ahm11rxu.pics Open in urlscan Pro
2606:4700:3036::ac43:850c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ahm11rxu.pics/
Submission: On October 11 via api (October 11th 2023, 2:39:12 pm UTC) from US — Scanned from US

Summary HTTP 292 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 60 IPs in 5 countries across 53 domains to perform 292 HTTP transactions. The main IP is 2606:4700:3036::ac43:850c, located in United States and belongs to CLOUDFLARENET, US. The main domain is ahm11rxu.pics.
TLS certificate: Issued by GTS CA 1P5 on October 11th 2023. Valid for: 3 months.

This is the only time ahm11rxu.pics was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3036::ac43:850c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	23.40.179.62 23.40.179.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.32.172.185 23.32.172.185	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2 15	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:24f... 2600:9000:24f1:a00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
12	54.92.125.230 54.92.125.230	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	54.226.144.195 54.226.144.195	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
1	2602:803:c002... 2602:803:c002:200::62	26667 (RUBICONPR...) (RUBICONPROJECT)
3 7	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
3 5	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1 60	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211c:ea00:18:f049:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:1c0... 2600:141b:1c00:19::17c8:5823	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
36	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
3 11	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
4	44.216.52.233 44.216.52.233	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
10	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	3.219.155.81 3.219.155.81	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
6 21	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
2 2	54.235.252.130 54.235.252.130	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.230.251.138 34.230.251.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.206.252.26 23.206.252.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.206.253.150 23.206.253.150	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4004:c08::78	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4000:47::8	15169 (GOOGLE) (GOOGLE)
4	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
2 2	2606:ae80:147... 2606:ae80:1471:13::760	25751 (VALUECLICK) (VALUECLICK)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.173.32.60 35.173.32.60	14618 (AMAZON-AES) (AMAZON-AES)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	104.126.118.200 104.126.118.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:23c... 2600:9000:23cb:dc00:12:6e90:f080:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.76.76.91 35.76.76.91	16509 (AMAZON-02) (AMAZON-02)
1	52.219.150.30 52.219.150.30	16509 (AMAZON-02) (AMAZON-02)
2 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	23.196.56.215 23.196.56.215	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.47.170.102 23.47.170.102	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.25.18 104.18.25.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	52.71.211.164 52.71.211.164	14618 (AMAZON-AES) (AMAZON-AES)
13 18	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	67.220.228.202 67.220.228.202	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:6467:a5d7:cd4a:7efc	14618 (AMAZON-AES) (AMAZON-AES)
2 2	44.217.1.110 44.217.1.110	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:9000:251... 2600:9000:2512:3e00:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:26f... 2600:9000:26fa:ae00:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.173.219.12 18.173.219.12	16509 (AMAZON-02) (AMAZON-02)
3 3	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	23.40.179.64 23.40.179.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	63.251.114.136 63.251.114.136	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	147.75.198.144 147.75.198.144	54825 (PACKET) (PACKET)
1	18.211.184.20 18.211.184.20	14618 (AMAZON-AES) (AMAZON-AES)
292	60

3 2606:4700:3036::ac43:850c (United States)

ASN13335 (CLOUDFLARENET, US)

ahm11rxu.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.40.179.62 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-62.deploy.static.akamaitechnologies.com

bravo-m.ismcdn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.172.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:816::2002 (United States) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f1:a00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.92.125.230 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

kitchen.juicer.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.226.144.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-144-195.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::62 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.67.179.155 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.26.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2607:f8b0:4006:80f::2001 (United States) 1 redirects

ASN15169 (GOOGLE, US)

571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211c:ea00:18:f049:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.kitchen.juicer.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:19::17c8:5823 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80c::2004 (United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.216.52.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-52-233.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.155.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-155-81.compute-1.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.65.162 (Old Bridge, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.235.252.130 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-252-130.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.230.251.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-251-138.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.252.26 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-252-26.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.206.253.150 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-253-150.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::78 (Ashburn, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4000:47::8 (San Antonio, United States)

ASN15169 (GOOGLE, US)

r3---sn-q4flrnek.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.98 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:13::760 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.32.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-32-60.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.118.200 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-118-200.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:dc00:12:6e90:f080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.cookie.sync.usonar.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.76.76.91 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-76-91.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.150.30 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-northeast-1-r-w.amazonaws.com

juicer-lift.s3-ap-northeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.56.215 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-56-215.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.170.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-170-102.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.211.164 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-211-164.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 69.173.151.100 (United States) 13 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:6467:a5d7:cd4a:7efc (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.217.1.110 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-1-110.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2512:3e00:1a:5235:f980:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26fa:ae00:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-12.jfk52.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.200.65.202 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.179.64 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-64.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.114.136 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.198.144 (Parsippany, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.184.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-184-20.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	753 KB
42	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	264 KB
36	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	754 KB
28	ismcdn.jp bravo-m.ismcdn.jp	349 KB
24	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com csi.gstatic.com	457 KB
24	rubiconproject.com 13 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2373 fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3219 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504 pixel.rubiconproject.com — Cisco Umbrella Rank: 409	145 KB
14	juicer.cc kitchen.juicer.cc — Cisco Umbrella Rank: 228958 cdn.kitchen.juicer.cc — Cisco Umbrella Rank: 334672	54 KB
11	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	806 B
11	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 570 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716 dsum.casalemedia.com — Cisco Umbrella Rank: 1698	8 KB
8	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 261 secure.adnxs.com — Cisco Umbrella Rank: 542 acdn.adnxs.com — Cisco Umbrella Rank: 663	22 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	36 KB
5	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 328 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086	4 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	607 B
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	1 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 402	2 KB
4	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 521	1 KB
4	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4766	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 895 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	7 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1738 mab.chartbeat.com — Cisco Umbrella Rank: 2811	25 KB
3	ahm11rxu.pics ahm11rxu.pics	26 KB
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 1199	1 KB
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 1105 sync1.intentiq.com — Cisco Umbrella Rank: 2757	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 624	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 637	1014 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 753 cdn.indexww.com — Cisco Umbrella Rank: 1795	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	887 B
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3762 r3---sn-q4flrnek.gvt1.com — Cisco Umbrella Rank: 970069	973 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	603 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2517	808 B
2	yieldmo.com 2 redirects ads.yieldmo.com — Cisco Umbrella Rank: 752	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024 r.turn.com — Cisco Umbrella Rank: 4738	878 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	61 KB
2	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 23607 audiencedata.im-apps.net — Cisco Umbrella Rank: 25926	3 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621	281 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1090	449 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1185	646 B
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1985	532 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 416	514 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 915	1 KB
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1171	339 B
1	amazonaws.com juicer-lift.s3-ap-northeast-1.amazonaws.com — Cisco Umbrella Rank: 388465	392 B
1	logly.co.jp 1 redirects sync.logly.co.jp — Cisco Umbrella Rank: 68850	498 B
1	usonar.jp cdn.cookie.sync.usonar.jp — Cisco Umbrella Rank: 220412	2 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2907	986 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3681	1 KB
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 8646	415 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1393	684 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1684	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1445	201 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1649	492 B
0	inmobi.com Failed sync.inmobi.com — Cisco Umbrella Rank: 1484 Failed
292	53

	Domain	Requested by
57	tpc.googlesyndication.com	1 redirects ahm11rxu.pics securepubads.g.doubleclick.net 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
36	cdn.ampproject.org	securepubads.g.doubleclick.net 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
28	bravo-m.ismcdn.jp	ahm11rxu.pics bravo-m.ismcdn.jp
21	cm.g.doubleclick.net	6 redirects 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
15	securepubads.g.doubleclick.net	2 redirects ahm11rxu.pics securepubads.g.doubleclick.net
12	kitchen.juicer.cc	ahm11rxu.pics kitchen.juicer.cc
12	pagead2.googlesyndication.com	ahm11rxu.pics pagead2.googlesyndication.com 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
11	pixel.rubiconproject.com	7 redirects
11	www.google.com	3 redirects ahm11rxu.pics 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com tpc.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
6	fonts.googleapis.com	securepubads.g.doubleclick.net 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com ahm11rxu.pics 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	ib.adnxs.com	1 redirects ads.rubiconproject.com acdn.adnxs.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	match.adsrvr.org	4 redirects
4	pixel.tapad.com	2 redirects ahm11rxu.pics
4	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
4	www.googleadservices.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com ahm11rxu.pics
4	www.gstatic.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
4	in.treasuredata.com	cdn.kitchen.juicer.cc
3	ups.analytics.yahoo.com	3 redirects
3	encrypted-tbn0.gstatic.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
3	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ahm11rxu.pics	ahm11rxu.pics
2	ce.lijit.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	b1sync.zemanta.com	2 redirects
2	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	dclk-match.dotomi.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	secure.adnxs.com	2 redirects
2	sync.teads.tv	1 redirects 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
2	match.360yield.com	2 redirects
2	ads.yieldmo.com	2 redirects
2	prebid-a.rubiconproject.com	ads.rubiconproject.com
2	encrypted-tbn1.gstatic.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
2	encrypted-tbn2.gstatic.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
2	static.criteo.net	ads.rubiconproject.com static.criteo.net
2	cdn.kitchen.juicer.cc	kitchen.juicer.cc
2	static.chartbeat.com	ahm11rxu.pics
1	match.sharethrough.com
1	prebid.a-mo.net
1	hb.yahoo.net
1	sync1.intentiq.com
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	aax-eu.amazon-adsystem.com
1	px.ads.linkedin.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	sync.srv.stackadapt.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	js-sec.indexww.com	ads.rubiconproject.com
1	acdn.adnxs.com	ads.rubiconproject.com
1	mug.criteo.com
1	juicer-lift.s3-ap-northeast-1.amazonaws.com	ahm11rxu.pics
1	sync.logly.co.jp	1 redirects
1	cdn.cookie.sync.usonar.jp	kitchen.juicer.cc
1	analytics.pangle-ads.com	1 redirects
1	a.rfihub.com	1 redirects
1	cc.adingo.jp	1 redirects
1	ums.acuityplatform.com	1 redirects
1	r3---sn-q4flrnek.gvt1.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	cs.media.net	1 redirects
1	r.turn.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	encrypted-tbn3.gstatic.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
1	www.googletagservices.com	571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	dmp.im-apps.net	kitchen.juicer.cc
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	htlb.casalemedia.com	ads.rubiconproject.com
1	fastlane.rubiconproject.com	ads.rubiconproject.com
1	bidder.criteo.com	ads.rubiconproject.com
1	cdn.jsdelivr.net	ads.rubiconproject.com
1	ping.chartbeat.net	ahm11rxu.pics
1	mab.chartbeat.com	static.chartbeat.com
1	ajax.googleapis.com	ahm11rxu.pics
1	polyfill.io	ahm11rxu.pics
1	ads.rubiconproject.com	ahm11rxu.pics
0	sync.inmobi.com Failed	ahm11rxu.pics
292	86

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.futabasha.co.jp
social-plugins.line.me
manga-shinchan.com

Subject Issuer	Validity	Valid
ahm11rxu.pics GTS CA 1P5	`2023-10-11` - `2024-01-09`	3 months	crt.sh
*.ismcdn.jp DigiCert TLS RSA SHA256 2020 CA1	`2023-06-06` - `2024-06-06`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
kitchen.juicer.cc Amazon RSA 2048 M01	`2023-02-10` - `2024-01-18`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-10-03` - `2023-11-02`	a month	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-10-05` - `2024-01-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.cookie.sync.usonar.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-11-21` - `2023-12-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh

This page contains 23 frames:

Primary Page: https://ahm11rxu.pics/
Frame ID: 4731D7E6B0EAB778428A37B78B53A9E2
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 96978008064F436FE32C4FC442FF2442
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622193293525466&output=html&adk=1812271804&adf=3025194257&lmt=1697071142&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fahm11rxu.pics%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697035141964&bpp=4&bdt=1030&idt=298&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7545956587250&frm=20&pv=2&ga_vid=555113298.1697035142&ga_sid=1697035142&ga_hid=1750327119&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31078597%2C44804783%2C44805099&oid=2&pvsid=2080221586828470&tmod=1383292606&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 5085F4CDE6307329EA9CAB0EAD9DE5B3
Requests: 1 HTTP requests in this frame

Frame: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0DFC6096BE99E98D9662E98864559B5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 0C672FD68B22DD7B49689F1C21BF9DA1
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 08004A713EE6039836FD5FE1A085D888
Requests: 17 HTTP requests in this frame

Frame: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 766E972C10660C287FA0D0CFE6B6B15C
Requests: 22 HTTP requests in this frame

Frame: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B29200D383F3867EF87AB64C0069CA88
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 891C3CA8F85ACAFCE5CAD043058F8E31
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: D7228E6CFD83162F195843E3D46C8C75
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 8FEA96F93142D43593DF3FA5BD3231D2
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: E2DE52AA8116D5EC1CD32CAA41E1EF0D
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 1B386A96A1D032C1822ED9F25921108E
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7B55A9139A9AAF19E85E6C679E72D4EF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B10DA2A8379064AFF7C04A7A2C6B416B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: 919842D5C69F60774D7501DC1DF2C3C9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ahm11rxu.pics
Frame ID: 53722840CA7BA8384964774B0495117C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA463B2D6886817A0568B9ADB6912274
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 78E14816AE6D7EF88007F0607F2FD92D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C4DC9462335E618BD8314BC612E3DD6D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3A2770EA004BACE44A9BB2B431D1F913
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CA11DEB708A55D7D76199CC5960D5004
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 42A6B8411199A56164E603E93D566179
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(3ページ目) アウトドア「意味が分かると怖い」空の写真「登山・キャンプ・釣り」一見すると普通でも……「本当に危ない兆候」｜登山｜ニュース｜BRAVO MOUNTAIN

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

292
Requests

84 %
HTTPS

48 %
IPv6

53
Domains

86
Subdomains

60
IPs

5
Countries

3999 kB
Transfer

8389 kB
Size

79
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MountainBravo

Search URL Search Domain Scan URL

URL: https://twitter.com/MountainBravo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bravomountain/

Search URL Search Domain Scan URL

URL: https://www.futabasha.co.jp/company
Title: 運営会社

Search URL Search Domain Scan URL

URL: https://www.futabasha.co.jp/privacy
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://www.futabasha.co.jp/pdf/media-produce/bravoski/bravoski2024.pdf
Title: 広告

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://bravo-m.futabanet.jp/articles/-/123786

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=%E3%82%A2%E3%82%A6%E3%83%88%E3%83%89%E3%82%A2%E3%80%8C%E6%84%8F%E5%91%B3%E3%81%8C%E5%88%86%E3%81%8B%E3%82%8B%E3%81%A8%E6%80%96%E3%81%84%E3%80%8D%E7%A9%BA%E3%81%AE%E5%86%99%E7%9C%9F%E3%80%8C%E7%99%BB%E5%B1%B1%E3%83%BB%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%97%E3%83%BB%E9%87%A3%E3%82%8A%E3%80%8D%E4%B8%80%E8%A6%8B%E3%81%99%E3%82%8B%E3%81%A8%E6%99%AE%E9%80%9A%E3%81%A7%E3%82%82%E2%80%A6%E2%80%A6%E3%80%8C%E6%9C%AC%E5%BD%93%E3%81%AB%E5%8D%B1%E3%81%AA%E3%81%84%E5%85%86%E5%80%99%E3%80%8D&url=https://bravo-m.futabanet.jp/articles/-/123786&hashtags=BravoMountain

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https%3A%2F%2Fbravo-m.futabanet.jp%2Farticles%2F-%2F123786

Search URL Search Domain Scan URL

URL: https://manga-shinchan.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 165

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM HTTP 301
https://tpc.googlesyndication.com/simgad/7775594092382834397

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 198

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 204

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEItNvdzizFedXa6tSpyPniA&google_cver=1&google_push=AXcoOmRSpzkod4YrwwJ-npj9xJW0xQYu3Z6QMhhp9kKCBlAdr7izVbxlPLVHLEF9ilyJ5pgO3avOvMjGrKGzUhYfVt6FEnL5REk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY3NjE0MjM0MTg3NjAwMDg1OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEItNvdzizFedXa6tSpyPniA&google_cver=1

Request Chain 205

https://ads.yieldmo.com/exptsync?google_gid=CAESEKsQnJPTpFvWjJ-FuBkCNtE&google_cver=1&google_push=AXcoOmRxxvVi7ag_UkcJeXViTeeIKenuSQCF6VKETkeB-Wthz94KMrBcbC7Vi7jLjNaYk4SdbVH0SFZXlSeqRR6mi53fs9rgPxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRxxvVi7ag_UkcJeXViTeeIKenuSQCF6VKETkeB-Wthz94KMrBcbC7Vi7jLjNaYk4SdbVH0SFZXlSeqRR6mi53fs9rgPxw&google_hm=M2VGd3hGRnV1d0ZreGwzWTdacTI=

Request Chain 206

https://match.360yield.com/match/ebda?google_gid=CAESEJnV7Jcn_QreDzmli8GfQ58&google_cver=1&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1MewYV86eUiqMA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJnV7Jcn_QreDzmli8GfQ58&google_cver=1&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1MewYV86eUiqMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v_FwkGcARX65-5_bfjtBow&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1MewYV86eUiqMA

