www.heatbud.com Open in urlscan Pro
44.224.156.148  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://l.sharethis.com/pview?event=pview&hostname=www.heatbud.com&location=%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&product=inline-share-buttons&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&cms=unknown&publisher=5a9e07be57f7f1001382393f&sop=true&version=st_sop.js&lang=en&description=Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games HTTP 301
• https://l.sharethis.com/sc?event=pview&hostname=www.heatbud.com&location=%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&product=inline-share-buttons&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&cms=unknown&publisher=5a9e07be57f7f1001382393f&sop=true&version=st_sop.js&lang=en&description=Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&samesite=None

Request Chain 66

• https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEL7srd-ffgbBXU_MNgfpflU&google_cver=1&google_push=AZmPxg-HapHqaHQfq3gijGjoLg_n4AZYqhu1_kfR0kl_Vg-BLUHecOjaxvqafSzb4_OoFYOSUEGAAN7q9nh8CDIEuPewShXsSylObqo6ItsQdrAepLf1JgJ4llBlKLCcO8vtNZLnRD1WaD4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg-HapHqaHQfq3gijGjoLg_n4AZYqhu1_kfR0kl_Vg-BLUHecOjaxvqafSzb4_OoFYOSUEGAAN7q9nh8CDIEuPewShXsSylObqo6ItsQdrAepLf1JgJ4llBlKLCcO8vtNZLnRD1WaD4&google_hm=MTA1MjYxMDg1OTk5MTg2OTU2NjA

Request Chain 67

• https://rtb.openx.net/sync/dds?google_gid=CAESEDp4G641FT7-_V-J8S1kfI8&google_cver=1&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDEcl4QNEIaJ7AXEI0VU4Wjmr4_RU6VB_qGPgr-P-bwRY HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEDp4G641FT7-_V-J8S1kfI8&google_cver=1&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDEcl4QNEIaJ7AXEI0VU4Wjmr4_RU6VB_qGPgr-P-bwRY&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDEcl4QNEIaJ7AXEI0VU4Wjmr4_RU6VB_qGPgr-P-bwRY&google_hm=8EjE1RrRztUTVPB3W3467A==

Request Chain 68

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBlQJHJJS3yvqHbvsKCunvI&google_cver=1&google_push=AZmPxg-Qc1ZtYE7XwMirkijpgzhI9CUSbNllDHY69iII9iooGVB4AGnELb2iUZp8hGDCfLnhMQT8QoBR9eXr3RrDmCD3ZyOMvh7SS504nK2PuifR4zyq3vbN4PeONWWRlWDMBZCcsmmsGw HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBlQJHJJS3yvqHbvsKCunvI&google_cver=1&google_push=AZmPxg-Qc1ZtYE7XwMirkijpgzhI9CUSbNllDHY69iII9iooGVB4AGnELb2iUZp8hGDCfLnhMQT8QoBR9eXr3RrDmCD3ZyOMvh7SS504nK2PuifR4zyq3vbN4PeONWWRlWDMBZCcsmmsGw&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8NaJKQabQvarOqkXEk5PCQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-Qc1ZtYE7XwMirkijpgzhI9CUSbNllDHY69iII9iooGVB4AGnELb2iUZp8hGDCfLnhMQT8QoBR9eXr3RrDmCD3ZyOMvh7SS504nK2PuifR4zyq3vbN4PeONWWRlWDMBZCcsmmsGw

Request Chain 69

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGTVMSsEQhXO5n_J5HnTVyc&google_cver=1&google_push=AZmPxg8NmQ1LPXjeW0qVWCVeecK_W5syOt-XeAEJYBjfxafKslCsiaB4rzAeNJPmd75WSdDrSh8kLzNrCLMmXFnn97RPmyhjXFSh5gODKVlUmIq4oirCmHGgrS-kLlcgFGenVESj_zi0YJ0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHUkYwMjgtMVktRDJUQQ==&google_push=AZmPxg8NmQ1LPXjeW0qVWCVeecK_W5syOt-XeAEJYBjfxafKslCsiaB4rzAeNJPmd75WSdDrSh8kLzNrCLMmXFnn97RPmyhjXFSh5gODKVlUmIq4oirCmHGgrS-kLlcgFGenVESj_zi0YJ0

Request Chain 70

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_cver=1&google_push=AZmPxg--Z1B_r8VkYfUipGhBRUD5Zr0TNuf134H6454CDrHrFopDWrLCgmue22GLQwkdbxWCs6JCwROUMU11NZ4icPM41od5Ddk_x74rhVOeUPOxKMli76YWnn6L7ZsPXi6ZOUS7OOBGloY HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_push=AZmPxg--Z1B_r8VkYfUipGhBRUD5Zr0TNuf134H6454CDrHrFopDWrLCgmue22GLQwkdbxWCs6JCwROUMU11NZ4icPM41od5Ddk_x74rhVOeUPOxKMli76YWnn6L7ZsPXi6ZOUS7OOBGloY&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_hm=Y1D82p6eCOAueImI-mRhpwAAEsAAAAAB&google_nid=index&google_push=AZmPxg--Z1B_r8VkYfUipGhBRUD5Zr0TNuf134H6454CDrHrFopDWrLCgmue22GLQwkdbxWCs6JCwROUMU11NZ4icPM41od5Ddk_x74rhVOeUPOxKMli76YWnn6L7ZsPXi6ZOUS7OOBGloY

Request Chain 71

• https://cc.adingo.jp/adx/push/?google_gid=CAESEC_uW2c7hc4Q3fWWSX-bRto&google_cver=1&google_push=AZmPxg88rvORxHE42r8kjbLZKuPUJymq_Rbn3dja65pPpNnsXUmSYkaQpgSya9Nj7tc6Kh-yqUJXIuWJlwwsWytUlkDP7CY6MFJpjFkP0ySSIVx1mvmx98jGuPCmwAO4a026D2JZNd-gw6M HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg88rvORxHE42r8kjbLZKuPUJymq_Rbn3dja65pPpNnsXUmSYkaQpgSya9Nj7tc6Kh-yqUJXIuWJlwwsWytUlkDP7CY6MFJpjFkP0ySSIVx1mvmx98jGuPCmwAO4a026D2JZNd-gw6M&google_hm=a08e6725cb24b56f31ec22249c1156a9

Request Chain 126

• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
• https://sync.sharethis.com/nlsn?uid=a04366cefc600b02c7c5b4734f465f1c

Request Chain 127

• https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZG4AAmNQ%2FNgAAAAIBhoqAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZG4AAmNQ%2FNgAAAAIBhoqAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://sync.sharethis.com/int/lotame?uid=e1febb82165a2c4c46f975c538d6fd50&gdpr=0&gdpr_consent=

Request Chain 128

• https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/eyeota?uid=2ZSiOWZruUzNweGBW1cnGL5RDhbSTEY9bYanYpYH9m3c&gdpr=0&gdpr_consent=

Request Chain 129

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/ttd?uid=05094651-2769-4547-9b5c-c3d2ffa1ab1f&gdpr=0&gdpr_consent=

Request Chain 130

• https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZG4AAmNQ%2FNgAAAAIBhoqAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
• https://idsync.rlcdn.com/395886.gif?partner_uid=3630880954592526368 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDg4MDk1NDU5MjUyNjM2OBAAGg0I3PnDmgYSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=072fb47d69940064ebdce46e6ee900d1356199da98813d7814ff947e15e2b690f4cb09cee1a4f8eb&person_id=3630880954592526368&eid=50082

Request Chain 131

• https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
• https://sync.sharethis.com/yahoo?uid=y-rUBnJBJE2oOY3pK.5b7XvTSoYIFUuTcFaTc-~A

