js Show response
ob.greencolumnblog.com/i/ 101 KB
37 KB 140ms
32ms Script
text/javascript 2600:9000:215f:a600:9:bf39:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:a600:9:bf39:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 1b62c475fce91b0f5d4db15ae5cf1d2d8f133e9738d4d321b3b5041a0158b4cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:10:20 GMT
content-encoding: gzip
via: 1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: YUL62-C2
age: 7557
etag: "19492-VwlUnu1I/+iKLc7ZJCq3TxIb6wo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37814
x-amz-cf-id: zI6AqbUDZX4hR1z62yGjJr8qtG_fT0qHb8jxMMtcgwYD-_qChHDZbQ==
expires: Wed, 06 Mar 2024 09:10:20 GMT

GET
H2 200 deps.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/ 127 KB
42 KB 282ms
210ms Script
application/javascript 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/deps.js
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
Origin: https://tardivedyskinesiaearlysigns.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:18 GMT
x-amz-version-id: 7Uc7r.vbt4Oue61V1e7IY0TWtbqblUyA
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 18:14:06 GMT
server: AmazonS3
via: 1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
etag: W/"64e5013ef8a5e0bc3cce7af5f7adf182"
access-control-max-age: 60000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: L2yoTI6rBpG-7SX-L5Fw2qyTeD0uJb7_0LVRyV8CTrEXPovGDy5aoA==

GET
H2 200 runtime.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/ 1 KB
1 KB 282ms
211ms Script
application/javascript 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/runtime.js
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
Origin: https://tardivedyskinesiaearlysigns.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:18 GMT
x-amz-version-id: xC3iwbYBA3x52ZBBEqExaeTnsafl2bRo
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 18:14:06 GMT
server: AmazonS3
via: 1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
etag: W/"1d64d5f0dfaefdd7c95884fc4268f57e"
access-control-max-age: 60000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: PcKE4Ypbq7K6It-bHvyM_QOPu6p4vFCi-Y0zQm2GC-qNLGeUCnehng==

GET
H2 200 ct Show response
obs.greencolumnblog.com/ 4 KB
2 KB 571ms
62ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/ct?id=28382&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=mnh6l55yiv9o6rdckl3b0cl5&tsf=0&tsfmi=&tsfu=&cb=1709680577692&hl=2&op=0&ag=811640983&rand=038868526920211295506201218661961465503965500024529980808188035686105198051270121718&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDI2ODBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjI4LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTk1ODQ4OTEzNixcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFsiY2IiLCIwLDAsMCwwLDEsMCwwLDAsMCw2LDAsMCwzMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwyNiwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCw0MCwxLDAsMCwwLDAsMCwxLDMsMCJdLFstMSwiLSJdLFstMiwiMTIsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiMTYiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuMywwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDk2ODA1Nzc1NzUsMTBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJsLC0xLC0xLDAsMCw3MzAsMCwwLDQ2LDYxMiwtMSwwLCwsMTc5NSwxNzk2Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlBhY2lmaWMvSG9ub2x1bHUsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXCJfMFwiLFwiMzQ2NzE1NjAwM1wiXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjAiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkY1hCa1JVVTFOU1VvREZoWldXeGRlUzF4Y1YxcFdWVXhVVjF0VlZsNFhXbFpVRmxBV0Nnd0xBUUFOREFGYkMxMWNDMXRmREFzTENWOE9DZ2xiWFZ0YUR3OE5BUThYVTBvRENBTVBEdzRCRHhBVldFMFpUUmRjUVVsV1MwMUtHUkZSVFUxSlNnTVdGbFpiRjE1TFhGeFhXbFpWVEZSWFcxVldYaGRhVmxRV1VCWUtEQXNCQUEwTUFWc0xYVndMVzE4TUN3c0pYdzRLQ1Z0ZFcxb1BEdz09Il0sWy01OCwiLSJdLFstNTksImRlZmF1bHQiXSxbLTYwLDIyMl0sWy02MSwie1wid2dzbFwiOlwiMDtcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjIsIjgwIl0sWy02MywiMCJdLFstNjQsIlswLFwiXCIsW11dIl0sWy02NSwiLSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsaWRsZWRldGVjdGlvbixjaHVhcGxhdGZvcm12ZXJzaW9uLGNod2lkdGgsY2xpcGJvYXJkcmVhZCxjaHZpZXdwb3J0d2lkdGgscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLGNsaXBib2FyZHdyaXRlLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTY3LCIyNTMyMzEyODg4OjQ3Il0sWy02OCwiLSJdLFsiZGRiIiwiMCwxMywwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMiwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwxLDIsMCwwLDAsMCwwLDEsMywzNiwwLDksMCwxLDAsMCwwLDAsMSwwLDAsMSwwLDAsMTAsMCwwLDEsMCwwLDAsNDgsMCJdLFsiYm5jaCIsMjUwXSxbImFibmNoIiwyNTFdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=wfpg865vge&pto=1912&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1709680577.3K6T58oNrbAPJrKG&suid=1.1709680577.rrHx8DGWu6J9hduG&tuid=1.1709680577.hY5R6GOAKgtOAJIS&fbc=-&gtm=-&it=3%2C1460%2C169&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 0e18056d078f16af45e254419c4a50777ba01c9c408b026b320da93439105490