Request Chain 207

https://cs.media.net/cksync?type=g&google_gid=CAESEGdVHitPLWdXxOvRj7idNSs&google_cver=1&google_push=AXcoOmQJVvSZeVvVdyqghJsTg15theJ-9uO3TFiESNHa4r7k1Oh3fUV9mw64OUjGSWkBU7Y6aC5izHqNmJw8OgiFQg60tUd-vw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&mn_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQJVvSZeVvVdyqghJsTg15theJ-9uO3TFiESNHa4r7k1Oh3fUV9mw64OUjGSWkBU7Y6aC5izHqNmJw8OgiFQg60tUd-vw&gdpr=&gdpr_consent=

Request Chain 208

https://sync.inmobi.com/gob?google_gid=CAESEEXceK_13JXb0cHDZD5RWoU&google_cver=1&google_push=AXcoOmTA7Hn_IBvyJz2BPwINhdiAzcJkAr0DPHuEKc5lfgl-yAobX6ec3CXViDjuT4wPuTP7WE6ZHAcjmF-jEZzoG6oOmUp1zjT8 HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTA7Hn_IBvyJz2BPwINhdiAzcJkAr0DPHuEKc5lfgl-yAobX6ec3CXViDjuT4wPuTP7WE6ZHAcjmF-jEZzoG6oOmUp1zjT8 HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-5725ZfLwCcdhusBydMl6rp4pN7YlCACNJhTDMvvWIw&google_push=AXcoOmTA7Hn_IBvyJz2BPwINhdiAzcJkAr0DPHuEKc5lfgl-yAobX6ec3CXViDjuT4wPuTP7WE6ZHAcjmF-jEZzoG6oOmUp1zjT8

Request Chain 209

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDG2Fgfn6D_WDE7_ia2zF1Q&google_cver=1&google_push=AXcoOmTl1teqiDsBsm-cN5uEvZ7L7rIDyZqr-7l8KRSakVqcD6O-wLU2-zekINVWkB51F_IKwVKw0MZrjV4vNNNO6jT7y1UyPDyn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTRlYTJmODItZTU5NS00MDdhLWI0ZmUtNjY3MWNiMDdlZmNm&google_push=AXcoOmTl1teqiDsBsm-cN5uEvZ7L7rIDyZqr-7l8KRSakVqcD6O-wLU2-zekINVWkB51F_IKwVKw0MZrjV4vNNNO6jT7y1UyPDyn HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 210

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJP3yOZac8oL-vk_GN76AMM&google_cver=1&google_push=AXcoOmQJ0zdF0GPEmpdH07ETPL0sFUUGoRJrZZYh8Wl_Bf9q3apymHjGbzP-kgl72A8QE3ci9dLjDg72eL1CIdJZ4uypavXUuQA HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJP3yOZac8oL-vk_GN76AMM%26google_cver%3D1%26google_push%3DAXcoOmQJ0zdF0GPEmpdH07ETPL0sFUUGoRJrZZYh8Wl_Bf9q3apymHjGbzP-kgl72A8QE3ci9dLjDg72eL1CIdJZ4uypavXUuQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg5OTk5MDcxODEzODQyNjcz&google_gid=CAESEJP3yOZac8oL-vk_GN76AMM&google_cver=1&google_push=AXcoOmQJ0zdF0GPEmpdH07ETPL0sFUUGoRJrZZYh8Wl_Bf9q3apymHjGbzP-kgl72A8QE3ci9dLjDg72eL1CIdJZ4uypavXUuQA

Request Chain 223

https://redirector.gvt1.com/videoplayback?id=92b4b6b2fd2c08ad&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1697042343&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=8A8C266528056DC36F66B91AD61D69E5E676756A.5C61778E62ABACA6A3D468C7DB4A81C1307DFE2E&key=ck2 HTTP 302
https://r3---sn-q4flrnek.gvt1.com/videoplayback?id=92b4b6b2fd2c08ad&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697042343&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=537AD2167CEAF88B8BDDF35809C4D1283A2FE212.5C8A22F52D42260932495692373FAE31BDA3520A&key=cms1&cms_redirect=yes&mh=gG&mip=2001:550:1d05:1::13&mm=28&mn=sn-q4flrnek&ms=nvh&mt=1697033793&mv=u&mvi=3&pl=48

Request Chain 230

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVUbBhrMmZbC1JtHa_gSP17ioDOeH9OhyseDJhrARZBABIPyBmJIBYMmGgIDco8QQoAGbl6v9AsgBCeACAKgDAcgDCqoEowJP0GO2HeOHvSjNd342bQ58bbMlOolCWh_PRiBD1XqxfraspGvJ5sHhd87XvCTio9VNYRhLKRrnEBRx7_uLU_uFYEauMKCKSdVPD0jHjbBzyPPdcM-LiZ4J3PwW2FdHGcdhu_fpJ7xgbETMLaJsZ9Nh39QLRZ8u3quhKyXjFddtATJxavKEBNU4ZqHPbnzX0WeMGSvY3khFfkRbdpAWTVYVNriuIX5ZUa-QZ1aCltzfhyw7cKHElD7WJHAQNi3QJjsGLbWweSt141d5bx1Dr1FPHnB_wewLUWMZbh9MKyLn9q2VwbsUwD7s3wp1aSsmiTaQOUwphby62YLsDF4bcQCMvuMZTrhlWddzZp-oewFUgsNZVHbsRMz05Om20om0M_f8RuLABPjF_423BOAEAYgFjKWrzkmSBQQIBBgBkgUECAUYBKAGLoAHzejUggGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD64gbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJJ2h0dHBzOi8vZ28uYml0bHlmdC5jb20vbWRyLWJ1eWVycy1ndWlkZYAKA8gLAdoMEAoKEICQq6nP1MDaEhICAQPiDRMI_PHhxpzugQMVUa2fCh2PKw7FuBOcG9gTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi0zNjIyMTkzMjkzNTI1NDY2GMCFbA&sigh=t-A5vq3P9gc&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6b9ee458c821b9b50000000000000000%22,%222%22:%220x4af6a8e48e26a8300000000000000000%22,%223%22:%220x6e8805efec5847820000000000000000%22,%224%22:%220x5baa13168e6ecfd00000000000000000%22,%225%22:%220x51fe12b0a6d8100e0000000000000000%22},%22debug_key%22:%229920919934592253344%22,%22debug_reporting%22:true,%22destination%22:%22https://bitlyft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22799722395%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22395686484666862769%22}&andc=true

Request Chain 237

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIRl1QNyfdc5ntOyKkPlmY0&google_cver=1&google_push=AXcoOmQKFhOZ9nIWTx_JyXHecLOb8CEzNvY9SH7SgtTSzqS7pTHqg8ieLPgElGnuBjdRgexOwSkQacMOvq6VpWFBB6M-3JxZ-60 HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=435b41e17ee305be&is_secure=true&networkId=14000&version=1&google_gid=CAESEIRl1QNyfdc5ntOyKkPlmY0&google_cver=1&google_push=AXcoOmQKFhOZ9nIWTx_JyXHecLOb8CEzNvY9SH7SgtTSzqS7pTHqg8ieLPgElGnuBjdRgexOwSkQacMOvq6VpWFBB6M-3JxZ-60 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACB266VsVVDwNn2lFtAAAAAAA&expiration=1697121545&google_cver=1&is_secure=true&google_gid=CAESEIRl1QNyfdc5ntOyKkPlmY0&google_push=AXcoOmQKFhOZ9nIWTx_JyXHecLOb8CEzNvY9SH7SgtTSzqS7pTHqg8ieLPgElGnuBjdRgexOwSkQacMOvq6VpWFBB6M-3JxZ-60

Request Chain 238

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEDR_6D95vbWQ7i56y1CRlnk&google_cver=1&google_push=AXcoOmSTlY85HvP4FyRguvU1jDMrgGvuK7NfS_aKNDDmLxS6_UE2TRfg-9zdtRburWgs9QTRwP4G5kCYpR9vEk6Gb9CDvkYOudc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838959174828&us_privacy=1---

Request Chain 239

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_cver=1&google_push=AXcoOmTt0iXTZcQJJf6LzMQgNAACXxyyExBxdZyjfY9B1pRO0t9ChjUjmcPxrUOe_d0j0x5HzWBL140V2w6IWWaZfcyLELPRU1o HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_push=AXcoOmTt0iXTZcQJJf6LzMQgNAACXxyyExBxdZyjfY9B1pRO0t9ChjUjmcPxrUOe_d0j0x5HzWBL140V2w6IWWaZfcyLELPRU1o&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_hm=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&google_nid=index&google_push=AXcoOmTt0iXTZcQJJf6LzMQgNAACXxyyExBxdZyjfY9B1pRO0t9ChjUjmcPxrUOe_d0j0x5HzWBL140V2w6IWWaZfcyLELPRU1o

Request Chain 240

https://ads.yieldmo.com/exptsync?google_gid=CAESEKsQnJPTpFvWjJ-FuBkCNtE&google_cver=1&google_push=AXcoOmSLP6ptvmV8K7ACew4TS6TrA6Qo3X06t4W7rhfpP6_uGCDZ_pIW_fAup1zhub3TJhnVcBlxDTyVkLvl_LcdqqasILNRC_Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLP6ptvmV8K7ACew4TS6TrA6Qo3X06t4W7rhfpP6_uGCDZ_pIW_fAup1zhub3TJhnVcBlxDTyVkLvl_LcdqqasILNRC_Y&google_hm=M2VGd3hGRnV1d0ZreGwzWTdacTI=

Request Chain 241

https://cc.adingo.jp/adx/push/?google_gid=CAESEEZThAcOVgz9t5GClFdmfjo&google_cver=1&google_push=AXcoOmQtgC-Pb7iNNyeIRD3B5nTmEY79Fp9sfyBA8COKu1okV9_AyuG40no0F668Vl-_TMQzVZ7N6QQ12dQ9dgNrh4t5zIQp2Sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQtgC-Pb7iNNyeIRD3B5nTmEY79Fp9sfyBA8COKu1okV9_AyuG40no0F668Vl-_TMQzVZ7N6QQ12dQ9dgNrh4t5zIQp2Sg&google_hm=61aface234f793c68adf7112bb90092c

Request Chain 242

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEG7ZYgEYCtdmhIXhWWrlYs8&google_cver=1&google_push=AXcoOmRWfcoiKRksJ5a6fD7uX6g9SZXVV4-BS-WXEi-0sfcW8Cs-r6fyprB3442bcIQdxLWWKctX-91Tq8E9eK77Fs24pjZAw_b3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRWfcoiKRksJ5a6fD7uX6g9SZXVV4-BS-WXEi-0sfcW8Cs-r6fyprB3442bcIQdxLWWKctX-91Tq8E9eK77Fs24pjZAw_b3&google_hm=NzQxNzU4MDA1MDU0NDU5MTAzNA==

Request Chain 243

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEFuKE630ntGxpyY37ETKdTo&google_cver=1&google_push=AXcoOmRliSZYFpoQ-nUp3PgHVvQ1gctVRsUpQMqdtVLqA6ixIsIJI4rVSO1fP623yP357Za3KKNZgew3gG5wbLwNX2P0X3g-NwXh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRliSZYFpoQ-nUp3PgHVvQ1gctVRsUpQMqdtVLqA6ixIsIJI4rVSO1fP623yP357Za3KKNZgew3gG5wbLwNX2P0X3g-NwXh

Request Chain 248

https://securepubads.g.doubleclick.net/pagead/adview?ai=CMsk6hrMmZa-1JtHa_gSP17ioDJfjrMBzxfO1r4ASue7wyKoBEAEg_IGYkgFgyYaAgNyjxBCgAaHAmPEoyAEJqQLFB_4H4WaCPuACAKgDAcgDywSqBKICT9BtTdkqPsck40Whj2zSK3nO_mdzRGA9APqw3GjBeAWK1g4q8Wyd77NttC58Q1XkO1JAsomThnbdkOJ4hWgsOiGsYKto-bP7EEH7ew3SjVOsth_grrv9IQm-tY7CNszz0MH-T_XFFoE-zje78P6WWzka_pXbjoycbCt8RUdJGMrwCFiJ5eH8hL0Z-GQF2XrJZIMlnMNBaFsbXmfSqh6PHwZFJt3-H_OX6LP-zn0gZGEVZH67ekwmXbX4flCw_aOmT3wQMACAbL0P9cW-TvZGBemLsg8Eo3oLoQVTB6ztzzy_TgTUX1uvEqGKiZw30kWxxeZxuUEIymoNVMggGef2O1JHrBnMF0mv_BUkTFzuIkKQtIPr8rUVChjHKQL9tE_jWu3ABKu0o8u_BOAEAYgFr4vXxUySBQQIBBgBkgUECAUYBKAGLoAH8OrpkgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQiPgt0ggUCIBhEAEYHTICigI6AoBASL39wTqaCf8BaHR0cHM6Ly93d3cudGVtdS5jb20va3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0yMTF-ZW5-VVNEJmdvb2RzX2lkPTYwMTA5OTUxNzY4OTUxOSZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QxNTEzNjk1LTEmdG9waWNfY2xhc3NpZnk9MTIxgAoDyAsB2gwQCgoQsOGJ0fOCu74JEgIBA-INEwj78eHGnO6BAxVRrZ8KHY8rDsXYEw3QFQGAFwGyFx4KHAgAEhRwdWItMzYyMjE5MzI5MzUyNTQ2NhjAhWw&sigh=leHSKK4q4_4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe2158b7408ed190f0000000000000000%22,%222%22:%220xb404117138f455ae0000000000000000%22,%223%22:%220x652ecb26c95f63550000000000000000%22,%224%22:%220x1795f739f00e6ad00000000000000000%22,%225%22:%220x477b8a17b615dbe90000000000000000%22},%22debug_key%22:%22678865936806026721%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227629072524591921585%22}&andc=true

Request Chain 252

https://sync.logly.co.jp/sync/sync.gif?ssp_id=1013&jid=srn:smooothieapi:usercard:juicer:d08c4da9-f40b-4757-a5cc-4027c2739d85 HTTP 302
https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:d08c4da9-f40b-4757-a5cc-4027c2739d85&uid=bdIt4yvMVoUzQdLLOI9Sx_Yfm6Y

Request Chain 253

https://pixel.tapad.com/idsync/ex/receive?partner_id=2798&partner_device_id=d08c4da9-f40b-4757-a5cc-4027c2739d85 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2798&partner_device_id=d08c4da9-f40b-4757-a5cc-4027c2739d85 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%2C%2C

Request Chain 265

https://gum.criteo.com/sid/json?origin=publishertag&domain=ahm11rxu.pics&sn=ChromeSyncframe&so=0&topUrl=ahm11rxu.pics&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Rmxo_HxJZ0VjZTJ4TWpwcGE1bUJnRzhsV2lITEx5NU1nVXU0UkNxQy9vM245WEpZbmF6QTdCRG9CK3pQNlpIMmtjMWN1SkoyUkRFZWVxMDJDUWFDMkRSRTEyL2ZzQUpROGFwZGNCSkViNTIwaVNZVU56c2lyS0xBbzI0elZSRzRYdGlGMi9OZHY4RENROHUrTlFySWpiYVdZTDg4aytSK0RXN1dRQmkvK3JqMndOSm5WcUZ3N2grcWVVdUF0OW05WG1WaDArRS9BZWszTEppOTh6SkRuR2dCUlZUaFJ6VkFkVFZMbE04MVBBSWxoMUR0dGNza3p1ZHhNeXE4L2pvN01PVEJUS2NsYlVEQzZlWEtxUm5ETW9QdWltUT09fA&cppv=2

Request Chain 276

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&expiration=1699627147&gdpr=0&gdpr_consent=

Request Chain 277

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSazifHhX-PIrkirgfziGQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOfPjaer00u5sdnAlNHT-Vc&google_cver=1

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_cver=1

Request Chain 279

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 281

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=55hjZ-7vJ-XU8rBSs5KS

Request Chain 282

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=189999071813842673

Request Chain 283

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3jTD0qkQUed0i54S8NXORiaEdks

Request Chain 288

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWOBS-U-476C

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDNfzGuHSZ8EuTPfvXu-GVI&google_cver=1

Request Chain 291

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oKriEmldRfWvwDOrW5_UHA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oKriEmldRfWvwDOrW5_UHA

Request Chain 292

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5MVVdPQlMtVS00NzZD HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEtT7faTLzxe-8xTy2E-__g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdPQlMtVS00NzZD&google_push=

Request Chain 293

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiNWM0NmIxNjQ5MTBjNjk2ZDQ5NzY3M2Q5Y2QxNTIyN2MxZTZjMQ

Request Chain 294

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4c558bc2-c027-4de9-bd7e-da5174e1fe52&gdpr=0&gdpr_consent=&expires=30

Request Chain 295

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/IiFoopVSHQOUzrDQA_hMVw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JBzr93ZE2oLfK333IoaqwIEWbxgayP7Buer5pA--~A

Request Chain 296

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB-OU7KTWcAABya-w6lJQ&expires=30

Request Chain 297

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWOBS-U-476C

Request Chain 298

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNLUWOBS-U-476C HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWOBS-U-476C HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWOBS-U-476C&ckls=true&ci=H98kEVDR3g&nc=false&trid=-1265753310