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Show response www.heatbud.com/post/	54 KB 55 KB	1292ms 311ms	Document text/html	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 172a12da280b79cdf96ed6b3419d537fc904138ab342de9d318aa9a1de8ef6a2 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-language en-AU content-type text/html;charset=UTF-8 date Thu, 20 Oct 2022 07:46:29 GMT expires 0 pragma no-cache server Apache/2.4.54 () OpenSSL/1.0.2k-fips strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 33 KB	580ms 193ms	Script text/javascript	142.251.10.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f95.1e100.net Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 Oct 2022 09:20:22 GMT content-encoding gzip x-content-type-options nosniff age 339968 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32954 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 16 Oct 2023 09:20:22 GMT
GET H2	200	heatbud-images-min.js Show response www.heatbud.com/resources/js/	8 KB 8 KB	546ms 544ms	Script application/javascript	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/resources/js/heatbud-images-min.js?20190402 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 12942e23b47319bc5eb290ab03aa490d10166cf91f01c70e66f2ecede33e0b56 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:29 GMT last-modified Wed, 25 Apr 2018 09:08:48 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 8209 content-type application/javascript
GET H2	200	heatbud-mrl-min.js Show response www.heatbud.com/resources/js/	52 KB 52 KB	546ms 544ms	Script application/javascript	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/resources/js/heatbud-mrl-min.js?20190402 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 7c622f6c7cdbc1b53eb31b7eb6aa1e4187b0ced352069a6ad92773b64363fe79 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:29 GMT last-modified Wed, 05 Aug 2020 19:09:08 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 53118 content-type application/javascript
GET H2	200	heatbud-common-min.js Show response www.heatbud.com/resources/js/	375 B 450 B	544ms 543ms	Script application/javascript	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/resources/js/heatbud-common-min.js?20190402 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash bbe304b0dd064917968a509ab78208157438bf56add5f497bbfeda98eafdb0bb Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:29 GMT last-modified Sat, 02 Feb 2019 20:09:40 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 375 content-type application/javascript
GET H2	200	heatbud-pagebox-min.js Show response www.heatbud.com/resources/js/	2 KB 2 KB	275ms 275ms	Script application/javascript	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/resources/js/heatbud-pagebox-min.js?20190402 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 34586a8b3f0d9723be13ff897264acaa4a59c45912cd33313d273687af2c4f24 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Sun, 13 Jan 2019 07:57:46 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 1725 content-type application/javascript
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	192 KB 43 KB	694ms 226ms	Script text/javascript	52.84.251.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.251.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-251-86.sin5.r.cloudfront.net Software / Resource Hash 174b53c7c0344f80ea27f8cb3eec4e98c9502c48eb040f5d902176d2fc99bc01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:40:26 GMT content-encoding gzip via 1.1 65572e59b8765f5b1f17936c65131ad6.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN5-C1 age 365 etag W/"2fe41-B6RUASRBT1G2X6u3Ue+hBuA9DqQ" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8 edge-control cache-maxage=60m,downstream-ttl=60m cache-control max-age=600, public x-cache Hit from cloudfront x-amz-cf-id KMmQDRUqdpQr4jStGgOLRGOwE2_24MAHjLH9FztcfNxPoS1ZLNnIeA==
GET H2	200	css fonts.googleapis.com/	14 KB 2 KB	584ms 196ms	Stylesheet text/css	142.251.10.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f95.1e100.net Software ESF / Resource Hash e0eef53bf9432ab73a90915259db28009669de54a461723720876b777f8051f7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 20 Oct 2022 07:46:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 20 Oct 2022 07:46:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 20 Oct 2022 07:46:30 GMT
GET H2	200	main-min.css www.heatbud.com/resources/css/	7 KB 7 KB	545ms 543ms	Stylesheet text/css	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/resources/css/main-min.css?20190402 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 357b43b23a327e02e7e5a8987441641f43e57caec9516a77c0516e4c7d3e6030 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:29 GMT last-modified Sun, 31 May 2020 16:42:20 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 7434 content-type text/css
GET H2	200	gtm.js Show response www.googletagmanager.com/	118 KB 46 KB	591ms 203ms	Script application/javascript	74.125.200.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5RMV88N Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f97.1e100.net Software Google Tag Manager / Resource Hash 9bf4862c0fd844d09b896bdc5c980b39f510beea9cab7278a15d0ba6c321d0ca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46778 x-xss-protection 0 last-modified Thu, 20 Oct 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 20 Oct 2022 07:46:30 GMT
GET H2	200	heatbud-logo.png www.heatbud.com/resources/images/	9 KB 9 KB	554ms 552ms	Image image/png	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.heatbud.com/resources/images/heatbud-logo.png Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash a046289a29195690b7aec507f3bc7ce55bf243c578c018165aee5999fe19188b Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Wed, 28 Mar 2018 15:00:00 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 9174 content-type image/png
GET H2	200	home.png www.heatbud.com/resources/images/	923 B 984 B	553ms 552ms	Image image/png	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.heatbud.com/resources/images/home.png Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 312aa0f053c0ae9f532190b359463560436fbf9286c1368573b978a71c3c1606 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Wed, 11 Feb 2015 16:16:54 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 923 content-type image/png
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	168 KB 55 KB	601ms 213ms	Script text/javascript	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash d6065d3ffc7fdf16a4fe0b8a3c2abb824ac84d29f17d5131ad06f0ff26e2688a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55339 x-xss-protection 0 server cafe etag 6545318594203302307 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Thu, 20 Oct 2022 07:46:30 GMT
GET H2	200	vote-up.png www.heatbud.com/resources/images/	5 KB 5 KB	554ms 553ms	Image image/png	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.heatbud.com/resources/images/vote-up.png Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash e4655e8131deb0ca8914ced0601db2ab8034b9b1d076bbace1902860c4c5b870 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Sun, 27 Jan 2019 15:36:22 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 4745 content-type image/png
GET H2	200	vote-down.png www.heatbud.com/resources/images/	6 KB 6 KB	521ms 521ms	Image image/png	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.heatbud.com/resources/images/vote-down.png Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 57c3d613989fd2d291b6dea679565b24be8706278a42dfc4cf22538acf720e8f Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Sun, 27 Jan 2019 15:36:24 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 5941 content-type image/png
GET H2	200	comments.png www.heatbud.com/resources/images/	4 KB 4 KB	502ms 502ms	Image image/png	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.heatbud.com/resources/images/comments.png Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 0cc853a4507613bd6e3ecbe3e2e32549aedaa506817f9345a7e2083a2fd01a90 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Sun, 27 Jan 2019 16:04:36 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 4161 content-type image/png
GET H2	200	whatis.png www.heatbud.com/resources/images/	4 KB 4 KB	501ms 501ms	Image image/png	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.heatbud.com/resources/images/whatis.png Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash c78c9fdbd5288466815fa3f8c60cdebcde9311d35c1bea58a528e368192789cb Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Tue, 10 Mar 2015 22:08:44 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 3744 content-type image/png
GET H2	200	ckeditor.js Show response www.heatbud.com/resources/js/ckeditor/	515 KB 518 KB	277ms 277ms	Script application/javascript	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/resources/js/ckeditor/ckeditor.js Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 3d25a4eabdba10572ee71e0e338f1c609f0d47fc7eb61a04ec368daea3fa1bc2 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Thu, 30 Jan 2014 18:53:06 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 526864 content-type application/javascript
GET H/1.1	200 OK	lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 postheadshots.s3.amazonaws.com/	11 KB 12 KB	854ms 315ms	Image image/jpeg	52.92.194.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://postheadshots.s3.amazonaws.com/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.194.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-w.amazonaws.com Software AmazonS3 / Resource Hash 6958310b2533be96a16e2751627162af9aa00159dcb03d7bd4096f3dfb09f673 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:32 GMT Last-Modified Tue, 18 Oct 2022 10:06:36 GMT Server AmazonS3 x-amz-request-id 8H5WW1HWA5H2RAV2 ETag "7abdbacb54ef389ab9e4bb043f9d2311" Content-Type image/jpeg Cache-Control max-age=36000 Accept-Ranges bytes Content-Length 11555 x-amz-id-2 GVtC9LZzWyQSdpGLOJcxEru12beW0LjYWdsBDdywXzv1AMbc0mUUuRgZsFR0DlSw6Dcs7LIcwCI=
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v34/	16 KB 17 KB	579ms 193ms	Font font/woff2	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.heatbud.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 Oct 2022 00:35:31 GMT x-content-type-options nosniff age 457859 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16740 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:14:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 15 Oct 2023 00:35:31 GMT
GET H2	200	wlpzgwTPBVpjpCuwkuEB3kZK.woff2 fonts.gstatic.com/s/faunaone/v13/	9 KB 9 KB	854ms 468ms	Font font/woff2	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/faunaone/v13/wlpzgwTPBVpjpCuwkuEB3kZK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash ef7949fcabf4b5b0421194d350223cf551b194abc6292cec9a9e951b388fc08d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.heatbud.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 10:59:27 GMT x-content-type-options nosniff age 506823 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9212 x-xss-protection 0 last-modified Thu, 21 Apr 2022 16:27:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Oct 2023 10:59:27 GMT