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 05 Mar 2024 23:16:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1467
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UiSyndication.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/lib/ 1 MB
335 KB 510ms
26ms Script
application/javascript 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/lib/UiSyndication.js
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b5da76adb40fb96576d568e27a63a0fd520ce2429bd007eb7a7e300c4eed5b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 18:51:33 GMT
x-amz-version-id: CUFJrkRBk4iVlvpBF1bOsEvGRlCCIM6_
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 18:14:06 GMT
server: AmazonS3
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
etag: W/"27a91df370776ebd10eb2ccb4f567beb"
age: 15886
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Sm71ET-p3HBAJhrfL1fXP3UkpPwTCcMB5mkyKsPjARKLtf25zg65qw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
75 KB 86ms
47ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-932435890

Requested by

Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

440cd200b46e2d1b3b2fa339af95a3b7e1791b08fe51daae28d05c1306afcbe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76129
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 23:16:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 104ms
64ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-982246529

Requested by

Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23c39b5aa8170149aab7b8efd1d9e4e05834235b7e34ba05805ba9d926116024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79068
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 23:16:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 87ms
47ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058340534

Requested by

Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b42cb87a498c832386734a4c2647249b952e044e46bac0d15c2cb1c32011b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79120
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 23:16:18 GMT

GET
H2 200 tc_imp.gif
obs.greencolumnblog.com/tracker/ 43 B
79 B 18ms
18ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.greencolumnblog.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126ae7c13dea428d959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c198e652517071a10acf9f29f674883d08a0e2c3d13f6712507d43cda3692506303239400095b31045d94be394777be26bb25cb43e2916af00665a90b2d7a1bda53ee42f496d2df3dbb2907fe7fcaf9076a860e6345274793d10337a360b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7968677a0dbdc5cea48955c2e019cbecbf7af2b95dfe57594351ccdeb8b795904fd733afac61d6deedefc728852fd41b1d51dc41cc2c82ec03c64959175de659084efe193fdbd4c38fc2cb7baf3354371fe8f719aa61af7010642dd4245c18193cecae88236d33bd995b98f69e57f7c37947630859f9442369ce97ea44ca7dd0d9070ef25110514dc31bc1cd1cbee27e9d663895ce6cf849b50bf190a2dfd1e4c00300969c4ec3be20b94dc8020a28e75fa806c82c2a9b03d8ebaa707267f82ee4d12c9a5081a4cb4e0e120fd6dcbae05b0be3cb86efe2389418345a4f4659244639dfa806c2d22721f385d0e64f6b8d932967be357445134eaa85d9dc40a0695bbdcb3a06fc0ebf8f586f8aeed4a4f3cfb479ab7596e8340791ad7635d7570f77baf761edeeac1638a68cb248bab2ec5a40c997b0c203c037c139fc2f8da3c7b569d044495d3dab3accb53059bb0a17c8ad2727bd8d2122074f891d95622ab3a845f9f1ae7238613dbc813ffa62fe39b88d2905b7feee03b618a6abb8cb0ab159d70291705946b414caca25f8fef13d6849ac854ce8f9b2e0f3747bb3db718a355b280758b3442275d277e77e24693823b54a572c3a0fc29c4ce4e8e686eac177c3082eed10b46f377f58a0cc701310227a02978c7f6837ac1453f848414a1d6dbf78047dd5a4b216ef413205ac3ee4e0ecb5c9dbcba5a9dcffe4d1825f6782a1a05d11657e690e81011956576cdd5c53981dcceb83e67bc4ab25f3e13bb5c3f6d91955d1599dcf1d7fcb314e133a066d520c6881c9c84fd493198f931b9c9facdb589afae265e9ea465038935f967814ca3a072bac5cdc963e6d791a9871928c5a5bfa11da301df0b493c0062cb8c2b628927f857d6893fb10568bf3c4cc431af9c3f29f025621b469ffdc43fc5861c30734730c2809ee9c33a9c14a7be6d7dc5d7541a01426a3023f17cf0a83945f4a7ccd7bde5dfecce9377b1aed3417d6f4d3424762508c7&cri=wfpg865vge&ts=590&cb=1709680578282
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 05 Mar 2024 23:16:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 671c51ac-edaf-43d5-bbb4-87ccf9eb2754
https://tardivedyskinesiaearlysigns.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tardivedyskinesiaearlysigns.com/671c51ac-edaf-43d5-bbb4-87ccf9eb2754
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6ab0692fb0bfd1760da4f665a4c115e0e30783c03334e30f35849096e87a960