Request Chain 299

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNLUWOBS-U-476C&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNLUWOBS-U-476C&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNLUWOBS-U-476C&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14QkNtNEdKRTJ1RzE5cS5hcElXbzNQVkdFTU5VZFBTSn5B&ovsid=LNLUWOBS-U-476C&dpid=58160

Request Chain 300

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LNLUWOBS-U-476C HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LNLUWOBS-U-476C&dnr=1

Request Chain 301

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LNLUWOBS-U-476C

Request Chain 302

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNLUWOBS-U-476C

Request Chain 303

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWOBS-U-476C

292 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ahm11rxu.pics/ 175 KB
25 KB 1451ms
1346ms Document
text/html 2606:4700:3036::ac43:850c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:850c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5cbb5b11bed15a7f3c57affd9dbee18c8c5c0649880f06794568deb47c8b6f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8147d9968ba5b3f1-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 14:39:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZK74kCS7PgckPBJtVZ5Qc1MkwfkVPkeR6jFcmxcBEe7V19dkbv3mdKZ5lrR%2BBgQ%2BUvkI2U94GS6mL0ygGGNhDHGff%2FHoxE77aKGo%2F0ZqEYRqGU%2Fp05pJ6EfgrjOEJiKfQ1UgIZWe9nIB12Ic"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 logo.svg
bravo-m.ismcdn.jp/common/images/icons/ 13 KB
10 KB 559ms
66ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/images/icons/logo.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

3e3d406b3427a99d78dcf63fa1d55a0bd832620b02f9a3e427356460b198fbc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Apr 2021 02:38:22 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1587572
accept-ranges: bytes
content-length: 10005
expires: Sun, 29 Oct 2023 23:38:33 GMT

GET
H2 200 shared.css
bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/ 19 KB
4 KB 556ms
64ms Stylesheet
text/css 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

e4fc5e6306e73720b79085bea3093b0765e3d14cae21bae2c687816aafeec151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 7200.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 00:11:11 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=37835
accept-ranges: bytes
content-length: 4263
x-xss-protection: 1; mode=block
x-request-id: cba7bac4-88b2-4557-9ef6-b69b814d34a1

GET
H2 200 leafs.css
bravo-m.ismcdn.jp/resources/bravo-m/css/pc/pages/ 24 KB
5 KB 562ms
70ms Stylesheet
text/css 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/pages/leafs.css?rd=202309261846

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

ed0e083102350ca67f46afd29329c2be6994ad11e62e44e491e22f12fea9bd39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 7200.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 26 Sep 2023 09:46:44 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=37816
accept-ranges: bytes
content-length: 4517
x-xss-protection: 1; mode=block
x-request-id: 1f621be4-4b1c-4dac-9ad0-5198b1a9de51

GET
H2 200 12162_bravo.js Show response
ads.rubiconproject.com/prebid/ 377 KB
118 KB 231ms
75ms Script
text/javascript 23.32.172.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/12162_bravo.js
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.172.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-172-185.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 85a2eadf71eb38663b33593605ab2c3766b66fd7df265dcb165e19811dc196c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 20:27:25 GMT
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 120302
expires: Wed, 11 Oct 2023 15:46:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 284ms
129ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340cd2198537871bb929a462bf7420648f1adeb2924a9a79094824c103e7e3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50809
x-xss-protection: 0
server: cafe
etag: 16095503093420512189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:39:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 255ms
103ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3d9b32f05a75b551ab19090f6378b0c7364e8a4abc1a90a8b07a70addcb1b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29434
x-xss-protection: 0
server: cafe
etag: 221 / 19641 / 31078699 / config-hash: 3746309934444855557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:39:01 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 279ms
71ms Script
application/x-javascript 2600:9000:24f1:a00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:42:38 GMT
content-encoding: gzip
via: 1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:37:14 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 57383
etag: W/"649b80ba-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3lvALEd3MTOIt7kIFbl6WVdCyXXKYftiZqav1xjLKh-X2I97mdRkIQ==
expires: Wed, 11 Oct 2023 22:42:38 GMT

GET
H2 200 / Show response
kitchen.juicer.cc/ 1 KB
903 B 639ms
195ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/?color=DfUBG/9gaEA=

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

e4bad3d4594b7342fc439e89c989cd83c8f75bcaecc00f95ca78fd42aa7aaede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=7200
x-robots-tag: noindex, nofollow
expires: Wed Oct 11 16:39:02 UTC 2023

GET
H2 200 fb-g.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 329 B
469 B 81ms
64ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/fb-g.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

373ef372dd7ff416b232efbe1ce06f6397fe7b8fac997a9167055b5a42b86764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2565757
accept-ranges: bytes
content-length: 281
expires: Fri, 10 Nov 2023 07:21:38 GMT

GET
H2 200 tw-g.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 599 B
564 B 86ms
69ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/tw-g.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

af006a5352ba9739e60b4cd6d5b2e35f23d6f3e5c111946308badc55ee16828d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2589185
accept-ranges: bytes
content-length: 375
expires: Fri, 10 Nov 2023 13:52:06 GMT

GET
H2 200 insta-g.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 940 B
715 B 82ms
65ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/insta-g.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

59106d12574844a345283e4835b9e553770cd2a1033bca26add0bce6510fb052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2030611
accept-ranges: bytes
content-length: 526
expires: Sat, 04 Nov 2023 02:42:32 GMT

GET
H2 200 search-w.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 341 B
462 B 84ms
67ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/search-w.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

8db52fdea2f514df3abf434dae05727dfe8d3740e49072dc654546506e772f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1108602
accept-ranges: bytes
content-length: 273
expires: Tue, 24 Oct 2023 10:35:43 GMT

GET
H2 200 ico_close.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 669 B
622 B 95ms
79ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/ico_close.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

2046881e89dff423f24cae2d512804b147f2ced339932fd0bda7113c8dd9eced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 19 Mar 2021 03:55:51 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2238189
accept-ranges: bytes
content-length: 433
expires: Mon, 06 Nov 2023 12:22:10 GMT

GET
H2 200 menu-w.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 273 B
424 B 103ms
87ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/menu-w.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

4992623bfc6836353138e2b458636e76a8862c24c8d0fe38361d82ad0c9508e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1225585
accept-ranges: bytes
content-length: 235
expires: Wed, 25 Oct 2023 19:05:26 GMT

GET
H2 200 1x1.gif
bravo-m.ismcdn.jp/common/bravo-m/images/ 43 B
219 B 104ms
88ms Image
image/gif 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/1x1.gif

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:01 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Sep 2021 06:07:52 GMT
server: Akamai Image Manager
content-type: image/gif
cache-control: private, no-transform, max-age=1826629
content-length: 43
expires: Wed, 01 Nov 2023 18:02:50 GMT

GET
H2 200 img_c66d8855c8bd374751d3381561d39238267381.jpg
bravo-m.ismcdn.jp/mwimgs/c/6/-/ 145 KB
146 KB 212ms
196ms Image
image/avif 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/mwimgs/c/6/-/img_c66d8855c8bd374751d3381561d39238267381.jpg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

fc1a36df183b74ae9bd6f966b131ea0e5f69c2f134c7191ffd25a8a81575fdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:01 GMT
strict-transport-security: max-age=31536000
x-check-cacheable: YES
x-serial: 858
server: Akamai Image Manager
last-modified: Mon, 02 Oct 2023 03:10:09 GMT
content-type: image/avif
cache-control: private, no-transform, max-age=1773124
content-length: 148774
expires: Wed, 01 Nov 2023 03:11:05 GMT

GET
H2 200 img_4409818b4e433bcd8f148221a8500fbe238047.jpg
bravo-m.ismcdn.jp/mwimgs/4/4/-/ 134 KB
134 KB 212ms
197ms Image
image/avif 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/mwimgs/4/4/-/img_4409818b4e433bcd8f148221a8500fbe238047.jpg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f74833d7d6275a561e73863a007e091775c4cde45b25b9c56cfee421317aa446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:01 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 04 May 2023 23:34:58 GMT
server: Akamai Image Manager
content-type: image/avif
cache-control: private, no-transform, max-age=1773148
content-length: 136722
expires: Wed, 01 Nov 2023 03:11:29 GMT

GET
H2 200 arrow-g.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 272 B
426 B 100ms
85ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/arrow-g.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4bdecf04f2c9314696c2f2f74ab3438b5670396cc05ffaf27b5d04859fd19ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=635373
accept-ranges: bytes
content-length: 237
expires: Wed, 18 Oct 2023 23:08:34 GMT

GET
H2 200 fb-w.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 326 B
467 B 99ms
84ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/fb-w.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

960eb62509087c8348b640e00bc6253a0c322470eaf644d8fb91f6660d9533ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1600321
accept-ranges: bytes
content-length: 278
expires: Mon, 30 Oct 2023 03:11:02 GMT

GET
H2 200 tw-w.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 596 B
561 B 94ms
80ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/tw-w.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

03091625cb324d9b6f25c11e6c1b4852931a59cc6a01e9842609119c00c26739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=942434
accept-ranges: bytes
content-length: 372
expires: Sun, 22 Oct 2023 12:26:15 GMT

GET
H2 200 line-w.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 1 KB
729 B 100ms
86ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/line-w.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

617a8c03bc199718a77329e9fcf0504ab56497479b9e10dc30e0e14c98a4bfdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1138553
accept-ranges: bytes
content-length: 540
expires: Tue, 24 Oct 2023 18:54:54 GMT

GET
H2 200 arrow-w.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 269 B
423 B 94ms
81ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/arrow-w.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

a7c8a846c6759b882e95b1005b4ffd9201eeba2ae5bb48de360d58048fc674f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2364247
accept-ranges: bytes
content-length: 234
expires: Tue, 07 Nov 2023 23:23:08 GMT

GET
H2 200 insta-w.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 937 B
714 B 95ms
82ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/insta-w.svg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

56a97b920e4e39220d9f33c3b18fccc1d5971dfe7a538420fb7bd86ba0f863be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2114438
accept-ranges: bytes
content-length: 524
expires: Sun, 05 Nov 2023 01:59:39 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
492 B 284ms
89ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CIntersectionObserver

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
date: Wed, 11 Oct 2023 14:39:01 GMT
age: 39
detected-user-agent: Chrome/117.0.5938
vary: User-Agent, Accept-Encoding
normalized-user-agent: chrome/117.0.0
content-type: text/javascript; charset=UTF-8
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 213ms
64ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Oct 2024 22:40:54 GMT

GET
H2 200 ofi.min.js Show response
bravo-m.ismcdn.jp/resources/bravo-m/js/lib/ 3 KB
2 KB 71ms
57ms Script
application/x-javascript 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bravo-m.ismcdn.jp/resources/bravo-m/js/lib/ofi.min.js

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

a33b9cb7be6394bbbb02202baae100cf6d2e1ecb0121411da04fabcfcbfb2ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 7200.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Apr 2021 04:10:07 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=46278
accept-ranges: bytes
content-length: 1428
x-xss-protection: 1; mode=block
x-request-id: 143eb196-9cf8-4752-baa7-a44abe29d12c

GET
H2 200 lozad.min.js Show response
bravo-m.ismcdn.jp/resources/bravo-m/js/lib/ 3 KB
2 KB 85ms
66ms Script
application/x-javascript 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bravo-m.ismcdn.jp/resources/bravo-m/js/lib/lozad.min.js

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

3c8dd690d8a33d3f48545cf5bdf155061efb7e95b5054f24cf6b891302e2e2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 7200.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 05 Feb 2021 08:52:42 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=52156
accept-ranges: bytes
content-length: 1421
x-xss-protection: 1; mode=block
x-request-id: dbebce39-cd97-4e85-970c-1e4769ed591b

GET
H2 200 slick.min.js Show response
bravo-m.ismcdn.jp/resources/bravo-m/js/lib/ 42 KB
10 KB 89ms
71ms Script
application/x-javascript 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bravo-m.ismcdn.jp/resources/bravo-m/js/lib/slick.min.js

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 7200.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 19 Feb 2021 02:08:40 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=52203
accept-ranges: bytes
content-length: 10430
x-xss-protection: 1; mode=block
x-request-id: 11d16692-ffbf-49e8-9c33-1e1c5992195b

GET
H2 200 tools.js Show response
bravo-m.ismcdn.jp/resources/bravo-m/js/common/ 860 B
756 B 82ms
63ms Script
application/x-javascript 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bravo-m.ismcdn.jp/resources/bravo-m/js/common/tools.js?rd=202309261846

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

71dd2e7acef7e282793d01dcdd18c6e935ac0f400e49e94b6f6637a79da71af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 7200.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 25 Mar 2021 09:19:55 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=46933
accept-ranges: bytes
content-length: 464
x-xss-protection: 1; mode=block
x-request-id: 54159b23-99d1-4432-8785-4b32276c9f39

GET
H2 200 leafs.js Show response
bravo-m.ismcdn.jp/resources/bravo-m/js/pc/ 3 KB
1 KB 88ms
70ms Script
application/x-javascript 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bravo-m.ismcdn.jp/resources/bravo-m/js/pc/leafs.js?rd=202309261846

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

12c78cfcbd44246501cb3af3691f0e9d547937ab25c9be41886941dcb7eb4d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 7200.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Dec 2021 07:51:31 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=60181
accept-ranges: bytes
content-length: 939
x-xss-protection: 1; mode=block
x-request-id: 3ce85257-42b3-4c25-a904-8d2e99daad8b

GET
H2 200 lsync.js Show response
ahm11rxu.pics/ah/7/oo/futaba/ 1 KB
966 B 663ms
650ms Script
application/javascript 2606:4700:3036::ac43:850c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ahm11rxu.pics/ah/7/oo/futaba/lsync.js
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:850c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec573f21fef86d447a094a0bcdbe154ac19bb5077b597a7a7f83b9bc835a6f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Dec 2020 15:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fd23b08-53f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Usq7vBPqRtDgUikK5liU%2BjBctzGGBy2C77Yv8WGlUj5upUDSSmBnD2uXbkBZ5Cb8kWlP8WWno6Fy%2F4Pg%2Btw06758Iik1mfFjzMPqvPEAk0mU79y9tOxiiyxuSGfcDWU6kqPtQ2QjYoDZhKHO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8147d9a2b8c0b3f1-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 284ms
80ms Script
application/x-javascript 2600:9000:24f1:a00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 23:34:16 GMT
content-encoding: gzip
via: 1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 54285
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 6Ht1v2WXBKaooZeCZZ_iOF-5VHfbs6JCb_Vqpdz3p9BB-_C4jyb9eQ==
expires: Wed, 11 Oct 2023 23:34:16 GMT

GET
H2 200 search-b.svg
bravo-m.ismcdn.jp/common/bravo-m/images/ 281 B
422 B 90ms
83ms Image
image/svg+xml 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/common/bravo-m/images/search-b.svg

Requested by

Host: bravo-m.ismcdn.jp
URL: https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

9d991d673745ab5dd75c3ca86a7aac7a7b998d5e8d009c67732fa7bea0bb82bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-ttl: 900.000
date: Wed, 11 Oct 2023 14:39:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 15 Feb 2021 12:38:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1775640
accept-ranges: bytes
content-length: 233
expires: Wed, 01 Nov 2023 03:53:01 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/ 419 KB
132 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 12:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9043
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134450
x-xss-protection: 0
server: cafe
etag: 18225737291834661133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Oct 2024 12:08:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
63 B 220ms
88ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ahm11rxu.pics

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7be2c7e8cce151e9031fea57d971e470d8f5103f03fd313f7e25d1b812c642ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
x-xss-protection: 0
expires: Wed, 11 Oct 2023 14:39:02 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 183 B
512 B 168ms
72ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=bravo-m.futabanet.jp&domain=ahm11rxu.pics&path=%2Farticles%2F-%2F123786
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c52249f2bbea53c346356d0d3e6936c4c3cf200054f0821eda122175d9d54e55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 11 Oct 2023 14:39:02 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 154
x-served-by: cache-mia-kmia1760023-MIA
x-timer: S1697035142.042457,VS0,VE33
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 09 Oct 2023 14:39:02 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 177ms
57ms Image
image/gif 54.226.144.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bravo-m.futabanet.jp&p=%2Farticles%2F-%2F123786&u=C4oqmDDm8_YKCj1abt&d=ahm11rxu.pics&g=66985&g0=tozan%2C%E7%99%BB%E5%B1%B1%2C%E9%80%9A%E5%B8%B8%2C3%E3%83%9A%E3%83%BC%E3%82%B8&g1=%E5%80%89%E5%92%8C%20%E3%82%BD%E3%83%A9&n=1&f=00001&c=0&x=0&m=0&y=5157&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fahm11rxu.pics%2F&b=2467&t=DM5zCuD7S7dmBRZP9dv0I7brLarS&V=141&i=%E3%82%A2%E3%82%A6%E3%83%88%E3%83%89%E3%82%A2%E3%80%8C%E6%84%8F%E5%91%B3%E3%81%8C%E5%88%86%E3%81%8B%E3%82%8B%E3%81%A8%E6%80%96%E3%81%84%E3%80%8D%E7%A9%BA%E3%81%AE%E5%86%99%E7%9C%9F%E3%80%8C%E7%99%BB%E5%B1%B1%E3%83%BB%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%97%E3%83%BB%E9%87%A3%E3%82%8A%E3%80%8D%E4%B8%80%E8%A6%8B%E3%81%99%E3%82%8B%E3%81%A8%E6%99%AE%E9%80%9A%E3%81%A7%E3%82%82%E2%80%A6%E2%80%A6%E3%80%8C%E6%9C%AC%E5%BD%93%E3%81%AB%E5%8D%B1%E3%81%AA%E3%81%84%E5%85%86%E5%80%99%E3%80%8D&tz=600&sn=1&sv=CTh4YfDPKaALDO5VniB3pcj5CknoRv&sd=1&im=06032c7e&_
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.144.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-144-195.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 11 Oct 2023 14:39:02 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 175ms
175ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da32307abc3d8014fbf7c8e4ece7e8180303ba1146a8075e25cd7007c9da7747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135121
x-xss-protection: 0
server: cafe
etag: 2094094206791034678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:39:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 9697 10 KB
5 KB 64ms
63ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 07:25:28 GMT
etag: 2603938475786422795
expires: Wed, 25 Oct 2023 07:25:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 104ms
32ms Fetch
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231011