POST H2	200	get-related-posts Show response www.heatbud.com/action/	3 KB 3 KB	784ms 783ms	XHR application/json	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.heatbud.com/action/get-related-posts Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash 81aa4201d41d2c0ba40ebfa636c7f088e4f7c18bfd8342c918114f88bbfefa70 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 X-Requested-With XMLHttpRequest accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:30 GMT strict-transport-security max-age=31536000 ; includeSubDomains x-content-type-options nosniff server Apache/2.4.54 () OpenSSL/1.0.2k-fips x-frame-options DENY content-type application/json;charset=ISO-8859-1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 2762 x-xss-protection 1; mode=block expires 0
GET H2	200	button-bg.gif www.heatbud.com/resources/images/	155 B 216 B	276ms 275ms	Image image/gif	44.224.156.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.heatbud.com/resources/images/button-bg.gif Requested by Host: www.heatbud.com URL: https://www.heatbud.com/resources/css/main-min.css?20190402 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.156.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-156-148.us-west-2.compute.amazonaws.com Software Apache/2.4.54 () OpenSSL/1.0.2k-fips / Resource Hash e218adca7626fd89e0b1ecc2fdd8acccb715707fe24b2b144f3f5126b9105c82 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/resources/css/main-min.css?20190402 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:30 GMT last-modified Mon, 02 Dec 2013 21:57:40 GMT server Apache/2.4.54 () OpenSSL/1.0.2k-fips accept-ranges bytes content-length 155 content-type image/gif
GET H2	200	Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 fonts.gstatic.com/s/permanentmarker/v16/	29 KB 29 KB	600ms 241ms	Font font/woff2	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash 4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.heatbud.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 Oct 2022 12:10:02 GMT x-content-type-options nosniff age 329788 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29564 x-xss-protection 0 last-modified Tue, 19 Apr 2022 17:55:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 16 Oct 2023 12:10:02 GMT
GET H/1.1	200 OK	beauty-fashion-discover-a-technique-a-football-betting-choices-to-optimize postheadshots.s3.amazonaws.com/	14 KB 14 KB	343ms 343ms	Image image/jpeg	52.92.194.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://postheadshots.s3.amazonaws.com/beauty-fashion-discover-a-technique-a-football-betting-choices-to-optimize Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.194.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-w.amazonaws.com Software AmazonS3 / Resource Hash 8463597059b90d0c0386072e66b42f15288a3db1f6f84a6b11362e4a9dee0eb4 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:32 GMT Last-Modified Tue, 31 May 2022 06:22:22 GMT Server AmazonS3 x-amz-request-id 8H5VBNFV8MCZ0H78 ETag "70a8ba894101e0b72b4c8928d9970a36" Content-Type image/jpeg Cache-Control max-age=36000 Accept-Ranges bytes Content-Length 13881 x-amz-id-2 Kf7CytN2gkbF6m9apdm8i44kiZo3Cb8PnTwyWAnB1m99rzE0rhSFMp+L8E+QtXAYae2XGx4R1d4=
GET H/1.1	200 OK	football-betting.jpeg s3-us-west-2.amazonaws.com/heatbudimages/barnabas8899/thumbs/common/	110 KB 110 KB	1029ms 361ms	Image image/jpeg	52.92.193.96 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/heatbudimages/barnabas8899/thumbs/common/football-betting.jpeg Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.193.96 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 70090dabc3d71267b54d9184029af2b945ec0799ee6f51ac4f11724eebb810d9 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:33 GMT Last-Modified Tue, 29 Sep 2020 15:16:38 GMT Server AmazonS3 x-amz-request-id NHX7M66YB97PXSEM ETag "3be1652ebcb46a633e0e48e0f35762dc" Content-Type image/jpeg Cache-Control max-age=36000 Accept-Ranges bytes Content-Length 112539 x-amz-id-2 cgceO54sysva+0JzT31/xlzxUrclFeysFgN3X93BLt3SK1FNSsxRKqjMqLx01b+qpTWfW0abssw=
GET H/1.1	200 OK	health-15-funding-through-real-estate-properties-how postheadshots.s3.amazonaws.com/	10 KB 10 KB	339ms 339ms	Image image/jpeg	52.92.194.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://postheadshots.s3.amazonaws.com/health-15-funding-through-real-estate-properties-how Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.194.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-w.amazonaws.com Software AmazonS3 / Resource Hash 6232d8c6013c8e7efc11b496b1654308eb7b9ed870a8604b62eb7709fbdac80f Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:32 GMT Last-Modified Wed, 01 Sep 2021 13:04:49 GMT Server AmazonS3 x-amz-request-id 8H5SXDBNS9Q1NT39 ETag "df0df9405fe696cad8f0c25cf814a3e8" Content-Type image/jpeg Cache-Control max-age=36000 Accept-Ranges bytes Content-Length 9922 x-amz-id-2 tgz5poRbcnRA1I/R7YSwst0Gbl7G2UWuopbwdqNoZEYdQd2do9wiMmxLxcCBqGIujL+zvhHzeGs=
GET H/1.1	200 OK	lifestyle-free-on-line-betting-through-nba-baseball-illusion-activities-7 postheadshots.s3.amazonaws.com/	12 KB 12 KB	553ms 313ms	Image image/jpeg	52.92.194.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://postheadshots.s3.amazonaws.com/lifestyle-free-on-line-betting-through-nba-baseball-illusion-activities-7 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.194.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-w.amazonaws.com Software AmazonS3 / Resource Hash c4751314bf38bdd57e38cdbaaedc77bcbbf3fed03aee3aee29c8f330ce1967e6 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:32 GMT Last-Modified Wed, 21 Sep 2022 09:46:34 GMT Server AmazonS3 x-amz-request-id 8H5HP7JHDFYXNSCD ETag "61651f253835459998b84c22fba39483" Content-Type image/jpeg Cache-Control max-age=36000 Accept-Ranges bytes Content-Length 12111 x-amz-id-2 SD4bpoQkzMKG43S4KLY83XKHutZgZx6HFcdbyrjcOMhCn38mnbWjipLZWczlXd+UC9YBlJHwtd0=
GET H/1.1	200 OK	roulette.png s3-us-west-2.amazonaws.com/heatbudimages/diigispot/thumbs/common/	117 KB 117 KB	968ms 353ms	Image image/jpeg	52.92.193.96 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/heatbudimages/diigispot/thumbs/common/roulette.png Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.193.96 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 6e2756127ed81100e4f9c261c00e68f54c1bf5f79cc54d8718b78417edb9fa99 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:33 GMT Last-Modified Fri, 19 Feb 2021 13:34:26 GMT Server AmazonS3 x-amz-request-id NHX9PDAGWJZF2H1N ETag "7a549fbfda50c4bbe05f8d5973e86154" Content-Type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY Cache-Control max-age=36000 Accept-Ranges bytes Content-Length 119845 x-amz-id-2 hh4Ecn/BmlKwrdmJC2YTBRhHwLraSzAZrqUsJvHEQ6+IAtZM+cFG3kLWFEiifh/tn1yhll1RvNI=
GET H/1.1	200 OK	79.jpg s3-us-west-2.amazonaws.com/heatbudimages/diigispot/thumbs/common/	120 KB 120 KB	926ms 375ms	Image image/jpeg	52.92.193.96 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/heatbudimages/diigispot/thumbs/common/79.jpg Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.193.96 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 06f6c4493cf1f834e80c1aa905b7ffbeaf1524ebe70c06add13a08e87eac7e01 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:33 GMT Last-Modified Mon, 06 Apr 2020 14:25:53 GMT Server AmazonS3 x-amz-request-id NHX4F4688XVAHRB1 ETag "4b2fa66f352cb8f1325f09124190ca19" Content-Type image/jpeg Cache-Control max-age=36000 Accept-Ranges bytes Content-Length 122724 x-amz-id-2 epgQjh3s8pGlLByiOzKkRYQXWPrnpXCbTcz+zQ0Yw5JKpuHvWBQKbti15gfOVV7V9TphR5E/Kg4=
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	579ms 192ms	Script text/javascript	142.251.10.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RMV88N Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f100.1e100.net Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 20 Oct 2022 06:48:17 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 3495 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Thu, 20 Oct 2022 08:48:17 GMT
GET H2	200	5a9e07be57f7f1001382393f.js Show response buttons-config.sharethis.com/js/	443 B 858 B	1509ms 1066ms	Script text/javascript	13.227.254.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buttons-config.sharethis.com/js/5a9e07be57f7f1001382393f.js Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-23.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 852942cd647c48a81ed1918477cae3dc3d5a8a64ddb5fb791cee2d2ef8f46722 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT via 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Sat, 10 Mar 2018 03:25:47 GMT server AmazonS3 x-amz-cf-pop SIN52-C3 etag "c12b36559f9673022a2b11992c01f2bd" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/javascript cache-control max-age=60,public accept-ranges bytes content-length 443 x-amz-cf-id C5EhPMtiAOFcN4LVYRW2X7OMSiCriPcNupeBKjZWurjRVrK1-GALVA==
GET H/1.1	200 OK	sc Show response l.sharethis.com/ Redirect Chain https://l.sharethis.com/pview?event=pview&hostname=www.heatbud.com&location=%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&product=inline-share-buttons&url=https%3A%2F%... https://l.sharethis.com/sc?event=pview&hostname=www.heatbud.com&location=%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&product=inline-share-buttons&url=https%3A%2F%2Fw...	160 B 681 B	393ms 393ms	XHR text/plain	35.157.116.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.sharethis.com/sc?event=pview&hostname=www.heatbud.com&location=%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&product=inline-share-buttons&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&cms=unknown&publisher=5a9e07be57f7f1001382393f&sop=true&version=st_sop.js&lang=en&description=Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&samesite=None Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Server 35.157.116.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-116-120.eu-central-1.compute.amazonaws.com Software / Resource Hash b85c26f6cb6a6ffd5748724e15ece97c8cfa89e939217bdff4fcad25f8db35fe Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:33 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://www.heatbud.com Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Stid ZG4AAmNQ/NgAAAAIBhoqAw== Access-Control-Allow-Headers * Content-Length 160 X-Robots-Tag noindex, nofollow Redirect headers Date Thu, 20 Oct 2022 07:46:32 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://www.heatbud.com Location /sc?event=pview&hostname=www.heatbud.com&location=%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&product=inline-share-buttons&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&cms=unknown&publisher=5a9e07be57f7f1001382393f&sop=true&version=st_sop.js&lang=en&description=Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&samesite=None Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Stid ZG4AAmNQ/NgAAAAIBhoqAw== Access-Control-Allow-Headers * Content-Length 712 X-Robots-Tag noindex, nofollow