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK cd02b25c-540f-4db6-be20-268bf20a35da
https://tardivedyskinesiaearlysigns.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tardivedyskinesiaearlysigns.com/cd02b25c-540f-4db6-be20-268bf20a35da
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96f89f77a3351d14256d37fc44021d47db6fe6dc643364d5de9d2b576d88aa19

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 dpl-search.js Show response
s.flocdn.com/@s1/dpl/4.10.5/ 53 KB
16 KB 28ms
24ms Script
application/javascript 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/lib/UiSyndication.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 433464a815f255ec1606caf38c2f951fbac5bb2e7864f1b2636d5204e25a07ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:14:48 GMT
content-encoding: gzip
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
x-amz-version-id: PULIeBUHKyAGmvoi.m6kq9gOipwP_giY
last-modified: Thu, 23 Mar 2023 19:29:55 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 4950091
etag: "deeb5a6adc11c3cd22c8d86b9a00b20b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
content-length: 15966
x-amz-cf-id: 0XGCejyKKVdiFn-JDU89CrST_evZe3JidSz1pW8IGAXbRsU-qE3_FQ==

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 141 KB
52 KB 59ms
18ms Script
text/javascript 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/a8711a021/lib/UiSyndication.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c816422093e8caadfc1abf2fa0e8491962bddc831179a9580d2943066745242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "931756533773701105"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 05 Mar 2024 23:16:18 GMT

GET
H2 200 texture.png
s.flocdn.com/layout/gd05/ 83 KB
83 KB 48ms
25ms Image
image/png 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.flocdn.com/layout/gd05/texture.png
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: 9nrwm6vbihUL1RldyKfYApKff2o.FEKN
date: Tue, 05 Mar 2024 06:58:24 GMT
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2017 22:02:26 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 58772
etag: "57bbfe7c227619d47a41639eba996150"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-version-id: HC_iG.nfn0YuLDYFlnJj0jQC5XTNCe04
content-length: 84780
x-amz-cf-id: 2lr7FAnDV1TbffNn-A_EGIlY3jzRO9gEi2EzEwsnHbrh8TYGVxDNkA==

GET
H2 200 arrows-rainbow_559.png
s.flocdn.com/layout/pship508/ 86 KB
86 KB 43ms
20ms Image
image/png 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.flocdn.com/layout/pship508/arrows-rainbow_559.png
Requested by: Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: q0xUrgBtkt1zPXsMOtCQmqJsqJAEmQZm
date: Tue, 05 Mar 2024 09:33:53 GMT
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 19:08:13 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 49432
etag: "9ca21edfdf15faf735dad1f024227fbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 87916
x-amz-cf-id: A5-DfjdhIqKIBN9LIZlFgXo-xWRUO83sRLSI-XzIQF29anGha-0p5Q==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/ 2 KB
2 KB 521ms
478ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=1709680578653&cv=11&fst=1709680578653&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

522a9d86adb8eae345525de3a798931da54db508eb4ef4f00f024099cc83d44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/932435890/ 3 KB
2 KB 536ms
34ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/932435890/?random=1709680578682&cv=11&fst=1709680578682&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

b2ebdfac322f1a7c7681f4cd1bab08861538fb13a2246632a6a19949c4050421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1605
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/ 2 KB
2 KB 36ms
34ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=1709680578710&cv=11&fst=1709680578710&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc05bd081aa1262b37c8ccb585e577e2bc865e8856c1e94cfe5e1c5802758918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/982246529/ 3 KB
2 KB 34ms
33ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/982246529/?random=1709680579202&cv=11&fst=1709680579202&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

d2cd22ae131e39cfeb5a23bc2972b57e37dd9fd60ff98653126056bf0c8f1281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1615
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/ 2 KB
1 KB 40ms
39ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1709680579224&cv=11&fst=1709680579224&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72da99ccb6ece5a275c0300724f0504dd4539c547e522ba8b51db14f54dfe1fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1058340534/ 3 KB
2 KB 34ms
33ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1058340534/?random=1709680579254&cv=11&fst=1709680579254&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

1e6cfe371699142627514c937b327000e1b017e6de45f1c0bcdd5e9bb1655b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1612
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
obs.greencolumnblog.com/ 0
158 B 18ms
17ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/mon
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
date: Tue, 05 Mar 2024 23:16:19 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 iframe.html Show response
s.flocdn.com/%40s1/dpl/4.10.5/ Frame 91E4 318 B
597 B 27ms
26ms Document
text/html 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1448bf72a43a485252ffbf7e536e95484947bbb7629b204560999e39aeee7212