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

22ca529eb465b28396abb8e473e8ac6d14193e18d2e9c113bcadb9fe57695c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ahm11rxu.pics/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 14:39:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 38289
x-jsd-version: 1.0.1839
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 743
x-served-by: cache-fra-eddf8230103-FRA, cache-mia-kmia1760093-MIA
x-jsd-version-type: version
etag: W/"63c-cKEiOfaXeLTwodMZbiSJfCGxy1Y"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 img_7bd3ef4deff15fdf2adf37c7d4a81512176301.jpg
bravo-m.ismcdn.jp/mwimgs/7/b/60wm/ 844 B
1 KB 189ms
185ms Image
image/avif 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/mwimgs/7/b/60wm/img_7bd3ef4deff15fdf2adf37c7d4a81512176301.jpg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

999956c24c190f7f757e66f0d26788e459ae58ab376c3577bc5dd75df8ae1494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Apr 2023 07:12:34 GMT
x-serial: 913
server: Akamai Image Manager
x-check-cacheable: YES
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1773022
content-length: 844
expires: Wed, 01 Nov 2023 03:09:24 GMT

GET
H2 200 img_c66d8855c8bd374751d3381561d39238267381.jpg
bravo-m.ismcdn.jp/mwimgs/c/6/660wm/ 22 KB
22 KB 72ms
69ms Image
image/avif 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/mwimgs/c/6/660wm/img_c66d8855c8bd374751d3381561d39238267381.jpg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

ce673f029c11857478eb72842b5b956b37d981a70ca7a08a597fdb2069c802ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Sep 2023 08:18:34 GMT
server: Akamai Image Manager
content-type: image/avif
cache-control: private, no-transform, max-age=1773001
content-length: 22777
expires: Wed, 01 Nov 2023 03:09:03 GMT

GET
H2 200 img_7df4dc0fbe8eaecd65dcbdf6ac8ca561480370.jpg
bravo-m.ismcdn.jp/mwimgs/7/d/100w/ 1 KB
2 KB 180ms
179ms Image
image/avif 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/mwimgs/7/d/100w/img_7df4dc0fbe8eaecd65dcbdf6ac8ca561480370.jpg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3cc4fe79dc62454a9deadc10e105b191561aa1d5894ec052c95c1dbe609aecba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 03 Oct 2023 17:30:58 GMT
x-serial: 1160
server: Akamai Image Manager
x-check-cacheable: YES
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1911093
content-length: 1437
expires: Thu, 02 Nov 2023 17:30:35 GMT

GET
H2 200 img_823bc9f57a6460d385a68f7f19ad8360797500.jpg
bravo-m.ismcdn.jp/mwimgs/8/2/100w/ 2 KB
3 KB 74ms
73ms Image
image/avif 23.40.179.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bravo-m.ismcdn.jp/mwimgs/8/2/100w/img_823bc9f57a6460d385a68f7f19ad8360797500.jpg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-62.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

1b50a0a928b2fe06460f184b1a87766726b57a06a141e27795a993a81738b15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11 Oct 2023 01:30:21 GMT
x-serial: 1072
server: Akamai Image Manager
x-check-cacheable: YES
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2544696
content-length: 2472
expires: Fri, 10 Nov 2023 01:30:38 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 223ms
110ms Fetch 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.17.0&cb=64335105631&lsavail=1

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ahm11rxu.pics/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ahm11rxu.pics
date: Wed, 11 Oct 2023 14:39:01 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 2 KB
4 KB 290ms
71ms Fetch
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23790&site_id=411664&zone_id=2314964%3B2314966%3B2314968%3B2314970%3B2314972%3B2314974%3B2314976%3B2314978%3B2314980%3B2314982&size_id=57%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=%3B16%3B10%3B10%3B10%3B16%2C221%3B16%2C221%3B16%2C221%3B16%2C221%3B16%2C221&rf=https%3A%2F%2Fahm11rxu.pics%2F&kw=%E3%83%88%E3%83%AC%E3%83%83%E3%82%AD%E3%83%B3%E3%82%B0%2C%E3%83%8F%E3%82%A4%E3%82%AD%E3%83%B3%E3%82%B0%2C%E7%B8%A6%E8%B5%B0&tg_i.domain=ahm11rxu.pics&tg_i.page=https%3A%2F%2Fahm11rxu.pics%2F&tg_i.aupname=%2F21694577035%2Fbravo-m%2Fbravo-m_pc_billboard%26div-gpt-ad-bravo-m-pc-billboard%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_article_rect%26div-gpt-ad-bravo-m-pc-article-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_1st_rect%26div-gpt-ad-bravo-m-pc-1st-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_2nd_rect%26div-gpt-ad-bravo-m-pc-2nd-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_3rd_rect%26div-gpt-ad-bravo-m-pc-3rd-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_left%26div-gpt-ad-bravo-m-pc-main-rect-left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_right%26div-gpt-ad-bravo-m-pc-main-rect-right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_left%26div-gpt-ad-bravo-m-pc-footer-rect-left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_right%26div-gpt-ad-bravo-m-pc-footer-rect-right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_inread%26div-gpt-ad-bravo-m-pc-inread&tg_i.pbadslot=%2F21694577035%2Fbravo-m%2Fbravo-m_pc_billboard%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_article_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_1st_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_2nd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_3rd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_inread&tk_flint=dmpbjs_v8.17.0&x_source.tid=e2f84eb9-b2c2-423e-8a24-c29c9c002782&l_pb_bid_id=22c0e5d39899d%3B23200cd22811cc2%3B24aa42969557ceb%3B258750fe1a3dff5%3B26569570f70e1da%3B272203ffe78c33f%3B28defe0954d178%3B29ad4512a37134b%3B305a526653d288a%3B31971286c00b135&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f7076dd8-8add-4517-9539-d60b40b9957e%3B32e46196-9e15-4c35-84ab-36a24bc566b6%3B4b0f3c02-bac4-4f22-9995-15ded03ac4dc%3Bbf751ad5-c6b7-42ae-b332-ae1adf7d17bf%3Bbf87fadb-f442-438b-9bbe-2017530a01b9%3B0ee942f6-101e-42cd-9b66-681a12da553e%3B98fa1701-f36b-4759-b826-9e01470bf6f3%3Bf8d01d0e-0fd5-4cdf-b042-a3637da8b02b%3B0452c457-ecca-4194-af99-56d6b4961a4a%3B74d335c0-f4d8-47a7-bce0-3bdbf54fa340&rp_maxbids=1&p_gpid=%2F21694577035%2Fbravo-m%2Fbravo-m_pc_billboard%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_article_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_1st_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_2nd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_3rd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_inread&slots=10&rand=0.6241155124212909
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4721cdc736887ef400a633428825ba3845d4cb8a84951ca6844503a3c6a9dacd

Request headers

Referer: https://ahm11rxu.pics/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:02 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ahm11rxu.pics
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
579 B 209ms
69ms Fetch
application/json 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ahm11rxu.pics/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:02 GMT
an-x-request-uuid: 575c1169-edb7-46e6-82fe-95e09a8834b7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ahm11rxu.pics
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
548 B 161ms
89ms Fetch
application/json 104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=784360
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64b40f47f6671d38a61f88a50564b8f5600aee3abbc0f64651675745d8ac577

Request headers

Referer: https://ahm11rxu.pics/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXNafSe3i4NRGT3YpcYBwPkkj4tteBOl2%2F%2FE6enQJa%2BdEFxApBalB74JKTjEV4XNPAA7Iuy4TRbM%2FzBaLLphrts%2F13kjkwgfpaj2QnFI3agdYHeNNUAkAtn8qNcauRRzuf5Oq3ZW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ahm11rxu.pics
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8147d9a748349ae3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 / Show response
kitchen.juicer.cc/version/ 45 B
299 B 588ms
196ms Fetch
application/json 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/version/

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/?color=DfUBG/9gaEA=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

582b44ca18e9867127a74998bcec430ad8cf327a1fb00c5e651a2360d905caf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
x-robots-tag: noindex, nofollow
content-length: 45
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 404 m.gif
ahm11rxu.pics/oo/futaba/ 548 B
548 B 641ms
640ms Image
text/html 2606:4700:3036::ac43:850c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ahm11rxu.pics/oo/futaba/m.gif?media=bravo-m.futabanet.jp&skin=leafs%2Fpage&id=123786&category=news&subcategory=%2Ctozan%2C%E7%99%BB%E5%B1%B1%2C%E3%81%9D%E3%81%AE%E4%BB%96%E7%99%BB%E5%B1%B1%2C%E3%81%9D%E3%81%AE%E4%BB%96%2C&model=&modelid=&host=ahm11rxu.pics&path=%2F&rhost=&rpath=&rd=0.9252462140403961
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:850c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIFzB4qNXPKtBItgiCzn5Pf2dyednKHf7k1c9sQg4AVPSeOfg%2B5pHcts0kXBnL1rja%2BXmk1V2Wotp6t%2Bih8hP8dCmoBT84%2FXihA5YCg14ceCM7YPpkb7TMD4SQxWT%2B31ekRbmmoQsWIN8RLc"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8147d9a72b1edaed-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 220ms
80ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ahm11rxu.pics&callback=_gfp_s_&client=ca-pub-3622193293525466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a1eaf2521a055a3af6c2680c352290e75ca8e5c872c983f91cf6d87c3cddc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5085 603 B
67 B 150ms
149ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622193293525466&output=html&adk=1812271804&adf=3025194257&lmt=1697071142&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fahm11rxu.pics%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697035141964&bpp=4&bdt=1030&idt=298&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7545956587250&frm=20&pv=2&ga_vid=555113298.1697035142&ga_sid=1697035142&ga_hid=1750327119&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31078597%2C44804783%2C44805099&oid=2&pvsid=2080221586828470&tmod=1383292606&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 14:39:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 124ms
123ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=l-header%20js-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 655 KB
93 KB 1038ms
1038ms Fetch
text/plain 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080221586828470&correlator=3899842963347498&eid=31078448%2C31078637%2C31078713%2C31078699&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21694577035%2Cbravo-m%2Cbravo-m_pc_billboard%2Cbravo-m_pc_article_rect%2Cbravo-m_pc_1st_rect%2Cbravo-m_pc_2nd_rect%2Cbravo-m_pc_3rd_rect%2Cbravo-m_pc_main_rect_left%2Cbravo-m_pc_main_rect_right%2Cbravo-m_pc_footer_left%2Cbravo-m_pc_footer_right%2Cbravo-m_pc_inread&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11&prev_iu_szs=970x250%7C1x1%2C336x280%7C1x1%7C300x250%2C300x600%7C300x250%7C1x1%2C300x250%7C300x600%7C1x1%2C300x250%7C300x600%7C1x1%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697035142511&lmt=1697071142&adxs=315%2C624%2C1000%2C1000%2C1000%2C300%2C636%2C300%2C636%2C624&adys=155%2C1351%2C445%2C4128%2C5006%2C3081%2C3081%2C3969%2C3969%2C2146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fahm11rxu.pics%2F&vis=1&psz=1600x250%7C336x0%7C300x250%7C300x0%7C300x0%7C660x250%7C660x250%7C660x0%7C660x0%7C336x0&msz=970x0%7C336x0%7C300x0%7C300x0%7C300x0%7C336x0%7C336x0%7C336x0%7C336x0%7C336x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=555113298.1697035142&ga_sid=1697035142&ga_hid=1750327119&ga_fc=false&dlt=1697035140934&idt=1207&cust_params=adparam%3Dproduction%26adsense%3Don%26mainGenre%3D%25E7%2599%25BB%25E5%25B1%25B1%26articleId%3D123786&adks=2383863740%2C1199900847%2C3210573583%2C3214479354%2C440569722%2C2818522493%2C2907262358%2C3575693887%2C3499933582%2C995038251&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c532ca70bd3406caaeb443f83971c56cc4b97fe40b4a2d6288b514db7ec062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95096
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ahm11rxu.pics
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0DF 6 KB
3 KB 346ms
87ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 14:39:02 GMT
expires: Thu, 10 Oct 2024 14:39:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
kitchen.juicer.cc/core/ 41 KB
8 KB 197ms
197ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/?color=DfUBG/9gaEA=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

7caaed55c522743e42d6ad4d939e5a8c5956599ef468c1abeac7b4a2d9adf3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=7200
x-robots-tag: noindex, nofollow
expires: Wed Oct 11 16:39:02 UTC 2023

GET
H2 200 stack-driver-errors.min.js Show response
cdn.kitchen.juicer.cc/scripts/stack-driver-errors/1.0.0/ 40 KB
12 KB 443ms
73ms Script
application/javascript 2600:9000:211c:ea00:18:f049:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kitchen.juicer.cc/scripts/stack-driver-errors/1.0.0/stack-driver-errors.min.js
Requested by: Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ea00:18:f049:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2bf81f7cec79fde4d594be203b20ddce637c4d01010f1ec250e510a32023ded

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 10:41:53 GMT
content-encoding: gzip
via: 1.1 abda8496f94099119c2f392e63054efa.cloudfront.net (CloudFront)
last-modified: Mon, 06 Feb 2023 04:07:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 100631
etag: W/"794d7b9d1e57d116e5fae14b21136791"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: OsoWtKVEOIiPmzpOmX6FEoGw1Gt1N3GnA2CgA1oVcYlaF8LnJErzQw==

GET
H2 200 / Show response
kitchen.juicer.cc/c/ 893 B
1 KB 203ms
202ms XHR
application/json 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/c/?color=DfUBG/9gaEA=&url=https%3A%2F%2Fahm11rxu.pics%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

539db8720494ccac2ed6042940713ba983b564a74eda346d2fbe04e08e98d2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:03 GMT
strict-transport-security: max-age=31536000
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
x-robots-tag: noindex, nofollow
content-length: 893
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 juicertreasure.min.js Show response
cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/ 52 KB
17 KB 247ms
85ms Script
application/javascript 2600:9000:211c:ea00:18:f049:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js
Requested by: Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ea00:18:f049:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c08aa1df70a43171fcf1da525a0d82108065f2c10a15ecf882cf50f3e2344dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:58:11 GMT
content-encoding: gzip
via: 1.1 abda8496f94099119c2f392e63054efa.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 06:35:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 117653
etag: W/"ec8eb5334f9cc74a3e3f97a6770c9171"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: N72yNQj2uyRuSBNaQQb3ykY_AzG270fMURMKF4eeaxf0wQqEvTrrpQ==

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 289ms
75ms Script
application/javascript 2600:141b:1c00:19::17c8:5823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:19::17c8:5823 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Wed, 11 Oct 2023 14:39:03 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 / Show response
kitchen.juicer.cc/t/ 11 KB
3 KB 197ms
197ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/t/?color=DfUBG/9gaEA=&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

81e8648bfe86a38a4a825270d8dbab74491d04947469d320a37f7ad4cfe867f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=0, no-store, no-cache, must-revalidate
x-robots-tag: noindex, nofollow
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
172 B 296ms
212ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1000435&vid=01HCFJTJB1VD0AAQKXT95HZCK1
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://ahm11rxu.pics
date: Wed, 11 Oct 2023 14:39:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 0C67 196 KB
56 KB 544ms
67ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0C67 15 KB
5 KB 900ms
424ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0C67 94 KB
28 KB 897ms
421ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0C67 5 KB
2 KB 900ms
424ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0C67 40 KB
13 KB 901ms
426ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
DATA 200
OK truncated
/ Frame 0C67 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67bc306d7941ffcee222ef28dac00f2e1dfc5ed15d5c545aaa5027b7752ba24c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4383704927997390662
tpc.googlesyndication.com/simgad/ Frame 0C67 29 KB
29 KB 75ms
70ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4383704927997390662?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm516FrCsugrj0hYILmRwjAX15MeQ