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/	353 KB 125 KB	236ms 223ms	Script text/javascript	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash e694dddd39be402be3b33799355eb9c2689989af6c33a4e52bd53ce14d9659b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:32 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127507 x-xss-protection 0 server cafe etag 14386687497704209616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 20 Oct 2022 07:46:32 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/ Frame 0D3D	10 KB 5 KB	1027ms 192ms	Document text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 24226 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4420 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 01:02:46 GMT etag 9671129459699598864 expires Thu, 03 Nov 2022 01:02:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 206 B	194ms 193ms	XHR text/plain	142.251.10.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=314248974&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&ul=en-us&de=UTF-8&dt=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=470548460&gjid=864969&cid=297050948.1666251993&tid=UA-48436913-1&_gid=70664572.1666251993&_r=1&gtm=2wgaj05RMV88N&cd2=1666251991311&cd3=%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&cd4=NULL&cd5=0&cd6=(not%20set)&z=795704258 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f100.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.heatbud.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.heatbud.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	193ms 192ms	Image image/gif	142.251.10.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=314248974&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&ul=en-us&de=UTF-8&dt=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20line%20Betting%20Through%20NBA%20Hockey%20Fantasy%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20Id&ea=trackClientId&_u=aHDAAEABAAAAACAAI~&jid=&gjid=&cid=297050948.1666251993&tid=UA-48436913-1&_gid=70664572.1666251993&gtm=2wgaj05RMV88N&cd1=297050948.1666251993&z=1515105263 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.10.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f100.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 19 Oct 2022 12:00:48 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 71145 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	389 B 695 B	589ms 196ms	Script text/javascript	74.125.200.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.heatbud.com&callback=_gfp_s_&client=ca-pub-3344897177583439&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f156.1e100.net Software cafe / Resource Hash 6aa41e8d5655611dfe6c4fa66c1c9331c2ec7df1cc8c95753c0f7ee47998f760 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 251 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com.au/adsid/	107 B 792 B	583ms 196ms	Script application/javascript	172.217.194.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=www.heatbud.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:33 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	583ms 197ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.heatbud.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:33 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 54AE	430 B 374 B	858ms 556ms	Document text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=400&slotname=1269067337&adk=2282960181&adf=1227276847&pi=t.ma~as.1269067337&w=200&lmt=1666251993&format=200x400&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991348&bpp=4&bdt=1739&idt=1701&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&correlator=2636181975471&frm=20&pv=2&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=50&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6thNUTeg0e&p=https%3A//www.heatbud.com&dtd=1722 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash c6aad78df9a4c2e1e404e920074fed2f591118c78dfdb22fb20034fc703422a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 207 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:33 GMT expires Thu, 20 Oct 2022 07:46:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 669F	23 KB 10 KB	804ms 504ms	Document text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash ca782823c595632a239ca5199112c3393ac5bd2783576897a80a58a9d387e5a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 9906 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:33 GMT expires Thu, 20 Oct 2022 07:46:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame DF0C	430 B 377 B	836ms 534ms	Document text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991353&bpp=1&bdt=1744&idt=1735&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9n8MfRkBJU&p=https%3A//www.heatbud.com&dtd=1738 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash aeaa66dfda33df7312329f778a643d759cb39aca79b0262cd0ccd0590c326e40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 207 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:33 GMT expires Thu, 20 Oct 2022 07:46:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	194ms 194ms	Image image/gif	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&tn=DIV&id=cookieConsent&ign=false&pw=1600&ph=1200&x=1575&y=1175 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:33 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	194ms 193ms	Image image/gif	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&tn=TABLE&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:33 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D536	13 KB 5 KB	617ms 316ms	Document text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&adk=1812271804&adf=3025194257&lmt=1666251993&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991368&bpp=2&bdt=1759&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90&nras=1&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=4&uci=a!4&fsb=1&dtd=1735 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash 65cb5d835b4d44d855270dd1039ba608ab97527c17ef91e2c9abb1a6cdbaffa4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 4812 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:33 GMT expires Thu, 20 Oct 2022 07:46:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	t.dhj Show response t.sharethis.com/1/d/	2 KB 2 KB	1257ms 311ms	Script application/javascript	23.58.240.73 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.heatbud.com&rnd=1666251993381 Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.58.240.73 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-58-240-73.deploy.static.akamaitechnologies.com Software / Resource Hash 48c50fccf7e5c019bc88cd5b4844f9d32b0ee623e624b488bf5c98a6307e872b Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:34 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type application/javascript Cache-Control private, max-age=3600 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 1362 Expires Thu, 20 Oct 2022 08:46:34 GMT
GET H2	200	get_counts Show response count-server.sharethis.com/v2.0/	194 B 561 B	862ms 461ms	Script text/javascript	13.224.250.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.250.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-250-44.sin52.r.cloudfront.net Software / Resource Hash 6b67d8c502b5f11768091c3d515e6a2c01cff82457ab6935e404a1f73f533a60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT via 1.1 824b6b17b59323f523bbeab054eeb246.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN52-C2 etag 707e1dbd406c5e8a05aeb9b568888dd6 x-cache Miss from cloudfront content-type text/javascript cache-control no-cache, no-store, must-revalidate content-length 194 apigw-requestid aSxyIiNXIAMESQg= x-amz-cf-id aeLWnJNizkHvgpvdcAwqWvtBAQ9YHMb9DaZz82nQkS_vlpkJvyhv1w==
GET H2	200	sharethis.svg platform-cdn.sharethis.com/img/	514 B 956 B	632ms 196ms	Image image/svg+xml	52.84.251.103 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/sharethis.svg Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.251.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-251-103.sin5.r.cloudfront.net Software AmazonS3 / Resource Hash 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:14:07 GMT via 1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN5-C1 age 736348 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 514 last-modified Thu, 10 Oct 2019 01:20:13 GMT server AmazonS3 etag "deecdaa377907db5cc1722fc831670a1" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id 3JIX00fXQD3xv4v95TX2WX3qu0WcgFYe9wW2uRxsQWOB8ni3gEoTJg==
GET H2	200	integrator.js Show response adservice.google.com.au/adsid/	107 B 165 B	497ms 195ms	Script application/javascript	172.217.194.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.au/adsid/integrator.js?domain=www.heatbud.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	496ms 195ms	Script application/javascript	172.217.194.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.heatbud.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4759	26 KB 12 KB	515ms 515ms	Document text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash 23d6c4b1f67f9d55bf84f31fca361d816f716818169bc32fc22c1c4578d01df3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 12214 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:34 GMT expires Thu, 20 Oct 2022 07:46:34 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 669F	0 0	205ms 205ms	Fetch text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CewFf2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSBAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMI1l4yR_UL_901CsqPQJnVAy-GkyGKea3WqttJKnYDbq41f2U6WOEgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMzQ0ODk3MTc3NTgzNDM5GAA&sigh=_Zuj_8Tp8jQ&uach_m=[UACH]&cid=CAQSGwDq26N9gunPyMD4n6BEXT9n3MnPGWzxSAFVVxgBIBM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 20 Oct 2022 07:46:34 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Thu, 20 Oct 2022 07:46:34 GMT
GET H2	200	notify rtb.jp2.as.criteo.com/google/auction/ Frame 669F	0 0	777ms 292ms	Fetch	182.161.74.19 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kpa3FLmCMNgFWmL4LRICAAAAFT6YEAf3g6TxnEe4ENn8UGOtDNaGs5i2fXxK5QASAAA&wp=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 120978 content-length 0