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 5494811
cache-control: max-age=31536000
content-encoding: gzip
content-length: 201
content-type: text/html; charset=UTF-8
date: Tue, 02 Jan 2024 08:56:09 GMT
etag: "1f6f8e54b2db545b3266083e18293359"
last-modified: Thu, 23 Mar 2023 19:29:55 GMT
server: AmazonS3
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
x-amz-cf-id: sB8oQxwzXnPKXux1_M4YcVZCCMlJe1M677kZn-CI2PB-v8mRqzo5nw==
x-amz-cf-pop: YUL62-P1
x-amz-version-id: _..yhvFg4jUoPCCb.3eOGMOK3MAUh_Wv
x-cache: Hit from cloudfront

POST
H2 200 mon Show response
obs.greencolumnblog.com/ 0
16 B 19ms
18ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/mon
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
date: Tue, 05 Mar 2024 23:16:19 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 /
www.google.com/pagead/1p-user-list/932435890/ 42 B
340 B 32ms
26ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/932435890/?random=1709680578653&cv=11&fst=1709679600000&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&frm=0&tiba=tardivedyskinesiaearlysigns.com&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqNWmyDsOak4uVxnpGsbO36R46b4GJ1A&random=3076119613&rmt_tld=0&ipr=y

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/932435890/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=1272340469&cv=11&fst=1709680578682&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1...
https://www.google.com/pagead/1p-conversion/932435890/?random=1272340469&cv=11&fst=1709680578682&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2...

42 B
64 B

30ms
29ms

Image
image/gif

2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/932435890/?random=1272340469&cv=11&fst=1709680578682&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjlxcW1ZTlUtMkF3aW1wNE53bmk1Y2FZUTNJNEFYWWdtUHVwcklVLUdLTkZLSFFmeUNiaDJUWmgiEwjevum8oN6EAxUwS0cBHeMgAWIyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqLLgJOOE3lYIyZYLpmtp_sVEOfQHMrE1wJS-cQ2UW_3Kdlsi7&random=609223151

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/932435890/?random=1272340469&cv=11&fst=1709680578682&bg=ffffff&guid=ON&async=1&gtm=45be42t1za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjlxcW1ZTlUtMkF3aW1wNE53bmk1Y2FZUTNJNEFYWWdtUHVwcklVLUdLTkZLSFFmeUNiaDJUWmgiEwjevum8oN6EAxUwS0cBHeMgAWIyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqLLgJOOE3lYIyZYLpmtp_sVEOfQHMrE1wJS-cQ2UW_3Kdlsi7&random=609223151
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/982246529/ 42 B
108 B 33ms
31ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982246529/?random=1709680578710&cv=11&fst=1709679600000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&frm=0&tiba=tardivedyskinesiaearlysigns.com&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqj-LtUVgJhRS2sVI1MTOgPwJfXCLUc7w7PZQUx48D9bcfdkaA&random=2058353022&rmt_tld=0&ipr=y

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/982246529/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=634360396&cv=11&fst=1709680579202&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1...
https://www.google.com/pagead/1p-conversion/982246529/?random=634360396&cv=11&fst=1709680579202&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=http...

42 B
64 B

32ms
31ms

Image
image/gif

2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/982246529/?random=634360396&cv=11&fst=1709680579202&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjFaeFBLVDJ4U0NKV3pxOHJFZnhFOERLRXZxajJLNnc0Z1YzLVEyWXhPZ19oQWM0d1ZZckJKUWUiEwiht-q8oN6EAxUXYUcBHZLlDhkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqwy9Ks2sA-3b0_Z2Rr7hjC-AZkBDlcuY9orkCIXFx2hu9miRG&random=2003316661

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/982246529/?random=634360396&cv=11&fst=1709680579202&bg=ffffff&guid=ON&async=1&gtm=45be42t1v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cjFaeFBLVDJ4U0NKV3pxOHJFZnhFOERLRXZxajJLNnc0Z1YzLVEyWXhPZ19oQWM0d1ZZckJKUWUiEwiht-q8oN6EAxUXYUcBHZLlDhkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqwy9Ks2sA-3b0_Z2Rr7hjC-AZkBDlcuY9orkCIXFx2hu9miRG&random=2003316661
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 416 B
608 B 58ms
23ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tardivedyskinesiaearlysigns.com&client=dp-dotzup20_3ph_js&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