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf6e2dfcd7a0bfc92547cf972c024659ccea7696fb80a660ffbef32fbabd3f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:02:04 GMT
x-content-type-options: nosniff
age: 5819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29461
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:41:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 13:02:04 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C67 2 KB
3 KB 71ms
67ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29807
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C67 295 B
520 B 70ms
66ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59074
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0C67 0
0 562ms
83ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKE5utWwlwdVWpP8-W_C5zeiqiUrNbofSp34STFKRHJ-HFQDuCsCjMxRINNM0S9KJkU5vefsAvhencZ33JD4WBQAMzUw
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 0800 196 KB
55 KB 673ms
236ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0800 15 KB
5 KB 342ms
329ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0800 94 KB
28 KB 342ms
331ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0800 5 KB
2 KB 343ms
331ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0800 40 KB
13 KB 343ms
332ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0800 6 KB
1 KB 526ms
81ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:44:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0800 2 KB
3 KB 107ms
106ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29807
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0800 295 B
353 B 111ms
110ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59074
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H2 200 container.html Show response
571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 766E 6 KB
3 KB 131ms
70ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 14:39:02 GMT
expires: Thu, 10 Oct 2024 14:39:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B292 6 KB
3 KB 128ms
72ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 14:39:02 GMT
expires: Thu, 10 Oct 2024 14:39:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 891C 196 KB
55 KB 476ms
140ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 891C 15 KB
5 KB 343ms
332ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 891C 94 KB
28 KB 344ms
332ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 891C 5 KB
2 KB 338ms
333ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 891C 40 KB
13 KB 339ms
333ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 891C 2 KB
3 KB 98ms
65ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29807
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 891C 295 B
353 B 98ms
67ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59074
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
DATA 200
OK truncated
/ Frame 891C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bd99165e7966006945ff4ab5f9735648b8e624b11fcd77deda61c739c8f3b95

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8536866044462134995
tpc.googlesyndication.com/simgad/ Frame 891C 51 KB
51 KB 107ms
77ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8536866044462134995?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnJxuKEtdiTVeCvbpuqPRwoONuOsg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f87952c50630d9c151966d4a60821fbf1ae2d54521086ab7f66fe7a0a95ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:35:25 GMT
x-content-type-options: nosniff
age: 183818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52235
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 04:18:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 11:35:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 891C 0
0 425ms
84ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvvuJ7aMXtirkM7VEDviMbBuOaj5YFgiNdYgwLhZhZpwSwTphEpJhsW2zBThpECERV8ojKzLn8kQ-sl3yd4F0uDLje5g
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/16846151894336695513/ Frame 0800 14 KB
14 KB 96ms
69ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16846151894336695513/2076313506083323656

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f645d589a8f7eebdc28993c4ca72cd264d3ae3f68d09af5d4da1e6c3b47636ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 10:58:47 GMT
x-content-type-options: nosniff
age: 13216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14120
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 00:56:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 10:58:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8092246175248987661/ Frame 0800 9 KB
9 KB 125ms
98ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8092246175248987661/14763004658117789537?w=100&h=100

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e60cf44ab9e1c70e0ac587149d640cfcf4390ba8e7f4152f9b44c077b463ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:04:17 GMT
x-content-type-options: nosniff
age: 585286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9328
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 01:57:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 20:04:17 GMT

GET
DATA 200
OK truncated
/ Frame 0800 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0800 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 894af9427a92864bd588606b9a486f0d4bf395742b9243afe31691c237e8c031

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame D722 196 KB
55 KB 517ms
261ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame D722 15 KB
5 KB 339ms
334ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame D722 94 KB
28 KB 339ms
334ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame D722 5 KB
2 KB 340ms
335ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame D722 40 KB
13 KB 340ms
335ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D722 6 KB
779 B 347ms
82ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 14:32:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D722 2 KB
3 KB 87ms
83ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29807
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D722 295 B
353 B 87ms
84ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59074
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 8FEA 196 KB
55 KB 537ms
297ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8FEA 15 KB
5 KB 341ms
336ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8FEA 94 KB
28 KB 341ms
336ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8FEA 5 KB
2 KB 341ms
336ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8FEA 40 KB
13 KB 342ms
337ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FEA 2 KB
3 KB 73ms
68ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29807
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FEA 295 B
353 B 73ms
68ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59074
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
DATA 200
OK truncated
/ Frame 8FEA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd81e9f5d40a61872986376ee4e7b569a79a4913b04a629029bc3156c743a45b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame E2DE 196 KB
55 KB 536ms
316ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E2DE 15 KB
5 KB 342ms
337ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E2DE 94 KB
28 KB 343ms
338ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E2DE 5 KB
2 KB 343ms
338ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E2DE 40 KB
13 KB 344ms
339ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E2DE 6 KB
779 B 315ms
86ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:06:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2DE 2 KB
3 KB 66ms
65ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29807
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2DE 295 B
353 B 68ms
67ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59074
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 1B38 196 KB
55 KB 520ms
317ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1B38 15 KB
5 KB 345ms
340ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1B38 94 KB
28 KB 345ms
340ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1B38 5 KB
2 KB 345ms
341ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1B38 40 KB
13 KB 346ms
341ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 11 Oct 2023 07:49:45 GMT
age: 24559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Oct 2024 07:49:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1B38 6 KB
779 B 295ms
83ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:31:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B38 2 KB
3 KB 80ms
79ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29807
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B38 295 B
353 B 80ms
79ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js?cb=31078699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59074
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D722 0
0 297ms
87ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHJ6Jz9pCR1rfFs2663Si5Jz4s2Ns2fpTIFG-Z8trk8McO2jDaXAEvK8EvieCgs4bfO5q2cGsFuwaO-BxSbVUXHbEx6Q
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 2313146296523056114
tpc.googlesyndication.com/simgad/ Frame 8FEA 7 KB
7 KB 82ms
78ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2313146296523056114?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlDe_MjbCVq2wPMyN6eIWucKjcuLg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

007bc38a0ca9e23f5e83b94e667115d0edb030bba227cd530f63e213497cc5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 00:50:18 GMT
x-content-type-options: nosniff
age: 481725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6691
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 00:45:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Oct 2024 00:50:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8FEA 0
0 298ms
88ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0RmzrRFMdQncTEI0zUCjO-rrkBOb2Qhcpoiqw67c2GXkqYOpIwANzXVY0YvhDKYBUXAsMGwoQmkG7jFl9JNBN0bK4Mw
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1B38 0
0 296ms
88ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRa0_04fxGxVFdHcIZvvqnJynAz2SggfjjsKZ3PAihXrd--eqKjea5BgAt8b-M5qLr3s8pOwSvmOqKa13jvTLzpAA-fJg
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/16846151894336695513/ Frame D722 14 KB
14 KB 77ms
76ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16846151894336695513/2076313506083323656

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f645d589a8f7eebdc28993c4ca72cd264d3ae3f68d09af5d4da1e6c3b47636ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 10:58:47 GMT
x-content-type-options: nosniff
age: 13216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14120
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 00:56:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 10:58:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8092246175248987661/ Frame D722 9 KB
9 KB 83ms
82ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8092246175248987661/14763004658117789537?w=100&h=100

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e60cf44ab9e1c70e0ac587149d640cfcf4390ba8e7f4152f9b44c077b463ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:04:17 GMT
x-content-type-options: nosniff
age: 585286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9328
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 01:57:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 20:04:17 GMT

GET
DATA 200
OK truncated
/ Frame D722 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D722 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5df71bd84c3ef10303217795383dce4020bb9bf8a3c8ea918545d2ff7ce7fb5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/17942990395520313677/ Frame E2DE 34 KB
34 KB 106ms
105ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17942990395520313677/2076313506083323656

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d35d43a6310fe9a0d89413c0433af3c0593d950aa14c01b6fdf507b0d5feab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34804
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 14:35:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 14:39:03 GMT

GET
H2 200 7524058224319715531
tpc.googlesyndication.com/simgad/ Frame E2DE 1 KB
1 KB 88ms
87ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7524058224319715531?w=100&h=100

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80bbf987f34855c51dabe3ea19e2e4148b8916a871d191824dbeebd8616ceea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 17:35:57 GMT
x-content-type-options: nosniff
age: 507786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1137
x-xss-protection: 0
last-modified: Thu, 15 Oct 2020 13:12:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 17:35:57 GMT

GET
DATA 200
OK truncated
/ Frame E2DE 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E2DE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 143d0a6c231ac0d9c0c3c8f54d18813dace25de60a8d1a9a1d897136d7b4693e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/16846151894336695513/ Frame 1B38 14 KB
14 KB 76ms
75ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16846151894336695513/2076313506083323656

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f645d589a8f7eebdc28993c4ca72cd264d3ae3f68d09af5d4da1e6c3b47636ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 10:58:47 GMT
x-content-type-options: nosniff
age: 13216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14120
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 00:56:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 10:58:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8092246175248987661/ Frame 1B38 9 KB
9 KB 83ms
82ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8092246175248987661/14763004658117789537?w=100&h=100

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e60cf44ab9e1c70e0ac587149d640cfcf4390ba8e7f4152f9b44c077b463ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:04:17 GMT
x-content-type-options: nosniff
age: 585286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9328
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 01:57:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 20:04:17 GMT

GET
DATA 200
OK truncated
/ Frame 1B38 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1B38 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee7950fc5d6e6b1166ec8b9d5a6611cbff642c877124d57ed8162dceff9c3368

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK tbl Show response
in.treasuredata.com/js/v3/event/dtb/ 89 B
559 B 259ms
58ms Script
application/javascript 44.216.52.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/dtb/tbl?api_key=&modified=1697035143979&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMi4zLjAiLCJ0ZF9jbGllbnRfaWQiOiI4NzM1OTY1ZS1iYzY3LTQxNGItYWU5Ny00MTJkODEwNjkzZTAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiKDPjg5rjg7zjgrjnm64pIOOCouOCpuODiOODieOCouOAjOaEj%2BWRs%2BOBjOWIhuOBi%2BOCi%2BOBqOaAluOBhOOAjeepuuOBruWGmeecn%2BOAjOeZu%2BWxseODu%2BOCreODo%2BODs%2BODl%2BODu%2BmHo%2BOCiuOAjeS4gOimi%2BOBmeOCi%2BOBqOaZrumAmuOBp%2BOCguKApuKApuOAjOacrOW9k%2BOBq%2BWNseOBquOBhOWFhuWAmeOAje%2B9nOeZu%2BWxse%2B9nOODi%2BODpeODvOOCue%2B9nEJSQVZPIE1PVU5UQUlOIiwidGRfZGVzY3JpcHRpb24iOiIoM%2BODmuODvOOCuOebrikg55m75bGx44KE44Kt44Oj44Oz44OX44Gq44Gp44CB44Ki44Km44OI44OJ44Ki44KS5pel6aCD44GL44KJ5qW944GX44KT44Gn44GE44KL44Go44CB56qB54S244Gu6LGq6Zuo44Gr6KWy44KP44KM44Gf57WM6aiT44GM44GC44KL44Gu44Gn44Gv44Gq44GE44Gg44KN44GG44GL44CC44CA5aSp5rCX44Gu6KaL5qW144KB44Gv6Zuj44GX44GP44CB57W25aW944Gu44GK5Ye644GL44GR5pel5ZKM44Gr6KaL44GI44Gm44KC44CB56qB54S244Gu6Zu36Zuo44Gr6KWy44KP44KM44KL44Gu44Gv44Ki44Km44OI44OJ44Ki5aW944GN44GC44KL44GC44KL44Gg44CC44GX44GL44GX44CB5Ye644GX5oqc44GR44Gu6Zu36Zuo44Gr6KaL44GI4oCmIiwidGRfdXJsIjoiaHR0cHM6Ly9haG0xMXJ4dS5waWNzLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiYWhtMTFyeHUucGljcyIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24ifQ%3D%3D&callback=TreasureJSONPCallback0

Requested by

Host: cdn.kitchen.juicer.cc
URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.52.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-52-233.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 11 Oct 2023 14:39:04 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ Frame 766E 2 KB
639 B 83ms
81ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:49:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 766E 2 KB
892 B 67ms
66ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:35:52 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 766E 23 KB
9 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 02:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:18:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 766E 3 KB
1 KB 69ms
65ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 06:31:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7B55 1 KB
643 B 72ms
69ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 29362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 06:29:42 GMT
etag: 48472445140208031
expires: Thu, 12 Oct 2023 06:29:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 766E 20 KB
8 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 06:29:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 766E 0
0 87ms
84ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOhwDZZV6jCCXrEYuoHH4g0lQMCBowhAOhvcyX4NX7meQMb0ml_ojKShu2POCziW3KGKMTs5uowVNyhw8XvIeal07KVA
Requested by: Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 766E 187 KB
59 KB 405ms
92ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 766E 37 KB
15 KB 373ms
60ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 03:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 23:20:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 03:44:32 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 373ms
114ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Oct 2023 14:39:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0800 15 KB
16 KB 364ms
58ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 00:55:13 GMT
x-content-type-options: nosniff
age: 49431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Oct 2024 00:55:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0800 15 KB
15 KB 432ms
130ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 04:26:30 GMT
x-content-type-options: nosniff
age: 382354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 04:26:30 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 766E 14 KB
14 KB 361ms
62ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSqGphJkYMy2dbPX3M_u8HB0Qg9TQzQPdP0lQn6-PqMRMsfpQTCUMQmEDDKhQ&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bf5d627ac3c0d574c9015cfb7fe8ec408948f2de29405dc76bd495209611e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 00:01:38 GMT
x-content-type-options: nosniff
age: 398246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13892
x-xss-protection: 0
last-modified: Sat, 18 May 2024 13:42:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 06 Oct 2024 00:01:38 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 766E 23 KB
23 KB 435ms
136ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT2Mbu2l0HlcK0tgGCJ5GRA7UZX-FYlWCYCVxcFg8MEl4M1XF0CcNDsGNwl7jA&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28392238b1eda8dc9e36c05b64e43c49ece7503b90dcc5e3706a4e5b650fe1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:39:10 GMT
x-content-type-options: nosniff
age: 125994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23855
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 15:02:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 09 Oct 2024 03:39:10 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 766E 21 KB
21 KB 355ms
57ms Image
image/jpeg 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSxkrdt0WyvWhkO-6o5AaRQR_qnKbrelA2btXQei5GLkYgd0BJSbf4hB4a0zK0&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea1618bc38fa25a6baeb5b17ecd61759add85708a6a43950919f4df34250e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:32:20 GMT
x-content-type-options: nosniff
age: 126404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21089
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 02:48:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 09 Oct 2024 03:32:20 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 766E 18 KB
18 KB 371ms
72ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTMeibz7czBME8vPVwSH5jPSreUenNY0lfzcqdkwD6IlehGah9KyYmOlq9K6w&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036793d3b8b0e882629495dec0212a0efc96695e55ecd5578a7230f6b35acd9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 01:52:39 GMT
x-content-type-options: nosniff
age: 45985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18069
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 19:47:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 10 Oct 2024 01:52:39 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 766E 21 KB
21 KB 383ms
85ms Image
image/jpeg 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSf4fFwHXkPnsPRfkUD1la_IyyUYRSVH9Pi55kXGXsdZBsbc9ynn2UeLN_RHDI&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6fab6bc0dcefd89a4ef44e312a12a422022c6795c49ead9eff48284a3c84240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 10:02:09 GMT
x-content-type-options: nosniff
age: 189415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21207
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 13:24:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Oct 2024 10:02:09 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 766E 20 KB
21 KB 359ms
61ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTLtFCeiMA6ZUv6sEa8fWmA7KGLcV23UEcswyeMqQO35j_mnfC8qIVkybvuGOc&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18916317ceac9ec52a0dc2146a156a6ce62b619b0bc441c223248c705b4dfea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:50:45 GMT
x-content-type-options: nosniff
age: 524899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20823
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:36:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Oct 2024 12:50:45 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 766E 49 KB
49 KB 382ms
84ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS2Fi5eLzYjNhX9pSdDMumJWAkwRuLMBi87zb4jttKKNs7l3fjkX-0ZhDe3Bg&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68a7333fcd1059c6510fd2b11b03e772ac9343b5bece1ad4371cb5b57804a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:43:13 GMT
x-content-type-options: nosniff
age: 532551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49798
x-xss-protection: 0
last-modified: Sat, 16 Mar 2024 18:02:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Oct 2024 10:43:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 766E 24 KB
24 KB 311ms
51ms Image
image/jpeg 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRE0KC2x_-JDtRie7CPD6osokjjR7PMNb53y72bY5Pwts3MlNpgMMbo8alMbQ&usqp=CAI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1bc4b5f08aa0b87aa9a2ab19eacb03441dc4978e78d095f5b1663ee0d3c67bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 11:50:56 GMT
x-content-type-options: nosniff
age: 96488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24235
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 06:36:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 09 Oct 2024 11:50:56 GMT

GET
H3

200

7775594092382834397
tpc.googlesyndication.com/simgad/ Frame 766E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM
https://tpc.googlesyndication.com/simgad/7775594092382834397

77 KB
77 KB

66ms
65ms

Image
image/png

2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7775594092382834397

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 02:13:09 GMT
x-content-type-options: nosniff
age: 44755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Thu, 25 May 2023 12:39:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 02:13:09 GMT

Redirect headers

date: Tue, 10 Oct 2023 21:15:26 GMT
x-content-type-options: nosniff
server: cafe
age: 62618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7775594092382834397
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Nov 2023 21:15:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D722 15 KB
16 KB 365ms
73ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 00:55:13 GMT
x-content-type-options: nosniff
age: 49431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Oct 2024 00:55:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D722 15 KB
15 KB 443ms
151ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 04:26:30 GMT
x-content-type-options: nosniff
age: 382354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 04:26:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E2DE 15 KB
16 KB 454ms
166ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 00:55:13 GMT
x-content-type-options: nosniff
age: 49431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Oct 2024 00:55:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E2DE 15 KB
15 KB 473ms
189ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 04:26:30 GMT
x-content-type-options: nosniff
age: 382354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 04:26:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1B38 15 KB
16 KB 487ms
204ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 00:55:13 GMT
x-content-type-options: nosniff
age: 49431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Oct 2024 00:55:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1B38 15 KB
15 KB 499ms
216ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahm11rxu.pics
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 04:26:30 GMT
x-content-type-options: nosniff
age: 382354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 04:26:30 GMT