GET H2	200	afr.php Show response ads.as.criteo.com/delivery/r/ Frame 6A8E	288 KB 67 KB	1023ms 628ms	Document text/html	182.161.73.148 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 26734d7651eb936430b97a279affd9a9de793a3c45e77539a76feadae9fcb311 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:34 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=eaM42H2o3jY1xxY4k_AhN9yg18ynh703yOnUnfp9ov3LGawuH1UqQKG-PizQeXcONAlcIae5KYbrr6eOt_Hb2ucfT5aGZ468ngeULlx7MgpBaQxpSVqpDLT7bKSJRElXxoD_wZ2dYloMZw-G6OpYAsPdDr9zgzes6eAhTY-rFeDeM0BX22AMmZPjokdpAPTF6AyuX7Iorkkm8Op_dRmGfajHCBlAAJ3dcpaYtsciJC6Spe0X5bkAoNpglTW-PaoK51LeL4nCoVjSkoGm"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 177405083 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 669F	3 KB 1 KB	623ms 236ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 06:54:24 GMT content-encoding gzip x-content-type-options nosniff age 3130 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 03 Nov 2022 06:54:24 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 669F	17 KB 7 KB	598ms 212ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 19 Oct 2022 16:38:07 GMT content-encoding gzip x-content-type-options nosniff age 54507 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7569 x-xss-protection 0 server cafe etag 4237063375490391177 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 02 Nov 2022 16:38:07 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 669F	152 KB 47 KB	583ms 195ms	Script text/javascript	74.125.130.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1666251993&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251991352&bpp=1&bdt=1743&idt=1728&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NCeJHv7eal&p=https%3A//www.heatbud.com&dtd=1732 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f155.1e100.net Software sffe / Resource Hash 66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47476 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1666179788250400" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 20 Oct 2022 07:46:34 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 4759	3 KB 1 KB	262ms 246ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 06:54:24 GMT content-encoding gzip x-content-type-options nosniff age 3130 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 03 Nov 2022 06:54:24 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 4759	0 0	225ms 224ms	Fetch text/html	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cacca2fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSIAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dLrwS4wREVmgRA2_8NQq1mgNzm9kCNDSabSj7XMMPPh52Qt93GQI4AGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzM0NDg5NzE3NzU4MzQzORgA&sigh=GImDFPCMDTY&uach_m=[UACH]&cid=CAQSKQDq26N9LoT_HXfP0zcTqgjYlexwD6-U6cF1OSqNJgD-G68LQ3Vn1FlsGAEgEw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.10.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 20 Oct 2022 07:46:34 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	notify rtb.jp2.as.criteo.com/google/auction/ Frame 4759	0 0	348ms 241ms	Fetch	182.161.74.19 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kpa3FMr6RKAGmAJi-C0SAgAAAPZXVPRc51mZ8ZxHuBDZ_FBj8e78i_Zh1RA1nWIAEgAA&wp=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:33 GMT strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 158307 content-length 0
GET H2	200	afr.php Show response ads.as.criteo.com/delivery/r/ Frame A0A1	155 KB 49 KB	288ms 267ms	Document text/html	182.161.73.148 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash ec3c17123fc97e6f6b59afeab56faf7e2c636840becf1828b7dfd49a390f869f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:33 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=XyLIP32o3jY1xxY4cvO-NsSOTKyk6WYnhulSONUzJov6HMUcxtuu8h6k9t2QXXQhuBuiQ-dwndz6UBJgEe24vdFfInhAqb39vurMEQ4TUonJjrN6o6jvP53ygymidIY4SlGjlrfDHsnd5BDrb69oSV-lwquOQYsddcA7zybIyTO-msI38Voaij51Tw8Qnlnsq6PSijkUGOeDPiUiFq_uNHQuvweY0ypj8iZJvn3obw859EsRFBZLCnXID0q44UYuIKdHOg"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 69990626 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 0E70	1 KB 749 B	193ms 192ms	Document text/html	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 22989 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 724 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 01:23:25 GMT etag 48472445140208031 expires Fri, 21 Oct 2022 01:23:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 4759	17 KB 8 KB	202ms 193ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 19 Oct 2022 16:38:07 GMT content-encoding gzip x-content-type-options nosniff age 54507 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7569 x-xss-protection 0 server cafe etag 4237063375490391177 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 02 Nov 2022 16:38:07 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 4759	0 0	622ms 237ms	Image text/html	142.251.10.105 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmSm0tYLKXx-nGU4Qtb49WmvjnfCLGOSW92UidBusv943y8aaSFGu5y0zv3_D54HJc5AoDyerjIcqAPk_qg6kLcmCX6A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.105 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f105.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4759	152 KB 46 KB	2159ms 1857ms	Script text/javascript	74.125.130.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f155.1e100.net Software sffe / Resource Hash 66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47476 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1666179788250400" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 20 Oct 2022 07:46:36 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 0E70	35 B 465 B	605ms 198ms	Image image/gif	103.229.10.247 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIiRkSu-LA7hLKlxhw0d-uA&google_cver=1&google_push=AZmPxg-Hq8Dof8Tk3UL2Pd1ms_xThR0ZCA4YP_ZgRXDj_uRlfh_WSiflHgE0yEaT5gsKmBxtPuMSkQqF1gpjC3wEM-ljDlVM4wlFxtf8sabgPs66qptzIGlDHMD0AVczWJBqbgRRH_sh-w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0E70 Redirect Chain https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEL7srd-ffgbBXU_MNgfpflU&google_cver=1&google_push=AZmPxg-HapHqaHQfq3gijGjoLg_n4AZYqhu1_kfR0kl_Vg-BLUHecOjaxvqafSzb4_OoFYOSUEGAAN7q9... https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg-HapHqaHQfq3gijGjoLg_n4AZYqhu1_kfR0kl_Vg-BLUHecOjaxvqafSzb4_OoFYOSUEGAAN7q9nh8CDIEuPewShXsSylObqo6ItsQdrAepLf1JgJ4llBlK...	170 B 329 B	198ms 197ms	Image image/png	172.253.118.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg-HapHqaHQfq3gijGjoLg_n4AZYqhu1_kfR0kl_Vg-BLUHecOjaxvqafSzb4_OoFYOSUEGAAN7q9nh8CDIEuPewShXsSylObqo6ItsQdrAepLf1JgJ4llBlKLCcO8vtNZLnRD1WaD4&google_hm=MTA1MjYxMDg1OTk5MTg2OTU2NjA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Server 172.253.118.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 20 Oct 2022 07:46:34 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" location https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AZmPxg-HapHqaHQfq3gijGjoLg_n4AZYqhu1_kfR0kl_Vg-BLUHecOjaxvqafSzb4_OoFYOSUEGAAN7q9nh8CDIEuPewShXsSylObqo6ItsQdrAepLf1JgJ4llBlKLCcO8vtNZLnRD1WaD4&google_hm=MTA1MjYxMDg1OTk5MTg2OTU2NjA cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0E70 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEDp4G641FT7-_V-J8S1kfI8&google_cver=1&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDE... https://rtb.openx.net/sync/dds?google_gid=CAESEDp4G641FT7-_V-J8S1kfI8&google_cver=1&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDE... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDEcl4QNEIaJ7AXEI0VU4Wjmr4_RU6VB_qGP...	170 B 232 B	498ms 196ms	Image image/png	172.253.118.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDEcl4QNEIaJ7AXEI0VU4Wjmr4_RU6VB_qGPgr-P-bwRY&google_hm=8EjE1RrRztUTVPB3W3467A== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Server 172.253.118.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9kJ1gFWceMZ0nDuSG0kLj2JuE8IYY8R01swAkCE2W6ur7Ev-TWIOR2Mjon16LXHrY4PY0yjjV4agFYvB3AwWtfbqLLWobDEcl4QNEIaJ7AXEI0VU4Wjmr4_RU6VB_qGPgr-P-bwRY&google_hm=8EjE1RrRztUTVPB3W3467A== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-request-id c7hjf87lu765bo9t53e12sssnffdi5hh
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0E70 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8NaJKQabQvarOqkXEk5PCQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	197ms 197ms	Image image/png	172.253.118.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8NaJKQabQvarOqkXEk5PCQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-Qc1ZtYE7XwMirkijpgzhI9CUSbNllDHY69iII9iooGVB4AGnELb2iUZp8hGDCfLnhMQT8QoBR9eXr3RrDmCD3ZyOMvh7SS504nK2PuifR4zyq3vbN4PeONWWRlWDMBZCcsmmsGw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H3 Server 172.253.118.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8NaJKQabQvarOqkXEk5PCQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-Qc1ZtYE7XwMirkijpgzhI9CUSbNllDHY69iII9iooGVB4AGnELb2iUZp8hGDCfLnhMQT8QoBR9eXr3RrDmCD3ZyOMvh7SS504nK2PuifR4zyq3vbN4PeONWWRlWDMBZCcsmmsGw date Thu, 20 Oct 2022 07:46:35 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0E70 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGTVMSsEQhXO5n_J5HnTVyc&google_cver=1&google_push=AZmPxg8NmQ1LPXjeW0qVWCVeecK_W5syOt-XeAEJYBjfxafKslCsiaB4rzAeNJPmd75WSdDrSh8... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHUkYwMjgtMVktRDJUQQ==&google_push=AZmPxg8NmQ1LPXjeW0qVWCVeecK_W5syOt-XeAEJYBjfxafKslCsiaB4rzAeNJPmd75WSdDrSh8kLzNrCLMmXFnn97RPmyhjXFSh5...	170 B 188 B	302ms 198ms	Image image/png	172.253.118.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHUkYwMjgtMVktRDJUQQ==&google_push=AZmPxg8NmQ1LPXjeW0qVWCVeecK_W5syOt-XeAEJYBjfxafKslCsiaB4rzAeNJPmd75WSdDrSh8kLzNrCLMmXFnn97RPmyhjXFSh5gODKVlUmIq4oirCmHGgrS-kLlcgFGenVESj_zi0YJ0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H3 Server 172.253.118.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHUkYwMjgtMVktRDJUQQ==&google_push=AZmPxg8NmQ1LPXjeW0qVWCVeecK_W5syOt-XeAEJYBjfxafKslCsiaB4rzAeNJPmd75WSdDrSh8kLzNrCLMmXFnn97RPmyhjXFSh5gODKVlUmIq4oirCmHGgrS-kLlcgFGenVESj_zi0YJ0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 4b9b5fe4fdc8ed94e0f7cdc225df187a Expires 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0E70 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_push=AZ... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_hm=Y1D82p6eCOAueImI-mRhpwAAEsAAAAAB&google_nid=index&google_push=AZmPxg--Z1B_r8VkYfUipGhBRUD5Zr0TNuf13...	170 B 232 B	497ms 196ms	Image image/png	172.253.118.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_hm=Y1D82p6eCOAueImI-mRhpwAAEsAAAAAB&google_nid=index&google_push=AZmPxg--Z1B_r8VkYfUipGhBRUD5Zr0TNuf134H6454CDrHrFopDWrLCgmue22GLQwkdbxWCs6JCwROUMU11NZ4icPM41od5Ddk_x74rhVOeUPOxKMli76YWnn6L7ZsPXi6ZOUS7OOBGloY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Server 172.253.118.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zck%2F3YWhnHZPK%2BypHOjqRabgi6%2FyV2RnmZe7o%2BDwEb8alylK8nYix%2FH4UmR96fxOyMRshxwnPp6SDL4eM1%2F1Ls7L2tT8nvv8ls0BqEgwixj3ozRgXkI48Q26GBGotRvIeqJdms5McObHUQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDJ-ZxG4loDngJzujcFZLRs&google_hm=Y1D82p6eCOAueImI-mRhpwAAEsAAAAAB&google_nid=index&google_push=AZmPxg--Z1B_r8VkYfUipGhBRUD5Zr0TNuf134H6454CDrHrFopDWrLCgmue22GLQwkdbxWCs6JCwROUMU11NZ4icPM41od5Ddk_x74rhVOeUPOxKMli76YWnn6L7ZsPXi6ZOUS7OOBGloY cache-control no-cache cf-ray 75d023f95c81a938-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0E70 Redirect Chain https://cc.adingo.jp/adx/push/?google_gid=CAESEC_uW2c7hc4Q3fWWSX-bRto&google_cver=1&google_push=AZmPxg88rvORxHE42r8kjbLZKuPUJymq_Rbn3dja65pPpNnsXUmSYkaQpgSya9Nj7tc6Kh-yqUJXIuWJlwwsWytUlkDP7CY6MFJpj... https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg88rvORxHE42r8kjbLZKuPUJymq_Rbn3dja65pPpNnsXUmSYkaQpgSya9Nj7tc6Kh-yqUJXIuWJlwwsWytUlkDP7CY6MFJpjFkP0ySSIVx1mvmx98jGuPCmwAO4a0...	170 B 188 B	489ms 198ms	Image image/png	172.253.118.