730c6f334f4ace12fcf687cc0554321c0529ea20d71e5c4da2e36d3b17bcd621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
www.adsensecustomsearchads.com/afs/ Frame 8C9B 18 KB
3 KB 172ms
137ms Document
text/html 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup20_3ph_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2Fserp%3Fsc%3Dn9YHF2S6BP5T10%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301421%2C17301431%2C17301433%2C17301436%2C71847096&client_gdprApplies=0&format=r5&nocache=5141709680579334&num=0&output=afd_ads&domain_name=tardivedyskinesiaearlysigns.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1709680579335&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=610814804&rurl=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

ae0f64d6dcff0df56eb92b830acb12648bf10ffcfd331a4e8d9ab032a3692edb

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-8RnUXe5XScRvnJqkUIFxoQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2858
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-8RnUXe5XScRvnJqkUIFxoQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 05 Mar 2024 23:16:19 GMT
expires: Tue, 05 Mar 2024 23:16:19 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
907 B 64ms
31ms Image
text/html 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup20_3ph_js&output=uds_ads_only&zx=lhgvybqehiei&pbt=rd&ivt=false&dA=false&msg=client-side%20changes%20applied.

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-hDpA3NSb4Ut8vti9KKwxyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hDpA3NSb4Ut8vti9KKwxyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 05 Mar 2024 23:16:19 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.google.com/pagead/1p-conversion/1058340534/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1882653185&cv=11&fst=1709680579254&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_...
https://www.google.com/pagead/1p-conversion/1058340534/?random=1882653185&cv=11&fst=1709680579254&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=h...

42 B
64 B

35ms
34ms

Image
image/gif

2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1058340534/?random=1882653185&cv=11&fst=1709680579254&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cnh0X21tWWtUUjh4RTdHd3Q2bUMxNmxQZi1hQVYzRnBXUWdaNjZlV0NvbE1iVlBYbnRxbFVUSFciEwjftO28oN6EAxW0bkcBHc1RChwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqqrULxXp5DmuyEMHT8Yay1rbDJ81rsFvaZyO0qqjmKXniXSJ8&random=1088625657

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1058340534/?random=1882653185&cv=11&fst=1709680579254&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=tardivedyskinesiaearlysigns.com&gtm_ee=1&npa=0&pscdl=noapi&auid=1959034208.1709680579&uamb=0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0tLYnJ3WVFsUExreS1hQ25zMGJFaVlBVUJJdmQwbTZ0WjBkSkZGSFVGQ1Y2WjEwSGgwa3VtdWNucFRtMTlmcFpDSkRqSUNHMEEaWENoQUlnS0ticndZUXRPNmkwT1NQMmZsU0VpNEFJbVM4cnh0X21tWWtUUjh4RTdHd3Q2bUMxNmxQZi1hQVYzRnBXUWdaNjZlV0NvbE1iVlBYbnRxbFVUSFciEwjftO28oN6EAxW0bkcBHc1RChwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSKQB7FLtqqrULxXp5DmuyEMHT8Yay1rbDJ81rsFvaZyO0qqjmKXniXSJ8&random=1088625657
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1058340534/ 42 B
64 B 28ms
27ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1058340534/?random=1709680579224&cv=11&fst=1709679600000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&frm=0&tiba=tardivedyskinesiaearlysigns.com&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqO8kwbo62fkca-AafCHu4dgD3nntQoL_atQ7lucWHw1EcV4g9&random=1905022442&rmt_tld=0&ipr=y

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 91E4 52 KB
21 KB 45ms
14ms Script
text/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.flocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 23:10:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 322
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Mar 2024 01:10:57 GMT

GET
H2 200 iframe.js Show response
s.flocdn.com/%40s1/dpl/4.10.5/ Frame 91E4 7 KB
3 KB 23ms
23ms Script
application/javascript 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.js
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa35093fe1dc1f7de4500f1d738ebacf3cef300aba8eb40d75fceec72cd654d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:28:39 GMT
content-encoding: gzip
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
x-amz-version-id: j.sjjFPUPPbaiW9I.0suz0uEuoe02OJ1
last-modified: Thu, 23 Mar 2023 19:29:55 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 4942061
etag: "e05539d09837c596736ed83a8857a809"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
content-length: 2948
x-amz-cf-id: e55V2DBjTVP86ISXWLasXaKr0xnfJOjig-U5IobQth8jbAWcURzBXw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
65 KB 47ms
46ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V

Requested by

Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d95ff7a4c02ae53791779dd485807318ae788934ab7bda8091cd1f1052f2447e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66730
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 23:16:19 GMT

GET
H2 200 caf.js Show response
www.adsensecustomsearchads.com/adsense/domains/ Frame 8C9B 141 KB
52 KB 19ms
18ms Script
text/javascript 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=0