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame B292 9 KB
4 KB 330ms
58ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 18:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 14:58:11 GMT

GET
H2 200 0277aed6376f32fca04fcf4b137a8261.js Show response
www.gstatic.com/mysidia/ Frame B292 144 KB
53 KB 392ms
121ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0277aed6376f32fca04fcf4b137a8261.js?tag=video_mra/web_raspberry_ms_cta_adjustment

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183887016b752962f110258ead522c5363f6243c4defe1ea93c3245f70b9dfc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54025
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 18:49:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 15:00:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B292 14 KB
1 KB 82ms
81ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 14:34:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame B292 110 KB
31 KB 91ms
90ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c415ed5efa93c4e3793a7a109f83238beb3f774463e953e9d2556fd246ca782

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 14:39:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32165
x-xss-protection: 0
server: sffe
etag: "02ef092be88d0550"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Oct 2023 14:39:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B292 2 KB
892 B 68ms
67ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:35:52 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B292 23 KB
9 KB 69ms
67ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 02:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:18:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B292 3 KB
1 KB 70ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 06:31:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B292 20 KB
8 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 06:29:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B292 0
0 86ms
84ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaReM_RMGb6338n8jaeDqen5bOgoEpdIcKlJCuRBMHGiK5TSMuk5IcvWkI-BAOhPQYguD1QyqTuCuCVAI4DzPNjAgCVYKA
Requested by: Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame B292 37 KB
15 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 03:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 23:20:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 03:44:32 GMT

GET
H/1.1 200
OK global_id Show response
in.treasuredata.com/js/v3/ 125 B
376 B 63ms
63ms Script
application/javascript 44.216.52.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/global_id?callback=TreasureJSONPCallback1

Requested by

Host: cdn.kitchen.juicer.cc
URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.52.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-52-233.compute-1.amazonaws.com

Software

Resource Hash

499a51f7a8056c1021b5adb4b3cb3639636728427a44a3de87d4456a2c13cb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 14:39:04 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 124
Content-Type: application/javascript

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0C67
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

90ms
89ms

Image
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Wed, 11 Oct 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4383704927997390662
tpc.googlesyndication.com/simgad/ Frame 0C67 29 KB
29 KB 129ms
122ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4383704927997390662?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm516FrCsugrj0hYILmRwjAX15MeQ

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf6e2dfcd7a0bfc92547cf972c024659ccea7696fb80a660ffbef32fbabd3f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:02:04 GMT
x-content-type-options: nosniff
age: 5820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29461
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:41:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 13:02:04 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C67 2 KB
2 KB 181ms
174ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29808
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C67 295 B
319 B 127ms
120ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 891C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

96ms
95ms

Image
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Wed, 11 Oct 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 891C 2 KB
2 KB 141ms
140ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29808
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 891C 295 B
319 B 142ms
140ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H3 200 8536866044462134995
tpc.googlesyndication.com/simgad/ Frame 891C 51 KB
51 KB 142ms
141ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8536866044462134995?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnJxuKEtdiTVeCvbpuqPRwoONuOsg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f87952c50630d9c151966d4a60821fbf1ae2d54521086ab7f66fe7a0a95ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:35:25 GMT
x-content-type-options: nosniff
age: 183819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52235
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 04:18:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 11:35:25 GMT

GET
DATA 200
OK truncated
/ Frame 766E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62dfac84d8232899682bc860b884754236024dd280dae51906a7185b575c622

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 114ms
113ms Fetch 3.219.155.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.155.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-155-81.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ahm11rxu.pics/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 11 Oct 2023 14:39:04 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0800 2 KB
2 KB 94ms
93ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29808
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0800 295 B
319 B 99ms
98ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D722 2 KB
2 KB 79ms
78ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29808
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D722 295 B
319 B 79ms
78ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 478ms
58ms Preflight 3.219.155.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.155.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-155-81.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ahm11rxu.pics
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 11 Oct 2023 14:39:04 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8FEA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

119ms
109ms

Image
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Wed, 11 Oct 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FEA 2 KB
2 KB 82ms
67ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29808
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FEA 295 B
319 B 84ms
68ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H3 200 2313146296523056114
tpc.googlesyndication.com/simgad/ Frame 8FEA 7 KB
7 KB 87ms
71ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2313146296523056114?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlDe_MjbCVq2wPMyN6eIWucKjcuLg

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

007bc38a0ca9e23f5e83b94e667115d0edb030bba227cd530f63e213497cc5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 00:50:18 GMT
x-content-type-options: nosniff
age: 481726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6691
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 00:45:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Oct 2024 00:50:18 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2DE 2 KB
2 KB 84ms
69ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29808
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2DE 295 B
319 B 84ms
69ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7B55
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEItNvdzizFedXa6tSpyPniA&google_cver=1&google_push=AXcoOmRSpzkod4YrwwJ-npj9xJW0xQYu3Z6QMhhp9kKCBlAdr7izVbxlPLVHLEF9ilyJ5pgO3avOvMjGrKGzUhYfVt6FEnL5REk
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY3NjE0MjM0MTg3NjAwMDg1OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEItNvdzizFedXa6tSpyPniA&google_cver=1

43 B
407 B

82ms
46ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEItNvdzizFedXa6tSpyPniA&google_cver=1
Requested by: Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 11 Oct 2023 14:39:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEItNvdzizFedXa6tSpyPniA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7B55
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEKsQnJPTpFvWjJ-FuBkCNtE&google_cver=1&google_push=AXcoOmRxxvVi7ag_UkcJeXViTeeIKenuSQCF6VKETkeB-Wthz94KMrBcbC7Vi7jLjNaYk4SdbVH0SFZXlSeqRR6mi53fs9rgPxw
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRxxvVi7ag_UkcJeXViTeeIKenuSQCF6VKETkeB-Wthz94KMrBcbC7Vi7jLjNaYk4SdbVH0SFZXlSeqRR6mi53fs9rgPxw&google_hm=M2VGd3hGRnV1d0ZreGwzW...

170 B
232 B

82ms
82ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRxxvVi7ag_UkcJeXViTeeIKenuSQCF6VKETkeB-Wthz94KMrBcbC7Vi7jLjNaYk4SdbVH0SFZXlSeqRR6mi53fs9rgPxw&google_hm=M2VGd3hGRnV1d0ZreGwzWTdacTI=

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRxxvVi7ag_UkcJeXViTeeIKenuSQCF6VKETkeB-Wthz94KMrBcbC7Vi7jLjNaYk4SdbVH0SFZXlSeqRR6mi53fs9rgPxw&google_hm=M2VGd3hGRnV1d0ZreGwzWTdacTI=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B55
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEJnV7Jcn_QreDzmli8GfQ58&google_cver=1&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1MewYV86eU...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJnV7Jcn_QreDzmli8GfQ58&google_cver=1&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1Mew...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v_FwkGcARX65-5_bfjtBow&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1Me...

170 B
188 B

88ms
88ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v_FwkGcARX65-5_bfjtBow&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1MewYV86eUiqMA

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v_FwkGcARX65-5_bfjtBow&google_push=AXcoOmSD5qYe8nwQB1CwVm6BN8gpmwBYOANheFluI3ujmAVBMF_N5FhuZ-RuckW9sZVdYtT-dvNi7NDtzDJr1MewYV86eUiqMA
access-control-allow-origin: *
date: Wed, 11 Oct 2023 14:39:05 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7B55
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEGdVHitPLWdXxOvRj7idNSs&google_cver=1&google_push=AXcoOmQJVvSZeVvVdyqghJsTg15theJ-9uO3TFiESNHa4r7k1Oh3fUV9mw64OUjGSWkBU7Y6aC5izHqNmJw8OgiFQg60tUd-vw
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&mn_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQJVvSZeVvVdyqghJsTg15theJ...

170 B
232 B

84ms
84ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&mn_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQJVvSZeVvVdyqghJsTg15theJ-9uO3TFiESNHa4r7k1Oh3fUV9mw64OUjGSWkBU7Y6aC5izHqNmJw8OgiFQg60tUd-vw&gdpr=&gdpr_consent=

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:04 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&mn_hm=MzQwMDM2NzQ0MTUyNDMzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQJVvSZeVvVdyqghJsTg15theJ-9uO3TFiESNHa4r7k1Oh3fUV9mw64OUjGSWkBU7Y6aC5izHqNmJw8OgiFQg60tUd-vw&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 11 Oct 2023 14:39:04 GMT

GET

gobRedirectFromId5
sync.inmobi.com/ Frame 7B55
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEEXceK_13JXb0cHDZD5RWoU&google_cver=1&google_push=AXcoOmTA7Hn_IBvyJz2BPwINhdiAzcJkAr0DPHuEKc5lfgl-yAobX6ec3CXViDjuT4wPuTP7WE6ZHAcjmF-jEZzoG6oOmUp1zjT8
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTA7Hn_IBvyJz2BPwINhdiAzcJkAr0DPHuEKc5lfgl-...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-5725ZfLwCcdhusBydMl6rp4pN7YlCACNJhTDMvvWIw&google_push=AXcoOmTA7Hn_IBvyJz2BPwINhdiAzcJkAr0DPHuEKc5lfgl-yAobX6ec3CXViDjuT4wPuTP7WE6ZHAcjmF-jEZzoG6oO...

0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 7B55
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDG2Fgfn6D_W...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTRlYTJmODItZTU5NS00MDdhLWI0ZmUtNjY3MWNiMDdlZmNm&google_push=AXcoOmTl1teqiDsBsm-cN5uEvZ7L7rIDyZqr-7l8KRSakVqcD6O-wLU2-zekINVWkB51F...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

76ms
76ms

Image
image/gif

23.206.253.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.206.253.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-253-150.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Wed, 11 Oct 2023 14:39:05 GMT
pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7B55
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJP3yOZac8oL-vk_GN76AMM&google_cver=1&google_push=AXcoOmQJ0zdF0GPEm...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJP3yOZac8oL-vk_GN76AMM%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg5OTk5MDcxODEzODQyNjcz&google_gid=CAESEJP3yOZac8oL-vk_GN76AMM&google_cver=1&google_push=AXcoOmQJ0zdF0GPEmpdH07ETPL0sFUUGoRJrZZYh8W...

170 B
329 B

82ms
81ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg5OTk5MDcxODEzODQyNjcz&google_gid=CAESEJP3yOZac8oL-vk_GN76AMM&google_cver=1&google_push=AXcoOmQJ0zdF0GPEmpdH07ETPL0sFUUGoRJrZZYh8Wl_Bf9q3apymHjGbzP-kgl72A8QE3ci9dLjDg72eL1CIdJZ4uypavXUuQA

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:04 GMT
an-x-request-uuid: c3c5a964-6c04-4e6e-8194-ce9b67a90011
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg5OTk5MDcxODEzODQyNjcz&google_gid=CAESEJP3yOZac8oL-vk_GN76AMM&google_cver=1&google_push=AXcoOmQJ0zdF0GPEmpdH07ETPL0sFUUGoRJrZZYh8Wl_Bf9q3apymHjGbzP-kgl72A8QE3ci9dLjDg72eL1CIdJZ4uypavXUuQA
x-proxy-origin: 38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7B55 0
130 B 323ms
79ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LcnVr3_c58nWyTOgQOzJavno7HXluukROY07f6VqkPFDvaRo2qju-yuwi35mPA454hjRmFpJBY

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
kitchen.juicer.cc/activity/ 2 KB
2 KB 242ms
241ms XHR
application/json 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/activity/?color=DfUBG/9gaEA=&jid=&uid=&sesid=&tdGlobalId=80d7daf8-f711-47a0-9552-41320f385318&tdClientId=8735965e-bc67-414b-ae97-412d810693e0&peachId=&siteId=243128&title=(3%E3%83%9A%E3%83%BC%E3%82%B8%E7%9B%AE)%20%E3%82%A2%E3%82%A6%E3%83%88%E3%83%89%E3%82%A2%E3%80%8C%E6%84%8F%E5%91%B3%E3%81%8C%E5%88%86%E3%81%8B%E3%82%8B%E3%81%A8%E6%80%96%E3%81%84%E3%80%8D%E7%A9%BA%E3%81%AE%E5%86%99%E7%9C%9F%E3%80%8C%E7%99%BB%E5%B1%B1%E3%83%BB%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%97%E3%83%BB%E9%87%A3%E3%82%8A%E3%80%8D%E4%B8%80%E8%A6%8B%E3%81%99%E3%82%8B%E3%81%A8%E6%99%AE%E9%80%9A%E3%81%A7%E3%82%82%E2%80%A6%E2%80%A6%E3%80%8C%E6%9C%AC%E5%BD%93%E3%81%AB%E5%8D%B1%E3%81%AA%E3%81%84%E5%85%86%E5%80%99%E3%80%8D%EF%BD%9C%E7%99%BB%E5%B1%B1%EF%BD%9C%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%EF%BD%9CBRAVO%20MOUNTAIN&url=https%3A%2F%2Fahm11rxu.pics%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&accessSource=&imUid=

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

bb7c4e0cf1897be27fae302901cf1337945d8249bff863152759ca471808ec5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
x-robots-tag: noindex, nofollow
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B38 2 KB
2 KB 67ms
66ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:22:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29808
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 12 Oct 2023 06:22:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B38 295 B
319 B 67ms
66ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:14:29 GMT
x-content-type-options: nosniff
server: cafe
age: 59075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 11 Oct 2023 22:14:29 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 231ms
115ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 12 Oct 2023 14:39:04 GMT

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame B292 2 KB
2 KB 67ms
65ms Image
image/png 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 08:22:35 GMT
x-content-type-options: nosniff
server: cafe
age: 22589
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Thu, 12 Oct 2023 08:22:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1855173595095424732/ Frame B292 2 KB
2 KB 68ms
66ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855173595095424732/14763004658117789537?w=100&h=100

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a478900b93b6d8bcfb41d17acfbc034c885d685f7c4e9f59106e22faffe2b8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:00:54 GMT
x-content-type-options: nosniff
age: 178690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1730
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 18:42:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 13:00:54 GMT

GET
DATA 200
OK truncated
/ Frame B292 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame B292 0
234 B 285ms
71ms Ping
image/gif 2607:f8b0:4004:c08::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnluwq8s&c=938218641676&slotId=469109320838&qqid=CLCQ5Mac7oEDFVGtnwodjysOxQ&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318475489%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0277aed6376f32fca04fcf4b137a8261.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::78 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5526539333289803927/ Frame B292 75 KB
75 KB 69ms
67ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5526539333289803927/14763004658117789537

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bc05a4e74e6c87cebf9a485054f4f28c32eb4dc57100ea3aa3f382e25abc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:20:06 GMT
x-content-type-options: nosniff
age: 1139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76663
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 19:26:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 14:20:06 GMT