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg88rvORxHE42r8kjbLZKuPUJymq_Rbn3dja65pPpNnsXUmSYkaQpgSya9Nj7tc6Kh-yqUJXIuWJlwwsWytUlkDP7CY6MFJpjFkP0ySSIVx1mvmx98jGuPCmwAO4a026D2JZNd-gw6M&google_hm=a08e6725cb24b56f31ec22249c1156a9 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H3 Server 172.253.118.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg88rvORxHE42r8kjbLZKuPUJymq_Rbn3dja65pPpNnsXUmSYkaQpgSya9Nj7tc6Kh-yqUJXIuWJlwwsWytUlkDP7CY6MFJpjFkP0ySSIVx1mvmx98jGuPCmwAO4a026D2JZNd-gw6M&google_hm=a08e6725cb24b56f31ec22249c1156a9 date Thu, 20 Oct 2022 07:46:35 GMT content-type text/html; charset=UTF-8 server nginx p3p CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 0E70	0 223 B	584ms 194ms	Image text/html	172.253.118.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jebo4fnoMN1h-kMraAIacrEd8KKiuTeEYjYXtl8v5jBwryYKS__YFA8SzX37xFdYoAPEb2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1666251993&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666251993750&bpp=2&bdt=4141&idt=2&shv=r20221018&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C728x90%2C728x90%2C0x0&nras=2&correlator=2636181975471&frm=20&pv=1&ga_vid=297050948.1666251993&ga_sid=1666251993&ga_hid=314248974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774718%2C42531706%2C44767166%2C44773613%2C31069178%2C31070367%2C31061690%2C31062930&oid=2&pvsid=1485267300559054&tmod=543906010&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tuFaz7ei7y&p=https%3A//www.heatbud.com&dtd=16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame 4759	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 506983bc74ddac050b9970f3d6f84f2557fd29893aa52607c5d3ba9a6d5b27b4 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 669F	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 69c8bc7743ffa0effc986efab1425d88a75a0671d933ef64361aa3aea601f353 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame A0A1	2 KB 1 KB	592ms 196ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame A0A1	2 KB 1 KB	595ms 199ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame A0A1	308 B 636 B	592ms 197ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame A0A1	293 B 621 B	595ms 200ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	lg.php cat.sg1.as.criteo.com/delivery/ Frame A0A1	43 B 348 B	597ms 200ms	Image image/gif	182.161.73.132 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=2rDvQz7Mdfzbivt371qniZLHvTc3J_zaSsC78DJShNj4GRLZ5trNYIQiGezL5By60IIjCiiG4QdOUIX5-50LcumlFJA_x926IcDf_HFZugbpFtkhrRqZeokJ_4OQu510CbsSwTxG3sV5Qdon4BgJkURwh5gFzn2hzj46VgvtIBcPSAsXCOjmbYQzwqCORzZq5pTnKbQJhHcrfg9Q5ZCJ2RdS0eNG2PylSyh2cKBFTD3ikyVQZrXJUKdM9-PFPlGj2HIorRQ9YRlIz2I_JtSc8JdHRwuPF-hHn1AqEXet819kXyWQx9K1A5oUk58awIh5tm0IAB24zvDrSqFVXB4sf7_ng73FFyEq-xjGK0LD5TbptJf6jUkDA_UVSNizWvEdiC2f6maH-wcFMmkbRBW3zGG1n5YNZSWDk1rNnZlvmubP1XpI21cwjHuzY00CnrIHOZbcEA Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1595022 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame A0A1	12 KB 6 KB	255ms 254ms	Script text/javascript	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H/1.1	200 OK	t_.htm Show response t.sharethis.com/a/ Frame E434	2 KB 1 KB	311ms 311ms	Document text/html	23.58.240.73 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/a/t_.htm?ver=1.1074.23347&cid=c010&cls=B Requested by Host: t.sharethis.com URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.heatbud.com&rnd=1666251993381 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.58.240.73 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-58-240-73.deploy.static.akamaitechnologies.com Software / Resource Hash ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Cache-Control max-age=604800 Connection keep-alive Content-Encoding gzip Content-Length 1160 Content-Type text/html Date Thu, 20 Oct 2022 07:46:35 GMT Expires Thu, 27 Oct 2022 07:46:35 GMT Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Robots-Tag noindex, nofollow
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	6 KB 7 KB	596ms 197ms	Image image/png	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?h=556&m=0&partner=81957&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F81957%2F221012%2Ff6fadf08944742bda6a7ec5de639cdaf_logo_n_horizontal.png&v=3&w=196&s=cM_AS8cCbzrhOi8OzHFOnlFw Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash d0cffc4a668bfb454ae5e36d9199d6f77e60ec97ed22545cba9573660fcfb6fc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/png cache-control public, max-age=30425066 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6463 expires Sat, 07 Oct 2023 11:11:01 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	289 KB 290 KB	1131ms 732ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?h=1200&m=0&partner=81957&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F81957%2F221012%2F506e71a82a774c709506e0a1bc098e34_bbnt-criteo-banners-wk16-summer-living-1200x1200.png&v=3&w=1200&s=8tdRt-wR_j9WBzL7OBpElH1U Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 7772887e87939458ce55c6fbe26a25cc4565bfe69fd0c22dba7ec47b197aa2bf Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=30425237 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 296200 expires Sat, 07 Oct 2023 11:13:53 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	10 KB 10 KB	597ms 198ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F20245401-V08.jpg&v=3&w=400&s=2-0SAbNFsbRPV1XhySBqDiC0&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 0865f267142666f8f52bbf55503c9fa27e601885fdc5ad7d6f887fcbda447e1b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 9728 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	19 KB 19 KB	822ms 423ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21227701-P.jpg&v=3&w=400&s=pfWb0Mfm__iT_BhcRX7C2UvI&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 11ba6ac46fc3e2ee8d886e5690b63f23d4cf6cd967c8eebf90977239367a0bcb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 19392 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	18 KB 18 KB	861ms 463ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F106%2F082%2FHQ-Amazilia-Cushion.jpg%3F1615426872&v=3&w=400&s=NCXcTITwCCdTtL8RXqwVYF1J&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 3bbf35bdee31621f7c5a0a813ac179ecbfe584f771882779cd1fa1106ee23037 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18562 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	17 KB 17 KB	1267ms 868ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F132%2F795%2FM_F-Dachsie-FQQC.jpg%3F1638225318&v=3&w=400&s=PORe6F0Va24XhL-NSfQ8BE1r&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 51d9c5060aaf97e5c5ed6a7145d5b51bb27f80eb7ad225d5be53ff83b9d82d9a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 17178 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	16 KB 16 KB	1082ms 1081ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21891901-P.jpg&v=3&w=400&s=MWmUGrPRQszEy4j0JBB14rSh&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 2ebd1ecfb1c0a43ac9d3810bad35c4bceee4812a174dd1e2a0f90a6469d77145 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16180 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	31 KB 31 KB	1059ms 1059ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F126%2F999%2FM_F-Eadie-BS.jpg%3F1626323766&v=3&w=400&s=iD4OtY-ZSiqk27f7J1H9jK1E&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash ce4b37c8527e201813a7d3f3366c0fd87793ecbd242f31f6f76d382e197a0b84 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 31944 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame A0A1	7 KB 7 KB	1093ms 1091ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F22091702-P.jpg&v=3&w=400&s=lAOauc0edm8zoZsgyr5DDJHg&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash a4d91387778e2e3278838651cce30104bfd3bdb6cac9edc83a923e198f401939 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6822 expires Sun, 15 Oct 2023 07:46:35 GMT
POST H2	200	all csm.as.criteo.net/ Frame A0A1	0 128 B	361ms 197ms	Ping text/plain	182.161.73.142 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://csm.as.criteo.net/all?cppv=3&cpp=XyLIP32o3jY1xxY4cvO-NsSOTKyk6WYnhulSONUzJov6HMUcxtuu8h6k9t2QXXQhuBuiQ-dwndz6UBJgEe24vdFfInhAqb39vurMEQ4TUonJjrN6o6jvP53ygymidIY4SlGjlrfDHsnd5BDrb69oSV-lwquOQYsddcA7zybIyTO-msI38Voaij51Tw8Qnlnsq6PSijkUGOeDPiUiFq_uNHQuvweY0ypj8iZJvn3obw859EsRFBZLCnXID0q44UYuIKdHOg&sds=2&rev=83153&sendBeacon=true Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.as.criteo.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame A0A1	2 KB 1 KB	197ms 196ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame A0A1	2 KB 1 KB	198ms 197ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QANbT4Kj6gCAAJjCzOjreyRJPUeic5v0Q&u=%7CNIpsJ4NMNMJcXKLgBTWYkYpy5HOEJIuKnN2Kt5oyBKA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKSND5rQiAbIioMTeBOPvqA5HkGLLVtTwBQTYEQ1H6YijaUrnJbACeWvdcY60NqqTeEk3h6z5W0osYfwhPYRg8N_hAKseM0JQX2XSwdTR5k-2HpY20kNLtEtlX3r5wEDlOSbJsbGIBb8H7-lgTrvqjd88_EFzxO7F5SAr4J1W-yuaqcjnWD8vYxjWyJ09uMfIswwdTZTUA9tEV-Xso_xmYXz-juCaZirMTc8gMjjt1ZsSHdJ93YmzchDyGrOS-XUYVh_Cxj92elMcANY7yKnjjPgqOsBz4uirrBvRFfDVWkcXDDAT9T5Df5KtA5f5RWK47claX-YVFl73AzLSvMSNe1YCI18TwexOk283vFoFhvKMPwCy2u__EyHQhLzVun0egEa8BGsZXRKmI9rptsDtQRA2t3Xt3ET7CdIRaNONLrZqYLW0p0sFh4aN9icOnbFJq0Xp8rsySYJaYWgCfUBzQiQavutgf2wrOq2IW6d9HBCEH_1hPhWFLQuK-BVcj1KOYEbu0cFpSuvy_E1tKQWnwkQCbjHe8WDFlg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLEY82fxQY77aNYLQvgSLxongC5j80bFc-r6W5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSLAk_Q-YtUDRzLBe0gbqE6jngQ89DgbCLyf4FuO0-N5QujrEIaf2kE3zAL-7LrkdB56IoHqlbHperGxpMvs_9HSv3Ovd0zFOCoyF2SJ-14xRQl8UnmycBG1PeZvGQ9Fb3r_tUIMt-DIWSybQoQqIbodbwA2h_6wAyBQqDWJ3GwhoVERLo5OeSB6fjwmvPUOtEetTzcSid1FS8XSj1sG5SUeuVW-wfaFsXXK7Hhdgx0nnccYNsQYd6lwnfPwcyCIuoJHwCJB5PM-frxDDcxTpqZvCdZC_siTfs2pTLfAnVKexMj1dKpww-ioYvv_--_jl27_cNjHi23ByltUU5afONW-U3_y3zKHODu3LVD4IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3aOCaofsGAb4y5gVU9Lp7th9LPjg%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 6A8E	2 KB 1 KB	233ms 199ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 6A8E	2 KB 1 KB	235ms 201ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 6A8E	308 B 636 B	231ms 198ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 6A8E	293 B 621 B	234ms 201ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	lg.php cat.sg1.as.criteo.com/delivery/ Frame 6A8E	43 B 347 B	236ms 201ms	Image image/gif	182.161.73.132 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=QBhDZzgQRu5d_6cNNSgcrQ7uNZkmf2rWdt39E9LPNZi_r7nr5BA8DWpoqswPX60_5wPoQ7YxAzdl1OOx_uUi8tpXycCjOeObveVTwDkho3h41ELLQ8bMAu1ZBEcj2d1gAyIrwGZyrBz5LLcgvbnqoI9K1X3aJGcIvsFORWrB8iBNFo4q8imjvPWYRkMY0a9JbwSS4ieRF3QqpgicMkiw5fjPiKzdHaGFza9BLzVy-CLxiLgYAOH73ZvjbWjVA_K7_rqR2uYyvl6P0JoZ0qjJj-r3Fxj0rJbgRvwM4GYvRk0SkB5EW0bxn5F1MvHO6FmU3DFBmtPhXYKvKjrFm2mycx0ai438bUIUgmge6jUNAtDGsCR2WJTqhziDoCYzTFN5vkazg50kuzavEryJewUTqG4uARYbs1LTPBe3NS8RZ6zVtTWg4vGbF80r2KXh7Y4A083nlg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1872278 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 6A8E	12 KB 6 KB	226ms 225ms	Script text/javascript	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	