Requested by

Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup20_3ph_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2Fserp%3Fsc%3Dn9YHF2S6BP5T10%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301421%2C17301431%2C17301433%2C17301436%2C71847096&client_gdprApplies=0&format=r5&nocache=5141709680579334&num=0&output=afd_ads&domain_name=tardivedyskinesiaearlysigns.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1709680579335&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=610814804&rurl=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1686a38dc6a488f84383934599c29d1dd7ec0e1bdf7e83ee3dd42232e1102ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "6948468119542903866"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 05 Mar 2024 23:16:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
91 KB 48ms
47ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24eac9a82e00ae9090e6b0419a4beec48c86a0ef057c60ebfb7eb5b7a6b3ccff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 23:16:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 23:16:19 GMT

POST
H2 204 dplpxs
soflopxl.com/ 0
203 B 739ms
27ms Ping
text/plain 18.208.0.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://soflopxl.com/dplpxs
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.0.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-0-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
date: Tue, 05 Mar 2024 23:16:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST
expires: Tue, 05 Mar 2024 23:16:19 GMT

GET
H2 200 grey-n1.svg
afs.googleusercontent.com/ad_icons/custom/publisher_icon_image/dotzup01/ Frame 8C9B 298 B
342 B 761ms
15ms Image
image/svg+xml 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/custom/publisher_icon_image/dotzup01/grey-n1.svg?c=%23ffffff

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

462926b6cf0073e9d08f7a33533309f7c9398e90262bce27538170882ca46ddf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 01:28:22 GMT
age: 78478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 22:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Wed, 06 Mar 2024 00:28:22 GMT

GET
H2 200 call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 8C9B 444 B
804 B 757ms
12ms Image
image/svg+xml 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23212121

Requested by

Host: tardivedyskinesiaearlysigns.com
URL: https://tardivedyskinesiaearlysigns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af67ef467f07528c31667ebdd9a2312f5093d6e1fae9ab2c47522913c64fee8b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 01:40:57 GMT
age: 77723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Wed, 06 Mar 2024 00:40:57 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
265 B 686ms
22ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1QH44F1BG5&gtm=45je42t1v888902321z8844758514za220&_p=1709680579431&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1429109858.1709680580&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709680579&sct=1&seg=0&dl=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&dt=tardivedyskinesiaearlysigns.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3923
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
265 B 688ms
22ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1QH44F1BG5&cid=1429109858.1709680580&gtm=45je42t1v888902321z8844758514za220&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 dplpxs
soflopxl.com/ 0
204 B 589ms
24ms Ping
text/plain 18.208.0.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://soflopxl.com/dplpxs
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.10.5/dpl-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.0.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-0-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
date: Tue, 05 Mar 2024 23:16:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST
expires: Tue, 05 Mar 2024 23:16:19 GMT

GET
H2 200 iframe.html Show response
s.flocdn.com/%40s1/dpl/4.10.5/ Frame 91E4 318 B
598 B 28ms
28ms Document
text/html 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1448bf72a43a485252ffbf7e536e95484947bbb7629b204560999e39aeee7212

Request headers

Referer: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 5494812
cache-control: max-age=31536000
content-encoding: gzip
content-length: 201
content-type: text/html; charset=UTF-8
date: Tue, 02 Jan 2024 08:56:09 GMT
etag: "1f6f8e54b2db545b3266083e18293359"
last-modified: Thu, 23 Mar 2023 19:29:55 GMT
server: AmazonS3
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
x-amz-cf-id: fIXYJyRrsX1kSMBKZBOXOgGpc9qAbkIpwqLX6vuvdR4RpdZtbZqH5Q==
x-amz-cf-pop: YUL62-P1
x-amz-version-id: _..yhvFg4jUoPCCb.3eOGMOK3MAUh_Wv
x-cache: Hit from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 91E4 52 KB
21 KB 22ms
12ms Script
text/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.flocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 23:10:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 323
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Mar 2024 01:10:57 GMT

GET
H2 200 iframe.js Show response
s.flocdn.com/%40s1/dpl/4.10.5/ Frame 91E4 7 KB
3 KB 32ms
23ms Script
application/javascript 3.161.213.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.js
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-100.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa35093fe1dc1f7de4500f1d738ebacf3cef300aba8eb40d75fceec72cd654d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.flocdn.com/%40s1/dpl/4.10.5/iframe.html?&screen=refresh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:28:39 GMT
content-encoding: gzip
via: 1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
x-amz-version-id: j.sjjFPUPPbaiW9I.0suz0uEuoe02OJ1
last-modified: Thu, 23 Mar 2023 19:29:55 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 4942062
etag: "e05539d09837c596736ed83a8857a809"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
content-length: 2948
x-amz-cf-id: SS4J4U0phtL4Oi7z1ZoztqitDvXkl2kmBJRmi2q8UjAsnte24ASE5Q==