GET
H2 200 / Show response
kitchen.juicer.cc/activity/set/ 2 B
381 B 196ms
196ms Script
application/json 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/activity/set/?color=DfUBG/9gaEA=&peachId=5efc3508-c6c6-47ed-9745-bb5ed6a9dee0&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
strict-transport-security: max-age=31536000
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
x-robots-tag: noindex, nofollow
content-length: 2
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK juicertag_first_logs Show response
in.treasuredata.com/js/v3/event/juicer/ 89 B
559 B 60ms
60ms Script
application/javascript 44.216.52.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/juicer/juicertag_first_logs?api_key=8318%2Fc581f430f34edc4f65d24732a5629e31f04d19e4&modified=1697035145076&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJhY2Nlc3Nfc291cmNlIjoiIiwiYWNpZCI6IiIsImFnZSI6MzcsImFyZWEiOiIiLCJjZWYiOjEsImNsaWVudF9zdGF0dXMiOiIiLCJldGFnIjoiIiwiaXBfYXBpX3R5cGUiOiIiLCJpcHVhX21peF9pZF9tZDUiOiIzMWU3ZGE5ZjNmMDk5ZTgwMTMxNDgwYWU5ZjQ1MTZlOCIsImlwdWFfbWl4X2lkX3NoYTI1NiI6ImNlMDc2OGUzYzAzNDE5OTdmYjQzMGY5NzBjMWU2NTQ0OWI2YzlhNjMyZGE2YTcxMmNkNTExYTA1MGY5Nzk2YmIiLCJqZHVmIjoiIiwiamlkIjoic3JuOnNtb29vdGhpZWFwaTp1c2VyY2FyZDpqdWljZXI6ZDA4YzRkYTktZjQwYi00NzU3LWE1Y2MtNDAyN2MyNzM5ZDg1IiwibGluayI6IiIsIm1sX3R5cGUiOjEsImxiY19pcCI6IiIsIm9yZ19uYW1lIjoiIiwib3JnX25hbWVfb3JpZ2luYWwiOiIiLCJwZWFjaF9pZCI6IjVlZmMzNTA4LWM2YzYtNDdlZC05NzQ1LWJiNWVkNmE5ZGVlMCIsInBsYWNlX2NpdHkiOiIiLCJwbGFjZV9jaXR5X2lkIjoiIiwicGxhY2VfcHJlZiI6IiIsInBsYWNlX3ByZWZfaWQiOiIiLCJwaWFpZCI6ImZmZTBlMzRkLTY2MDYtNGMyNC1iODE4LTdhMGY1NjE0ZDhiMl8yOWI4NDgzOC01ODNkLTQ1NzgtOTNjOC1mY2QzNTdhMTY5ZWIiLCJwaWQiOiIiLCJzY2lkIjoiIiwic2VzaWQiOiJmZmUwZTM0ZC02NjA2LTRjMjQtYjgxOC03YTBmNTYxNGQ4YjIiLCJzZXgiOjIsInNpZCI6MjQzMTI4LCJzdG9yYWdlX3R5cGUiOjIsInRlbXBlcmF0dXJlIjoiIiwidGVzdGlkIjoiIiwidWlkIjoiNzMxM2MyOWItODI4Ni00MWMzLWJkM2MtMDViODBlZjU4NDI2IiwidXJsIjoiaHR0cHMlM0ElMkYlMkZhaG0xMXJ4dS5waWNzJTJGIiwidnRzIjoiIiwid2VhdGhlciI6IiIsImltX3VpZCI6IiIsImNhcnJvdF9pZCI6IiIsImxvZ190eXBlIjoidHJhbiIsImFjdGlvbl90eXBlIjoidmlldyIsInRkX3ZlcnNpb24iOiIyLjMuMCIsInRkX2NsaWVudF9pZCI6Ijg3MzU5NjVlLWJjNjctNDE0Yi1hZTk3LTQxMmQ4MTA2OTNlMCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIoM%2BODmuODvOOCuOebrikg44Ki44Km44OI44OJ44Ki44CM5oSP5ZGz44GM5YiG44GL44KL44Go5oCW44GE44CN56m644Gu5YaZ55yf44CM55m75bGx44O744Kt44Oj44Oz44OX44O76Yej44KK44CN5LiA6KaL44GZ44KL44Go5pmu6YCa44Gn44KC4oCm4oCm44CM5pys5b2T44Gr5Y2x44Gq44GE5YWG5YCZ44CN772c55m75bGx772c44OL44Ol44O844K5772cQlJBVk8gTU9VTlRBSU4iLCJ0ZF9kZXNjcmlwdGlvbiI6Iigz44Oa44O844K455uuKSDnmbvlsbHjgoTjgq3jg6Pjg7Pjg5fjgarjganjgIHjgqLjgqbjg4jjg4njgqLjgpLml6XpoIPjgYvjgonmpb3jgZfjgpPjgafjgYTjgovjgajjgIHnqoHnhLbjga7osarpm6jjgavopbLjgo%2FjgozjgZ%2FntYzpqJPjgYzjgYLjgovjga7jgafjga%2FjgarjgYTjgaDjgo3jgYbjgYvjgILjgIDlpKnmsJfjga7opovmpbXjgoHjga%2Fpm6PjgZfjgY%2FjgIHntbblpb3jga7jgYrlh7rjgYvjgZHml6XlkozjgavopovjgYjjgabjgoLjgIHnqoHnhLbjga7pm7fpm6jjgavopbLjgo%2Fjgozjgovjga7jga%2FjgqLjgqbjg4jjg4njgqLlpb3jgY3jgYLjgovjgYLjgovjgaDjgILjgZfjgYvjgZfjgIHlh7rjgZfmipzjgZHjga7pm7fpm6jjgavopovjgYjigKYiLCJ0ZF91cmwiOiJodHRwczovL2FobTExcnh1LnBpY3MvIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC41OTM4LjE0OSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJhaG0xMXJ4dS5waWNzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiJ9&callback=TreasureJSONPCallback2

Requested by

Host: cdn.kitchen.juicer.cc
URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.52.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-52-233.compute-1.amazonaws.com

Software

Resource Hash

84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 11 Oct 2023 14:39:05 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H3

206

videoplayback
r3---sn-q4flrnek.gvt1.com/ Frame B292
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=92b4b6b2fd2c08ad&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1697042343&sparams=ip,ipbits,expire,id,...
https://r3---sn-q4flrnek.gvt1.com/videoplayback?id=92b4b6b2fd2c08ad&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697042343&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

972 KB
972 KB

272ms
168ms

Media
video/mp4

2607:f8b0:4000:47::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-q4flrnek.gvt1.com/videoplayback?id=92b4b6b2fd2c08ad&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697042343&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=537AD2167CEAF88B8BDDF35809C4D1283A2FE212.5C8A22F52D42260932495692373FAE31BDA3520A&key=cms1&cms_redirect=yes&mh=gG&mip=2001:550:1d05:1::13&mm=28&mn=sn-q4flrnek&ms=nvh&mt=1697033793&mv=u&mvi=3&pl=48

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2607:f8b0:4000:47::8 San Antonio, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6ce109030f98aa8f736561d4f03aa73896362e2cc6458feb32d8f5cb912db351

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 11 Oct 2023 14:39:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jul 2023 23:47:23 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-995641/995642
cache-control: private, max-age=6898
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 995642
expires: Wed, 11 Oct 2023 14:39:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-q4flrnek.gvt1.com/videoplayback?id=92b4b6b2fd2c08ad&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697042343&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=537AD2167CEAF88B8BDDF35809C4D1283A2FE212.5C8A22F52D42260932495692373FAE31BDA3520A&key=cms1&cms_redirect=yes&mh=gG&mip=2001:550:1d05:1::13&mm=28&mn=sn-q4flrnek&ms=nvh&mt=1697033793&mv=u&mvi=3&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B10D 1 KB
643 B 66ms
65ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 29363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 06:29:42 GMT
etag: 48472445140208031
expires: Thu, 12 Oct 2023 06:29:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0C67 0
0 140ms
140ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsEJZhrMmZa21JtHa_gSP17ioDLzP8q5z25b75PwR1p2WhowOEAEg_IGYkgFgyYaAgNyjxBCgAYa5paEqyAEC4AIAqAMByAMIqgSfAk_QTEXWmer0eVrkDphEKJI2Ni5mCeiQfMDta3JODiYU5M-2rPhcbe3q6CuSKX4KW1i_UfAVcxQKxWnqLOu75IOSmtEUsQ3UygyIjYLjZsTjxU6sS0nyIQIIGcZCBRg4a7dLYhmcV-_cXNbb9ZZulTK_2m6wIv_gSr85ojm7D-5MVod6CoIjvQXoV1Ji4mz4q3V9cpa_aCGrJcnl3dTmeSkOPqkL9OH2HkYYCdSmI-4MWXYXiyT4v43CrcN3wvwZFSbCzYMr6PbqslZHrn5yuBNnzqZ1n486dL3gF9rnvRSmWo3XvcVVGfcFJepphjiIodM4Q-VaVypzvdfc6W3zvEy1tNghEPDKiJ4pUOVpHAJLWTXFKvVLx5746sQEpyOAwASL3fXlvgTgBAGIBbqMlN9MkgUECAQYAZIFBAgFGASgBgKAB4bx9YAFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgeQ-0ggUCIBhEAEYHTICigI6AoBASL39wTqaCSRodHRwczovL2J1ZGdldGljLm9yZy9keS1mbHgtNjQ4MC5waHCACgPICwHaDBAKChCw677Pi47Ypw0SAgED4g0TCPnx4cac7oEDFVGtnwodjysOxdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNjIyMTkzMjkzNTI1NDY2GMCFbA&sigh=l4xlh1k13YE&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&cbvp=2
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0800 0
0 140ms
140ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr8iUhrMmZa61JtHa_gSP17ioDI2Uva9zkbyWnYMSZBABIPyBmJIBYMmGgIDco8QQoAHmoPjQAsgBCeACAKgDAcgDCqoEqAJP0PVFYBI1j0r0eNWbvmKBuULwUyNQgS0cWmxuC1oLa6SNDuzz00ThMrwUIXKqAjglRx5aqfYXdUvmijaKY4wWBRg1UiUu3cLdfS1c_9ypWMMtjQNT4T_HP2qP2eWoMN5WAH9edHVELhQN748_vFnzEiiLucptJxkda7UhLUhLkuxMfcnmVKglNT40Hwl3d-QnzkYu_isWlICYPDjjdvqZyQB7Phl7k35EQbRejqDNbepw6cMy7qZqoghgqqW6k3XWp50WkqGk6nJgXYPfX71eENy4-topqGmX3b3gKhmG0sxxS5BVeaPQpkXUJ-tWiJDvs9q-0gKO1_OCQepJrR1bIJdE3dRWoiZKbrBVSLxMT-hQsUtq341LZSwoOvxsGdCEdgNJ-1eFVMAEis7dysIE4AQBiAXiitzGTJIFBAgEGAGSBQQIBRgEoAYugAeC34evAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJiaE9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly9wcmludG5vd2FwcC5jb20vbHAygAoDyAsB2gwQCgoQ4MGf0-qP-OY0EgIBA-INEwj68eHGnO6BAxVRrZ8KHY8rDsW4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTM2MjIxOTMyOTM1MjU0NjYYwIVs&sigh=t_DyVKpGKFQ&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=484&cbvp=2
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 891C 0
0 140ms
139ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cabq3hrMmZbG1JtHa_gSP17ioDOKg3bxzoc_Sp4oS29keEAEg_IGYkgFgyYaAgNyjxBCgAZPdyKACyAEC4AIAqAMByAMIqgSjAk_Q5gjY1jD_3Cdt5GnwmhgWQXabKovCEquOFr173Pzbjr2S1PkEYzdAvGEzWEh6sbT5JzxI7YuQI6h0eGhM0EttDu-KO5oZMzL6qPxMiM1WOMny6LUWVUE2nfIyrEAcUfNAbWaeoyOz1V_eiZOx1N657ncn_8hBDd2vIwunJw1Jx8XHd1Nd52gPvtBrkfx-Zj4fSgOt72brrt6MxvwyRSrZc8EqEPQf0NX7xAfuV3fzD2KJh8I7ShOCgWSlMHg_0yv02xNlD37YZdVjl8AzQnk_qaAjS5nItHCDxw1R3tpjGlhV1okCbpuU9dWAB2D3kmgwwe-auf1ZAkKediM5hmGank65UFK8FhQq-O7KF5HexijnN3V9gdm7eMd_CY9_5fH7Y8AEorqP3KIE4AQBiAX9gJSQSZIFBAgEGAGSBQQIBRgEoAYCgAfupePbAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO2cBtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mglNaHR0cHM6Ly93d3cudml2YWlhLmNvbS9wcm9tb3Rpb24vQXJpYS1iZXN0LXNob2VzLWZvci13aWRlLWZlZXQtYnVuaW9ucy0xLmh0bWyACgPICwHaDBAKChDQrI3PmJaVmwwSAgED4g0TCP3x4cac7oEDFVGtnwodjysOxdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNjIyMTkzMjkzNTI1NDY2GMCFbA&sigh=6Ff_ruwJYcE&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&cbvp=2
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 766E 20 KB
20 KB 67ms
66ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:30:16 GMT
x-content-type-options: nosniff
age: 497329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 20:30:16 GMT

GET
DATA 200
OK truncated
/ Frame B292 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45acaeb64a318b777b7ebc54d109c9f5e48e7d01c33ad4d2c3514292d884f977

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B292
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVUbBhrMmZbC1JtHa_gSP17ioDOeH9OhyseDJhrARZBABIPyBmJIBYMmGgIDco8QQoAGbl6v9AsgBCeACAKgDAcgDCqoEowJP0GO2HeOHvSjNd342bQ58bbMlOolCWh_PRiBD1Xqxfras...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6b9ee458c821b9b50000000000000000%22,%222%22:%220x4af6a8e48e26a8300000000000000000%22,%223%22:%220x6e8805...

0
0

234ms
93ms

Fetch
text/css

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6b9ee458c821b9b50000000000000000%22,%222%22:%220x4af6a8e48e26a8300000000000000000%22,%223%22:%220x6e8805efec5847820000000000000000%22,%224%22:%220x5baa13168e6ecfd00000000000000000%22,%225%22:%220x51fe12b0a6d8100e0000000000000000%22},%22debug_key%22:%229920919934592253344%22,%22debug_reporting%22:true,%22destination%22:%22https://bitlyft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22799722395%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22395686484666862769%22}&andc=true