107 KB 107 KB	1452ms 1065ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?h=1200&m=0&partner=81957&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F81957%2F220908%2Feac4a02f551249d2ac03db865a139a74_bbnt-criteo-banners-wk07-spring-lookbooks-oceanhues-1200wx628h.png&v=3&w=1200&s=F02A3o-W_im97Oaw9OWMFiJz Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 9be1b6593fe62ec13c325237c564788cd57c0e00573baf9c1a8ed994334763b7 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=27487999 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 109300 expires Sun, 03 Sep 2023 11:19:55 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	10 KB 10 KB	1500ms 1114ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F20245401-V08.jpg&v=3&w=800&s=IaWYVwe28uI77nz_k9CMksl-&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 0865f267142666f8f52bbf55503c9fa27e601885fdc5ad7d6f887fcbda447e1b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 9728 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	18 KB 18 KB	1055ms 669ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F106%2F082%2FHQ-Amazilia-Cushion.jpg%3F1615426872&v=3&w=800&s=oh_8W4cvBhfwgrITEF4ypMRp&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 3bbf35bdee31621f7c5a0a813ac179ecbfe584f771882779cd1fa1106ee23037 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18562 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	17 KB 17 KB	1188ms 802ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F132%2F795%2FM_F-Dachsie-FQQC.jpg%3F1638225318&v=3&w=800&s=LnXcMFh-7Lo8fpgoIrdwnN0b&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 51d9c5060aaf97e5c5ed6a7145d5b51bb27f80eb7ad225d5be53ff83b9d82d9a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 17178 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	16 KB 16 KB	1499ms 1114ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21891901-P.jpg&v=3&w=800&s=vNLeaZ243WeQN8zyQ3zt-WCv&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 2ebd1ecfb1c0a43ac9d3810bad35c4bceee4812a174dd1e2a0f90a6469d77145 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16180 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	19 KB 19 KB	1431ms 1045ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21227701-P.jpg&v=3&w=800&s=4h_JCkJp36OHR6RqI45vpiCe&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 11ba6ac46fc3e2ee8d886e5690b63f23d4cf6cd967c8eebf90977239367a0bcb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:34 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 19392 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	25 KB 25 KB	1088ms 1088ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21864101-P.jpg&v=3&w=800&s=zl5JCvDG-54nGMnNLH2o3Iha&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 9eb90439a078005df430be21eea2653c70c4bcd87201d16ada33ad51568a191c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 25236 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	17 KB 17 KB	1084ms 1082ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21845901-P.jpg&v=3&w=800&s=LPpZHn7eWKNZusL8ZY6-Gj2O&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 031b1e694377e364991af9ad0bb21372d0b16c6c81411b674c6687461580e9dd Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 17092 expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	25 KB 25 KB	698ms 697ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F127%2F022%2FM_F-Eucalyptus-SS.jpg%3F1626324257&v=3&w=800&s=cuiaHA-y1FOKUGRuT04lNY1R&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 2c5e2b20089bf4a07775c485dc7f2f5b458035843d3c748350c2716931d718fd Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 25134 expires Sun, 15 Oct 2023 07:46:36 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	22 KB 22 KB	570ms 569ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F109%2F635%2FM_F-Japanese-Wisteria-Cushion.jpg%3F1616126670&v=3&w=800&s=K2ExwwseLxWb9Ry3bwPotiR4&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash b3a8e7754fb99286139fc5d35579edb0bba414eebfa5b514455b6d1b4bd34316 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 22538 expires Sun, 15 Oct 2023 07:46:36 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	41 KB 41 KB	297ms 297ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F22072001-P.jpg&v=3&w=800&s=65vEYFBLK4Ci4_0bo3QmgcRI&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash ce15bc2e340730d3a4f7dc833a2ca8d958956f12470cb543f65a6a80e28f5ba8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 41804 expires Sun, 15 Oct 2023 07:46:36 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	12 KB 12 KB	265ms 265ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21829701-P.jpg&v=3&w=800&s=Qbmn6qxEgQ2U96axxsIosHUM&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash c9966e2749a5bcac95e2576624bc405bfe0ff317c2c566542f50e7c24afe1dda Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 12412 expires Sun, 15 Oct 2023 07:46:36 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	28 KB 29 KB	253ms 253ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F107%2F964%2FM_C-Hammersmith-QQC.jpg%3F1615855991&v=3&w=800&s=KDw17fUR2p_X_skyPsaJF4rh&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash ada3d438cb9db36f109d5e2646f34b32086afa71a67cda043d9e3656b49a0f86 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 29024 expires Sun, 15 Oct 2023 07:46:36 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	26 KB 27 KB	250ms 250ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21363501-P.jpg&v=3&w=800&s=zodXBLRPBmmsNN5OOg-vbkPb&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 634d6fc2774c3a6fca6d7ef07c9e84cd348397602be7a81744f01f3ec5db5a40 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 26882 expires Sun, 15 Oct 2023 07:46:36 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	56 KB 56 KB	197ms 197ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F106%2F065%2FCH-Takashi-Pillows.jpg%3F1615426171&v=3&w=800&s=HhKNcxmCC9UOR1RvkdbFoqLm&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 0a9776ab95d0125b71c979579c1612758aa1136194b83e4e039e04c9f7bf9344 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 57450 expires Sun, 15 Oct 2023 07:46:37 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	5 KB 5 KB	198ms 198ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21676704-P.jpg&v=3&w=800&s=Kg8khuXjfcPgKeEJNMqv2IdV&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash cc508e6b55ecb8803e123efd7deb09fe3a0715874992eb6bc434e9a7bd3b8023 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 5098 expires Sun, 15 Oct 2023 07:46:37 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	22 KB 23 KB	200ms 200ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21847301-P.jpg&v=3&w=800&s=g4XxfgECTVsfMKGiha4iBVrg&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 31957a560b681e6ee45c5c9701d7b45164555dc67a18cf5f3ca8a765b06b6b0f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 22866 expires Sun, 15 Oct 2023 07:46:37 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	22 KB 22 KB	200ms 199ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F116%2F130%2FM_F-Farrah-QQC.jpg%3F1618879017&v=3&w=800&s=DxQv-pygF_HllPiCIoCIY2lB&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 4851d20118f4012ef4a7b42cbd01c71dad8a8b292fc159e439d909db84a022e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 22752 expires Sun, 15 Oct 2023 07:46:37 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	22 KB 22 KB	199ms 199ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F125%2F596%2FM_F-Miss-Carnival-Stripe-Dining-204518-R-cb.jpg%3F1624339186&v=3&w=800&s=S6n5ceD8SbLe5_hUfjDjWL0W&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash a04afaf083e3a51dd8ef0933c6d009d5bc902b9c4e6288f16f0ebe23a9a751b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 22540 expires Sun, 15 Oct 2023 07:46:37 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	14 KB 14 KB	199ms 198ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21829101-P.jpg&v=3&w=800&s=ZtLJ5_JYO5IgvP9QH2mg3SRj&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash d0231f0fc4e369f946ff20f951b1943718d41c55847476903a02194f765ab0fd Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 14540 expires Sun, 15 Oct 2023 07:46:37 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	23 KB 24 KB	202ms 201ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21837101-P.jpg&v=3&w=800&s=_y6dTL_BDp664A_ZURtjEJT4&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 2063d93de219f87b3539acbbe1c327f9c69ba5d145f63368f67f5924d24b6e80 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:37 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 23808 expires Sun, 15 Oct 2023 07:46:37 GMT
GET H2	200	img pix.as.criteo.net/img/ Frame 6A8E	20 KB 21 KB	199ms 199ms	Image image/webp	182.161.73.135 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F134%2F931%2FM_F-Ikura-Blue-SS.jpg%3F1647901694&v=3&w=800&s=u6QJ6VvVouIwA9-jlzJMSqb_&b=400 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash 07b9dccde91ab0879119fbb301b6c0351517a76f31d09d5921e182cdd2b9786d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 20852 expires Sun, 15 Oct 2023 07:46:37 GMT
POST H2	200	all csm.as.criteo.net/ Frame 6A8E	0 127 B	600ms 198ms	Ping text/plain	182.161.73.142 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://csm.as.criteo.net/all?cppv=3&cpp=eaM42H2o3jY1xxY4k_AhN9yg18ynh703yOnUnfp9ov3LGawuH1UqQKG-PizQeXcONAlcIae5KYbrr6eOt_Hb2ucfT5aGZ468ngeULlx7MgpBaQxpSVqpDLT7bKSJRElXxoD_wZ2dYloMZw-G6OpYAsPdDr9zgzes6eAhTY-rFeDeM0BX22AMmZPjokdpAPTF6AyuX7Iorkkm8Op_dRmGfajHCBlAAJ3dcpaYtsciJC6Spe0X5bkAoNpglTW-PaoK51LeL4nCoVjSkoGm&sds=2&rev=83153&sendBeacon=true Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.as.criteo.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 20 Oct 2022 07:46:35 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 6A8E	2 KB 1 KB	197ms 196ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:35 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:35 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 6A8E	2 KB 1 KB	197ms 197ms	Image image/svg+xml	182.161.73.129 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-AU,en;q=0.9 Referer https://ads.as.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:37 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:46:37 GMT
GET H/1.1	200 OK	t_.js Show response t.sharethis.com/1.1074.23347/a/AU/ Frame C0C0	23 KB 9 KB	364ms 364ms	Script text/javascript	23.58.240.73 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1.1074.23347/a/AU/t_.js?cid=c010&cls=B Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.1074.23347&cid=c010&cls=B Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.58.240.73 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-58-240-73.deploy.static.akamaitechnologies.com Software / Resource Hash 15157ceb28f2638b0058d77632896c5da810939dba6eabf124aa4dc06c67a746 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/a/t_.htm?ver=1.1074.23347&cid=c010&cls=B User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:35 GMT Content-Encoding gzip Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type text/javascript Cache-Control max-age=604800 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 9366 Expires Thu, 27 Oct 2022 07:46:35 GMT