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 91E4 4 B
24 B 84ms
83ms XHR
text/plain 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1844407240&t=pageview&_s=1&dl=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=tardivedyskinesiaearlysigns.com&sd=24-bit&sr=1600x1200&vp=&je=0&_u=SKCAAAABEAAAACgCAC~&jid=242483507&gjid=1800199697&cid=1174568432.1709680579&tid=UA-158232775-1&_gid=622599526.1709680579&_r=1&_slc=1&cd1=true&cd2=generatePrimaryId&cd3=4.10.5&cd4=mnh6l55yiv9o6rdckl3b0cl5&cd5=1709680579289-5f115e85-98b6-4d61-ac1a-1a8a87da7162&z=2110358593

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.flocdn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.flocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 91E4 2 B
165 B 39ms
38ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-158232775-1&cid=1174568432.1709680579&jid=242483507&gjid=1800199697&_gid=622599526.1709680579&_u=SKCAAAAAEAAAACgCAC~&z=207449811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.flocdn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Mar 2024 23:16:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.flocdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 91E4 42 B
63 B 547ms
546ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-158232775-1&cid=1174568432.1709680579&jid=242483507&_u=SKCAAAAAEAAAACgCAC~&z=294927085

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.flocdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 39ms
30ms Image
text/html 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup20_3ph_js&output=uds_ads_only&zx=if58ms2oftxb&aqid=w6fnZciXGqTQnboPt7KYsA8&psid=1646507740&pbt=bs&adbx=550&adby=60&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup20_3ph_js&errv=610814804&csala=4%7C0%7C218%7C36%7C11&lle=0&ifv=1&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-3lVpRsF5FJSKDrvtIsc-Nw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3lVpRsF5FJSKDrvtIsc-Nw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 05 Mar 2024 23:16:21 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 mon Show response
obs.greencolumnblog.com/ 0
39 B 24ms
23ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/mon
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
date: Tue, 05 Mar 2024 23:16:21 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 494ms
493ms Image
text/html 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup20_3ph_js&output=uds_ads_only&zx=7vtaxadyvifb&aqid=w6fnZciXGqTQnboPt7KYsA8&psid=1646507740&pbt=bv&adbx=550&adby=60&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup20_3ph_js&errv=610814804&csala=4%7C0%7C218%7C36%7C11&lle=0&ifv=1&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-DPC8KTQw7o1DF0J3LQoFrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-DPC8KTQw7o1DF0J3LQoFrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 05 Mar 2024 23:16:21 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 mon Show response
obs.greencolumnblog.com/ 0
39 B 23ms
21ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/mon
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tardivedyskinesiaearlysigns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
date: Tue, 05 Mar 2024 23:16:23 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 483ms
482ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1QH44F1BG5&gtm=45je42t1v888902321za220&_p=1709680579431&gcd=13l3l3l3l1&npa=0&dma=0&cid=1429109858.1709680580&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709680579&sct=1&seg=0&dl=https%3A%2F%2Ftardivedyskinesiaearlysigns.com%2F&dt=tardivedyskinesiaearlysigns.com&en=scroll&epn.percent_scrolled=90&_et=13&tfd=8939
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tardivedyskinesiaearlysigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 23:16:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tardivedyskinesiaearlysigns.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.flocdn.com/%40s1/dpl/4.10.5	1969-12-31 23:59:59	Name: c_cn Value: c_cn1234
tardivedyskinesiaearlysigns.com/	1970-01-21 03:40:16	Name: s1_userid Value: MlPdYioJd2pb6LvavzPJ
.tardivedyskinesiaearlysigns.com/	1970-01-20 21:06:04	Name: _cq_duid Value: 1.1709680577.3K6T58oNrbAPJrKG
.tardivedyskinesiaearlysigns.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1709680577.rrHx8DGWu6J9hduG
obs.greencolumnblog.com/	1970-01-21 02:58:30	Name: cg_uuid Value: 11c3902889b3c75dedc607b94402b0b8
.tardivedyskinesiaearlysigns.com/	1970-01-20 21:04:16	Name: _gcl_au Value: 1.1.1959034208.1709680579
.doubleclick.net/	1970-01-21 04:30:40	Name: IDE Value: AHWqTUlqLEX4l1Zk195wIM-qVC8YNeB8Gv9xsiu7kxvFRI7QYV9kvyS18WyK7-Py
.tardivedyskinesiaearlysigns.com/	1970-01-21 04:16:16	Name: __gsas Value: ID=4b1abd9b30628f51:T=1709680579:RT=1709680579:S=ALNI_MYwDSe4IggRED0x6QaTWBksjSrLBw
.s.flocdn.com/	1970-01-21 04:30:40	Name: _ga Value: GA1.3.1174568432.1709680579
.s.flocdn.com/	1970-01-20 18:56:06	Name: _gid Value: GA1.3.622599526.1709680579
.tardivedyskinesiaearlysigns.com/	1970-01-21 04:30:40	Name: _ga Value: GA1.1.1429109858.1709680580
.tardivedyskinesiaearlysigns.com/	1970-01-21 04:30:40	Name: _ga_1QH44F1BG5 Value: GS1.1.1709680579.1.0.1709680579.60.0.0
.s.flocdn.com/	1970-01-20 18:54:40	Name: _gat Value: 1

61 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://tardivedyskinesiaearlysigns.com/671c51ac-edaf-43d5-bbb4-87ccf9eb2754(Line 1) Message: Error
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.google.com/adsense/domains/caf.js(Line 200) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tardivedyskinesiaearlysigns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
analytics.google.com
googleads.g.doubleclick.net
ob.greencolumnblog.com
obs.greencolumnblog.com
partner.googleadservices.com
s.flocdn.com
soflopxl.com
stats.g.doubleclick.net
tardivedyskinesiaearlysigns.com
www.adsensecustomsearchads.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.17.157.1
142.250.31.156
18.208.0.174
2001:4860:4802:32::181
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:215f:a600:9:bf39:bec0:93a1
2607:f8b0:4004:c06::66
2607:f8b0:4004:c08::68
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c17::66
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1d::9b
3.161.213.100
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0b42cb87a498c832386734a4c2647249b952e044e46bac0d15c2cb1c32011b89
0b5da76adb40fb96576d568e27a63a0fd520ce2429bd007eb7a7e300c4eed5b6
0e18056d078f16af45e254419c4a50777ba01c9c408b026b320da93439105490
1448bf72a43a485252ffbf7e536e95484947bbb7629b204560999e39aeee7212
1b62c475fce91b0f5d4db15ae5cf1d2d8f133e9738d4d321b3b5041a0158b4cb
1e6cfe371699142627514c937b327000e1b017e6de45f1c0bcdd5e9bb1655b7d
23c39b5aa8170149aab7b8efd1d9e4e05834235b7e34ba05805ba9d926116024
24eac9a82e00ae9090e6b0419a4beec48c86a0ef057c60ebfb7eb5b7a6b3ccff
433464a815f255ec1606caf38c2f951fbac5bb2e7864f1b2636d5204e25a07ac
440cd200b46e2d1b3b2fa339af95a3b7e1791b08fe51daae28d05c1306afcbe6
462926b6cf0073e9d08f7a33533309f7c9398e90262bce27538170882ca46ddf
4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed
522a9d86adb8eae345525de3a798931da54db508eb4ef4f00f024099cc83d44a
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0
52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020
5c816422093e8caadfc1abf2fa0e8491962bddc831179a9580d2943066745242
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
72da99ccb6ece5a275c0300724f0504dd4539c547e522ba8b51db14f54dfe1fc
730c6f334f4ace12fcf687cc0554321c0529ea20d71e5c4da2e36d3b17bcd621
96f89f77a3351d14256d37fc44021d47db6fe6dc643364d5de9d2b576d88aa19
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9
ae0f64d6dcff0df56eb92b830acb12648bf10ffcfd331a4e8d9ab032a3692edb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af67ef467f07528c31667ebdd9a2312f5093d6e1fae9ab2c47522913c64fee8b
b2ebdfac322f1a7c7681f4cd1bab08861538fb13a2246632a6a19949c4050421
caa35093fe1dc1f7de4500f1d738ebacf3cef300aba8eb40d75fceec72cd654d
cc05bd081aa1262b37c8ccb585e577e2bc865e8856c1e94cfe5e1c5802758918
d2cd22ae131e39cfeb5a23bc2972b57e37dd9fd60ff98653126056bf0c8f1281
d609fc82ce5c20777ad7203f18d01ece4f177ad2fe54f80654f66c7cc5f7a686
d95ff7a4c02ae53791779dd485807318ae788934ab7bda8091cd1f1052f2447e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1686a38dc6a488f84383934599c29d1dd7ec0e1bdf7e83ee3dd42232e1102ef
f6ab0692fb0bfd1760da4f665a4c115e0e30783c03334e30f35849096e87a960

tardivedyskinesiaearlysigns.com Open in urlscan Pro 104.17.157.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

91 %HTTPS

73 %IPv6

11 Domains

15 Subdomains

16 IPs

2 Countries

1162 kBTransfer

3160 kBSize

13 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

tardivedyskinesiaearlysigns.com Open in urlscan Pro
104.17.157.1 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

91 %
HTTPS

73 %
IPv6

11
Domains

15
Subdomains

16
IPs

2
Countries

1162 kB
Transfer

3160 kB
Size

13
Cookies

56 HTTP transactions
1 data transactions