GET H/1.1	200 OK	nlsn sync.sharethis.com/ Frame C0C0 Redirect Chain https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 https://sync.sharethis.com/nlsn?uid=a04366cefc600b02c7c5b4734f465f1c	42 B 297 B	1458ms 404ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/nlsn?uid=a04366cefc600b02c7c5b4734f465f1c Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:37 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZG4AAmNQ/NgAAAAIBhoqAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers date Thu, 20 Oct 2022 07:46:36 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://sync.sharethis.com/nlsn?uid=a04366cefc600b02c7c5b4734f465f1c content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H/1.1	200 OK	lotame sync.sharethis.com/int/ Frame C0C0 Redirect Chain https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZG4AAmNQ%2FNgAAAAIBhoqAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_con... https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZG4AAmNQ%2FNgAAAAIBhoqAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdp... https://sync.sharethis.com/int/lotame?uid=e1febb82165a2c4c46f975c538d6fd50&gdpr=0&gdpr_consent=	42 B 297 B	1377ms 390ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/int/lotame?uid=e1febb82165a2c4c46f975c538d6fd50&gdpr=0&gdpr_consent= Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:37 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZG4AAmNQ/NgAAAAIBhoqAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers pragma no-cache date Thu, 20 Oct 2022 07:46:36 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.sharethis.com/int/lotame?uid=e1febb82165a2c4c46f975c538d6fd50&gdpr=0&gdpr_consent= cache-control no-cache x-server 10.42.25.168 content-length 0 expires 0
GET H/1.1	200 OK	eyeota sync.sharethis.com/ Frame C0C0 Redirect Chain https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= https://sync.sharethis.com/eyeota?uid=2ZSiOWZruUzNweGBW1cnGL5RDhbSTEY9bYanYpYH9m3c&gdpr=0&gdpr_consent=	42 B 297 B	1398ms 397ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/eyeota?uid=2ZSiOWZruUzNweGBW1cnGL5RDhbSTEY9bYanYpYH9m3c&gdpr=0&gdpr_consent= Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:37 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZG4AAmNQ/NgAAAAIBhoqAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers Location https://sync.sharethis.com/eyeota?uid=2ZSiOWZruUzNweGBW1cnGL5RDhbSTEY9bYanYpYH9m3c&gdpr=0&gdpr_consent= Date Thu, 20 Oct 2022 07:46:36 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200 OK	ttd sync.sharethis.com/ Frame C0C0 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://sync.sharethis.com/ttd?uid=05094651-2769-4547-9b5c-c3d2ffa1ab1f&gdpr=0&gdpr_consent=	42 B 297 B	1586ms 399ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/ttd?uid=05094651-2769-4547-9b5c-c3d2ffa1ab1f&gdpr=0&gdpr_consent= Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:37 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZG4AAmNQ/NgAAAAIBhoqAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers pragma no-cache date Thu, 20 Oct 2022 07:46:35 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.sharethis.com/ttd?uid=05094651-2769-4547-9b5c-c3d2ffa1ab1f&gdpr=0&gdpr_consent= content-type text/html cache-control private,no-cache, must-revalidate content-length 215
GET H3	200	csync.ashx ml314.com/ Frame C0C0 Redirect Chain https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZG4AAmNQ%2FNgAAAAIBhoqAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D https://idsync.rlcdn.com/395886.gif?partner_uid=3630880954592526368 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDg4MDk1NDU5MjUyNjM2OBAAGg0I3PnDmgYSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=072fb47d69940064ebdce46e6ee900d1356199da98813d7814ff947e15e2b690f4cb09cee1a4f8eb&person_id=3630880954592526368&eid=50082	43 B 60 B	307ms 105ms	Image image/gif	34.111.234.236 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=072fb47d69940064ebdce46e6ee900d1356199da98813d7814ff947e15e2b690f4cb09cee1a4f8eb&person_id=3630880954592526368&eid=50082 Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol H3 Server 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 236.234.111.34.bc.googleusercontent.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:36 GMT via 1.1 google server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type image/gif cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Fri, 21 Oct 2022 03:46:37 GMT Redirect headers date Thu, 20 Oct 2022 07:46:36 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=072fb47d69940064ebdce46e6ee900d1356199da98813d7814ff947e15e2b690f4cb09cee1a4f8eb&person_id=3630880954592526368&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	yahoo sync.sharethis.com/ Frame C0C0 Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= https://sync.sharethis.com/yahoo?uid=y-rUBnJBJE2oOY3pK.5b7XvTSoYIFUuTcFaTc-~A	42 B 297 B	1566ms 394ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/yahoo?uid=y-rUBnJBJE2oOY3pK.5b7XvTSoYIFUuTcFaTc-~A Requested by Host: www.heatbud.com URL: https://www.heatbud.com/post/lifestyle-free-on-line-betting-through-nba-hockey-fantasy-games-6 Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 20 Oct 2022 07:46:37 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZG4AAmNQ/NgAAAAIBhoqAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers date Thu, 20 Oct 2022 07:46:36 GMT strict-transport-security max-age=31536000 via http/1.1 spdc0101.pbp.sg3.yahoo.com (ApacheTrafficServer) server ATS age 0 content-type text/html;charset=utf-8 location https://sync.sharethis.com/yahoo?uid=y-rUBnJBJE2oOY3pK.5b7XvTSoYIFUuTcFaTc-~A content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 669F	42 B 64 B	580ms 195ms	Fetch image/gif	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnjQlG8jjoMR3ikrEGRKhZ9NkrlWuA5kumzbc6_miDhwUUgNFpPNHflWDlx2Kj-lZfz-Nr5fmCNKM-nLT8IDkn9bOI&sig=Cg0ArKJSzOw8eQoVUqDfEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3547088801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666251993086&rpt=1731&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 Oct 2022 07:46:36 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	all csm.as.criteo.net/ Frame 6A8E	0 127 B	197ms 196ms	Ping text/plain	182.161.73.142 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://csm.as.criteo.net/all?cppv=3&cpp=eaM42H2o3jY1xxY4k_AhN9yg18ynh703yOnUnfp9ov3LGawuH1UqQKG-PizQeXcONAlcIae5KYbrr6eOt_Hb2ucfT5aGZ468ngeULlx7MgpBaQxpSVqpDLT7bKSJRElXxoD_wZ2dYloMZw-G6OpYAsPdDr9zgzes6eAhTY-rFeDeM0BX22AMmZPjokdpAPTF6AyuX7Iorkkm8Op_dRmGfajHCBlAAJ3dcpaYtsciJC6Spe0X5bkAoNpglTW-PaoK51LeL4nCoVjSkoGm&sds=2&rev=83153&sendBeacon=true Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1D82QAHsfAKj9YWAACWPbNptBvvpGO0pKaoPA&u=%7CEHhrcYHf2JLxCctQqaB3TcIZs9DOxTMoz%2F62UX%2B9TKQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGum05RZE94DbKB_B-EB1KQyKVQSODHnRyVRnTz_GtwGyepQ--OyvgmCdxnFhsaCrbMwt7VqvoVOKqNBK3hB6WeSGq43hAXH19Wu7UZk2K0SO81LXnYin4i4swAu1qpnbIh_opZJHC5MhdsBOzYEKTnNwNQ_7hdp3MfnGcyZLNpWLZdIWTpVBKOEiTrCf_oo3eruJLSe9_gmttTWT0jDvHkK_PnmIOZPuU9-9BP9lf6Ez22Llqz23gDM7XcUkXOnfGTpNDHH6fNR9KRJPjPyNw4Xrjnyeo_AR399M-HorJoKyc8mTFm1eWZudPwT4Mflv7jN6lbJc2rXgxt2ZssVjuutn4A7b8IWrch6BWmz-4K2JJbwBRUYEt_IfTf1RREqod9yJl4HUyHhkhK1O7IQAgeQ2c5m_ip871qucZb_NRWcUoNFhxy2QF2p23YZbQI_zWCIW1OpsLGHeq_kFcQMYOAs5Hfe2O5xmAaQD9wZLeQ76KlK0D80V63Ax53whcWfkpHlOPDndZ4dqhxI8D6tdiP6Jnr12bELZHEJDJv-HSkr98aoQBCT98FPi9Axnx2S_w1j&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiaD_2fxQY_DjHpasvwS9rIL4Dpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMzNDQ4OTcxNzc1ODM0MznIAQmpAkfIlyN1AqU-qAMBqgSEAk_Qq6xpIBQCgSfupOX70CX_z_RYeewBfcuriX5wSQk0t8aC5IY0BWpXIX2jNMDU4YWxc5qfd8G0BIpqQLAuLSD3aCQQEVAtsy-_7zFo3vfCW-JvWyjnqLWyRVYR-mk3IdnSd0nKRSWcyENCOeMKgN2Sv2gBr3JXXs9ICUXVrSmmUoTf28S7vk4DSUiRthDQLLmiHy28cfE9jY8PUoUu3x6P7bjjS9dPHjROQDAW67GsFJ3bfYDJGrpMbQ73gtXfGVLX9h9SOHg5QtgtkPj03DyjRewpMa53ghpMIxt66I0x4XYKK6Jbo-kxzs-XDkYRI8ivsiOecjMRs6SUzRp_eB17zCFvgAaxlqzk-7ym9XigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hfFOY91WnA9MOnRn18P7qVB3fjA%26client%3Dca-pub-3344897177583439%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.as.criteo.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 20 Oct 2022 07:46:37 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	202ms 202ms	XHR application/json	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221018&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software cafe / Resource Hash 01be4da2c183dcafbd39e84ed0f05fe71cf1084cedb1276a07bfb369dd41ad08 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:37 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11360 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	495ms 194ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_fy2021.js?bust=31070367 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.heatbud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 Oct 2022 07:46:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 20 Oct 2022 07:46:37 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame D739	13 KB 5 KB	195ms 193ms	Document text/html	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 39367 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 19 Oct 2022 20:50:31 GMT expires Thu, 19 Oct 2023 20:50:31 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame A7B1	783 B 1001 B	499ms 197ms	Document text/html	142.251.10.105 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.105 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f105.1e100.net Software GSE / Resource Hash d5ba5f0c450f613502fed231d72737bc412dbad1e9d551403d2f363f9f5d79b2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-iR190BluGjJHoPqfiMfHYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.heatbud.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-iR190BluGjJHoPqfiMfHYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 20 Oct 2022 07:46:38 GMT expires Thu, 20 Oct 2022 07:46:38 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js Show response pagead2.googlesyndication.com/bg/ Frame D739	36 KB 16 KB	194ms 194ms	Script text/javascript	142.250.4.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f154.1e100.net Software sffe / Resource Hash 71f2940ec78bc4c5ff54c23fb9aa3faead0c28e69e0ab83c1998d21719a8b46f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 19 Oct 2022 23:40:53 GMT content-encoding gzip x-content-type-options nosniff age 29145 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16112 x-xss-protection 0 last-modified Tue, 11 Oct 2022 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 19 Oct 2023 23:40:53 GMT
GET		generate_204 tpc.googlesyndication.com/ Frame D739	0 0
GET		sodar pagead2.googlesyndication.com/pagead/ Frame A7B1	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/generate_204?gMM_Fg

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221018&jk=1485267300559054&rc=