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x6b9ee458c821b9b50000000000000000","2":"0x4af6a8e48e26a8300000000000000000","3":"0x6e8805efec5847820000000000000000","4":"0x5baa13168e6ecfd00000000000000000","5":"0x51fe12b0a6d8100e0000000000000000"},"debug_key":"9920919934592253344","debug_reporting":true,"destination":"https://bitlyft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["799722395"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"395686484666862769"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Oct 2023 14:39:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Oct 2023 14:39:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6b9ee458c821b9b50000000000000000","2":"0x4af6a8e48e26a8300000000000000000","3":"0x6e8805efec5847820000000000000000","4":"0x5baa13168e6ecfd00000000000000000","5":"0x51fe12b0a6d8100e0000000000000000"},"debug_key":"9920919934592253344","debug_reporting":true,"destination":"https://bitlyft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["799722395"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"395686484666862769"}&andc=true
access-control-allow-origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 127ms
127ms Preflight
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVUbBhrMmZbC1JtHa_gSP17ioDOeH9OhyseDJhrARZBABIPyBmJIBYMmGgIDco8QQoAGbl6v9AsgBCeACAKgDAcgDCqoEowJP0GO2HeOHvSjNd342bQ58bbMlOolCWh_PRiBD1XqxfraspGvJ5sHhd87XvCTio9VNYRhLKRrnEBRx7_uLU_uFYEauMKCKSdVPD0jHjbBzyPPdcM-LiZ4J3PwW2FdHGcdhu_fpJ7xgbETMLaJsZ9Nh39QLRZ8u3quhKyXjFddtATJxavKEBNU4ZqHPbnzX0WeMGSvY3khFfkRbdpAWTVYVNriuIX5ZUa-QZ1aCltzfhyw7cKHElD7WJHAQNi3QJjsGLbWweSt141d5bx1Dr1FPHnB_wewLUWMZbh9MKyLn9q2VwbsUwD7s3wp1aSsmiTaQOUwphby62YLsDF4bcQCMvuMZTrhlWddzZp-oewFUgsNZVHbsRMz05Om20om0M_f8RuLABPjF_423BOAEAYgFjKWrzkmSBQQIBBgBkgUECAUYBKAGLoAHzejUggGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD64gbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJJ2h0dHBzOi8vZ28uYml0bHlmdC5jb20vbWRyLWJ1eWVycy1ndWlkZYAKA8gLAdoMEAoKEICQq6nP1MDaEhICAQPiDRMI_PHhxpzugQMVUa2fCh2PKw7FuBOcG9gTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi0zNjIyMTkzMjkzNTI1NDY2GMCFbA&sigh=t-A5vq3P9gc&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=3484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 14:39:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D722 0
0 136ms
135ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJbgXhrMmZbK1JtHa_gSP17ioDI2Uva9zkbyWnYMSZBABIPyBmJIBYMmGgIDco8QQoAHmoPjQAsgBCeACAKgDAcgDCqoEqgJP0HKcbV8jmsLBq1yI_uLi5OaZpmhBTnrFH0hrrpp5BjIIPkYU_I5V4eqSsoqEgg3poZPnFPLo1IO234YLAQKgnOuNnfhtTiOMXLUbztBBLUHIFiNEdibo2f256f-eTLzznAbyZI_f8euNXZ89JwImeyRxfjkluSDixDupedxJB6LQKX-lsjz07JGj4w9gCyFhWCrE4o4wRT5-YKA6dwRWqa6onAv_DE4K5DQaXAWTAQF-v0vQAyKDKthPuREdTAaVGg4nOV8GrHmAQ4lMCJUB0LA-y5mN38k2infOmV_Xo0U4mqFRDFH09DT2J3ZOYp6cncoFTX1IJrHomufKFsRlKpoTFA-XNbDw79wO5dMXOjQkslhkF-DmgHuRftIAB9xoB6w3VGVV1SfpwASKzt3KwgTgBAGIBeKK3MZMkgUECAQYAZIFBAgFGASgBi6AB4Lfh68BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQsasB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCRtodHRwczovL3ByaW50bm93YXBwLmNvbS9scDKACgPICwHaDBEKCxDA7rKiob_fu-EBEgIBA-INEwj-8eHGnO6BAxVRrZ8KHY8rDsW4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTM2MjIxOTMyOTM1MjU0NjYYwIVs&sigh=iB8-FZ6P5Es&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=484&cbvp=2
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8FEA 0
0 137ms
136ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Clje_hrMmZbO1JtHa_gSP17ioDI2Uva9zgbmWnYMSZBABIPyBmJIBYMmGgIDco8QQoAHmoPjQAsgBAuACAKgDAcgDCKoEqwJP0D_k2vPDDxngozt_-IbiqLKf8U4-dh3Hh3PHF8q9Uw_KPQTvDROtYtnWQgvCbkIYLqIw0lqjGAuQ-PS6irUYTUgfbt4HAUfQUGb6kCncjnVJdud9CF8nKE1dYlHJlfZyqwwpAel5xX_qM-5SZrJw2AvxsZcNdFD00ycLid3mk0OkR0BNlmD9_uab1ZOHKjeGfoXX3YCcSPbq8EYqnb6AQshi3xjoJ79OY5ELLZiipw9m6roqZ2p0Q_kQkfUBj3AbsOhVpHe49G0IOCCfJAIKBdpb3og3x6A1jJtIMYVJ7nTWbwxUeIe7_Gt848TgZ5Pwf-YIaYoWJQRK_2nVml9BL2wDE8bncf94AiiisvuRdEz1-Nmv-CuGET11qCdiPfThXAbKv643MaNYJMAEis7dysIE4AQBiAXiitzGTJIFBAgEGAGSBQQIBRgEoAYCgAeC34evAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ2XENIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly9wcmludG5vd2FwcC5jb20vbHAygAoDyAsB2gwQCgoQwKnjqPD1uIJHEgIBA-INEwj_8eHGnO6BAxVRrZ8KHY8rDsXYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzYyMjE5MzI5MzUyNTQ2NhjAhWw&sigh=AktavErjyu0&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&cbvp=2
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E2DE 0
0 139ms
138ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgH0thrMmZbS1JtHa_gSP17ioDKimk6Nz1vPf_b8RZBABIPyBmJIBYMmGgIDco8QQoAG6m9qLAsgBCeACAKgDAcgDCqoEpwJP0KVkzz4Yd-KRHLg0fY8-pgZNXGu9YQwPIr-yM6gIq381GfvTPaX6fFBjybJ-MlybDuz1wyrzrB7kFkdZ-hLCpwC10V48BRarCkhB6nTeYe4WsVSvTRa29TDGkjgVnFBIHJvLVuzs2SSOs0RSwbQYzVshPzcL7DBtr-8eXsUOSnzAWqpJyTvEHmczry6nqAqMD2QBR4-qZfAKITVaXLaNO_VSqUrFBkADu0Hv01AARrqOiOrxUawNNetin45WG25xZYuzUMX0zbeTWt1lXHRp3oIBGYoEZIRw9Xo-ycGgUr5ebhhgvqd0nRAl1AL9DK7PpV0SF3LqpjIHDQXcHXY3MauyK9DVto8Q4LQu2iqCDOkkSsB2jBpks_F9v9TXLM7KHU-jRDjMwASLvIailwTgBAGIBZ3HvMQ7kgUECAQYAZIFBAgFGASgBi6AB67kpfQBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQoMQN0ggUCIBhEAEYHTICigI6AoBASL39wTqaCU1odHRwczovL2dvLnBsYWNlci5haS93cC9leHBsb3JpbmctdGhlLW9uLXNpdGUtd29ya2ZvcmNlLWluLTUtbWFqb3ItdS1zLWNpdGllc4AKA8gLAdoMEQoLEICA0a-fjMbF5QESAgED4g0TCIDy4cac7oEDFVGtnwodjysOxbgT5APYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzYyMjE5MzI5MzUyNTQ2NhjAhWw&sigh=Gp9MOhlJfDM&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=484&cbvp=2
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1B38 0
0 136ms
136ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTgzJhrMmZba1JtHa_gSP17ioDI2Uva9zkbyWnYMSZBABIPyBmJIBYMmGgIDco8QQoAHmoPjQAsgBCeACAKgDAcgDCqoEogJP0DK67ID6tpDpnUb3Nx3bCYoeJkogBauWgr9YTRDW9nzHQe1qX-mwTkyGtd56czzuAusT44edpb48RkAkE1_hUmNPuxHBcQTkcyCjK-U8K8k-hl0nH4t72njpAd4q-ZFL0Ps2fbfLPZv18GAjjDzjIU4az-uaiW72iQy__kU98wbsC4pJbheTRQiIqfWE4d4ZIn60EKbvGnZsPX0aG9qs7Tm3QjngtbOIP21Aq-FWFwJhOu9HCnmGpryE29zv_oBmzMOrehpljLKQeX6tcWc72apixHcU4NfBuaD4qZrH7O9z-hPV8tW2nSAcb028J-H9FA4g3VYqyfBc7Yymshfh82LzLHAlbzCpnCZpwNEoT-FFqVevkGo73T8u-UbWpVx1oMAEis7dysIE4AQBiAXiitzGTJIFBAgEGAGSBQQIBRgEoAYugAeC34evAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP_SBdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly9wcmludG5vd2FwcC5jb20vbHAygAoDyAsB2gwQCgoQgPOOj_qU_uRYEgIBA-INEwiC8uHGnO6BAxVRrZ8KHY8rDsW4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTM2MjIxOTMyOTM1MjU0NjYYwIVs&sigh=RX4SPFHolEA&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=484&cbvp=2
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B292 33 KB
33 KB 67ms
66ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 454742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 08:20:03 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10D
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIRl1QNyfdc5ntOyKkPlmY0&google_cver=1&google_push=AXcoOmQKFhOZ9nIWTx_JyXHecLOb8CEzNvY9SH7SgtTSzqS7pTHqg8i...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=435b41e17ee305be&is_secure=true&networkId=14000&version=1&google_gid=CAESEIRl1QNyfdc5ntOyKkPlmY0&google_cver=1&google_push=AXcoOmQKFhOZ...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACB266VsVVDwNn2lFtAAAAAAA&expiration=1697121545&google_cver=1&is_secure=true&google_gid=CAESEIRl1QNyfdc5ntOyKkPlm...

170 B
188 B

83ms
82ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACB266VsVVDwNn2lFtAAAAAAA&expiration=1697121545&google_cver=1&is_secure=true&google_gid=CAESEIRl1QNyfdc5ntOyKkPlmY0&google_push=AXcoOmQKFhOZ9nIWTx_JyXHecLOb8CEzNvY9SH7SgtTSzqS7pTHqg8ieLPgElGnuBjdRgexOwSkQacMOvq6VpWFBB6M-3JxZ-60

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACB266VsVVDwNn2lFtAAAAAAA&expiration=1697121545&google_cver=1&is_secure=true&google_gid=CAESEIRl1QNyfdc5ntOyKkPlmY0&google_push=AXcoOmQKFhOZ9nIWTx_JyXHecLOb8CEzNvY9SH7SgtTSzqS7pTHqg8ieLPgElGnuBjdRgexOwSkQacMOvq6VpWFBB6M-3JxZ-60
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10D
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEDR_6D95vbWQ7i56y1CRlnk&google_cver=1&google_push=AXcoOmSTlY85HvP4FyRguvU1jDMrgGvuK7NfS_aKNDDmLxS6_UE2TRfg-9zdtRburWgs9QTRwP4G5kCYpR9vEk6Gb9CDvkYOudc
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838959174828&us_privacy=1---

170 B
188 B

82ms
82ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838959174828&us_privacy=1---

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838959174828&us_privacy=1---
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_hm=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&google_nid=index&google_push=AXcoOmTt0iXTZcQJJf6LzMQgNAACXxyyExBxd...

170 B
188 B

84ms
83ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_hm=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&google_nid=index&google_push=AXcoOmTt0iXTZcQJJf6LzMQgNAACXxyyExBxdZyjfY9B1pRO0t9ChjUjmcPxrUOe_d0j0x5HzWBL140V2w6IWWaZfcyLELPRU1o

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGAd7lqYzUqjGFNuTE5Sl2VaeiO4%2FL5GucMkEmL%2Fidghh%2FWz6Pqnf0ZjOsbFu23qQS8jS8oxEEcFtdq2%2FE2kcnHGNKy17fGrhpM9IhS%2FuYZNApHbIozvuTy9WQQbzV4wAZrwBHZBT%2FItSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_hm=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&google_nid=index&google_push=AXcoOmTt0iXTZcQJJf6LzMQgNAACXxyyExBxdZyjfY9B1pRO0t9ChjUjmcPxrUOe_d0j0x5HzWBL140V2w6IWWaZfcyLELPRU1o
cache-control: no-cache
cf-ray: 8147d9baee3e9ae3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10D
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEKsQnJPTpFvWjJ-FuBkCNtE&google_cver=1&google_push=AXcoOmSLP6ptvmV8K7ACew4TS6TrA6Qo3X06t4W7rhfpP6_uGCDZ_pIW_fAup1zhub3TJhnVcBlxDTyVkLvl_LcdqqasILNRC_Y
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLP6ptvmV8K7ACew4TS6TrA6Qo3X06t4W7rhfpP6_uGCDZ_pIW_fAup1zhub3TJhnVcBlxDTyVkLvl_LcdqqasILNRC_Y&google_hm=M2VGd3hGRnV1d0ZreGwzW...

170 B
188 B

86ms
86ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLP6ptvmV8K7ACew4TS6TrA6Qo3X06t4W7rhfpP6_uGCDZ_pIW_fAup1zhub3TJhnVcBlxDTyVkLvl_LcdqqasILNRC_Y&google_hm=M2VGd3hGRnV1d0ZreGwzWTdacTI=

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLP6ptvmV8K7ACew4TS6TrA6Qo3X06t4W7rhfpP6_uGCDZ_pIW_fAup1zhub3TJhnVcBlxDTyVkLvl_LcdqqasILNRC_Y&google_hm=M2VGd3hGRnV1d0ZreGwzWTdacTI=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10D
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEEZThAcOVgz9t5GClFdmfjo&google_cver=1&google_push=AXcoOmQtgC-Pb7iNNyeIRD3B5nTmEY79Fp9sfyBA8COKu1okV9_AyuG40no0F668Vl-_TMQzVZ7N6QQ12dQ9dgNrh4t5zIQp2Sg
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQtgC-Pb7iNNyeIRD3B5nTmEY79Fp9sfyBA8COKu1okV9_AyuG40no0F668Vl-_TMQzVZ7N6QQ12dQ9dgNrh4t5zIQp2Sg&google_hm=61aface234f793c68adf...

170 B
188 B

99ms
93ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQtgC-Pb7iNNyeIRD3B5nTmEY79Fp9sfyBA8COKu1okV9_AyuG40no0F668Vl-_TMQzVZ7N6QQ12dQ9dgNrh4t5zIQp2Sg&google_hm=61aface234f793c68adf7112bb90092c

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmQtgC-Pb7iNNyeIRD3B5nTmEY79Fp9sfyBA8COKu1okV9_AyuG40no0F668Vl-_TMQzVZ7N6QQ12dQ9dgNrh4t5zIQp2Sg&google_hm=61aface234f793c68adf7112bb90092c
date: Wed, 11 Oct 2023 14:39:05 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10D
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEG7ZYgEYCtdmhIXhWWrlYs8&google_cver=1&google_push=AXcoOmRWfcoiKRksJ5a6fD7uX6g9SZXVV4-BS-WXEi-0sfcW8Cs-r6fyprB3442bcIQdxLWWKctX-91Tq8E9eK77Fs24pjZ...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRWfcoiKRksJ5a6fD7uX6g9SZXVV4-BS-WXEi-0sfcW8Cs-r6fyprB3442bcIQdxLWWKctX-91Tq8E9eK77Fs24pjZAw_b3&google_hm=NzQxNzU4MDA...

170 B
188 B

85ms
85ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRWfcoiKRksJ5a6fD7uX6g9SZXVV4-BS-WXEi-0sfcW8Cs-r6fyprB3442bcIQdxLWWKctX-91Tq8E9eK77Fs24pjZAw_b3&google_hm=NzQxNzU4MDA1MDU0NDU5MTAzNA==

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRWfcoiKRksJ5a6fD7uX6g9SZXVV4-BS-WXEi-0sfcW8Cs-r6fyprB3442bcIQdxLWWKctX-91Tq8E9eK77Fs24pjZAw_b3&google_hm=NzQxNzU4MDA1MDU0NDU5MTAzNA==
Date: Wed, 11 Oct 2023 14:39:05 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10D
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEFuKE630ntGxpyY37ETKdTo&google_cver=1&google_push=AXcoOmRliSZYFpoQ-nUp3PgHVvQ1gctVRsUpQMqdtVLqA6ixIsIJI4rVSO1fP623yP3...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRliSZYFpoQ-nUp3PgHVvQ1gctVRsUpQMqdtVLqA6ixIsIJI4rVSO1fP623yP357Za3KKNZgew3gG5wbLwNX2P0X3g-NwXh

170 B
188 B

85ms
84ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRliSZYFpoQ-nUp3PgHVvQ1gctVRsUpQMqdtVLqA6ixIsIJI4rVSO1fP623yP357Za3KKNZgew3gG5wbLwNX2P0X3g-NwXh

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 3e8c7a6.a0e0789
date: Wed, 11 Oct 2023 14:39:05 GMT
x-bytefaas-request-id: 20231011143905F6685FECAB2149BA60FA
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-118-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 16,104.126.118.196
server-timing: cdn-cache; desc=MISS, edge; dur=10, origin; dur=7, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231011143905F6685FECAB2149BA60FA
x-cache-remote: TCP_MISS from a23-202-158-147.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRliSZYFpoQ-nUp3PgHVvQ1gctVRsUpQMqdtVLqA6ixIsIJI4rVSO1fP623yP357Za3KKNZgew3gG5wbLwNX2P0X3g-NwXh
x-bytefaas-execution-duration: 3.19
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 7,23.202.158.147
x-tt-trace-host: 016289713a194f8fc7d7a082e88cddf37636ea93851c34fc3d6b0721d27118cb3f19e8ce32fa16b1eeef14eaf57cff775684ffe84d1efb9ce805da8eb714295a8b2e34b4d93a61b4d255153020b09858cdbe48f83b0dba3bfce96fa151c3e204420273a74f18135c664b40fe546910a224
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Wed, 11 Oct 2023 14:39:05 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B10D 0
12 B 84ms
81ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRSQlPoY6EgYwpl_7V8CqjkwA5eQ7nYNoOYP0OEbQwyS6EN_uzp_fd_2oNsWgIVxQFhfuvRMI

Requested by

Host: 571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
URL: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
kitchen.juicer.cc/function/popup-core/ 11 KB
4 KB 211ms
208ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/function/popup-core/?color=DfUBG/9gaEA=&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

c26c584737a56c53569500a07782fc36f3f74d079475dbf38295f0ce3dd429d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=7200
x-robots-tag: noindex, nofollow
expires: Wed Oct 11 16:39:05 UTC 2023

GET
H2 200 collabo Show response
kitchen.juicer.cc/ 9 KB
3 KB 209ms
207ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/collabo?color=DfUBG/9gaEA=&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

e74176959de176588fa6f15f4339f6ce331bd9639ea9bb6c5f42372d9b291b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=7200
x-robots-tag: noindex, nofollow
expires: Wed Oct 11 16:39:05 UTC 2023

GET
H2 200 / Show response
kitchen.juicer.cc/parallel/ 8 KB
2 KB 211ms
209ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/parallel/?color=DfUBG/9gaEA=&url=https%3A%2F%2Fahm11rxu.pics%2F&deviceType=1&sesid=ffe0e34d-6606-4c24-b818-7a0f5614d8b2&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

05cd0335f54dfe81f50cfaaf88502676d23947bb6256721bc113b240694c5baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=0, no-store, no-cache, must-revalidate
x-robots-tag: noindex, nofollow
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 766E
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CMsk6hrMmZa-1JtHa_gSP17ioDJfjrMBzxfO1r4ASue7wyKoBEAEg_IGYkgFgyYaAgNyjxBCgAaHAmPEoyAEJqQLFB_4H4WaCPuACAKgDAcgDywSqBKICT9BtTdkqPsck40Whj2zSK3nO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe2158b7408ed190f0000000000000000%22,%222%22:%220xb404117138f455ae0000000000000000%22,%223%22:%220x652ecb...

0
0

232ms
92ms

Fetch
text/css

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe2158b7408ed190f0000000000000000%22,%222%22:%220xb404117138f455ae0000000000000000%22,%223%22:%220x652ecb26c95f63550000000000000000%22,%224%22:%220x1795f739f00e6ad00000000000000000%22,%225%22:%220x477b8a17b615dbe90000000000000000%22},%22debug_key%22:%22678865936806026721%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227629072524591921585%22}&andc=true

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Server

142.250.80.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe2158b7408ed190f0000000000000000","2":"0xb404117138f455ae0000000000000000","3":"0x652ecb26c95f63550000000000000000","4":"0x1795f739f00e6ad00000000000000000","5":"0x477b8a17b615dbe90000000000000000"},"debug_key":"678865936806026721","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"7629072524591921585"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Oct 2023 14:39:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Oct 2023 14:39:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe2158b7408ed190f0000000000000000","2":"0xb404117138f455ae0000000000000000","3":"0x652ecb26c95f63550000000000000000","4":"0x1795f739f00e6ad00000000000000000","5":"0x477b8a17b615dbe90000000000000000"},"debug_key":"678865936806026721","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"7629072524591921585"}&andc=true
access-control-allow-origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 126ms
126ms Preflight
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CMsk6hrMmZa-1JtHa_gSP17ioDJfjrMBzxfO1r4ASue7wyKoBEAEg_IGYkgFgyYaAgNyjxBCgAaHAmPEoyAEJqQLFB_4H4WaCPuACAKgDAcgDywSqBKICT9BtTdkqPsck40Whj2zSK3nO_mdzRGA9APqw3GjBeAWK1g4q8Wyd77NttC58Q1XkO1JAsomThnbdkOJ4hWgsOiGsYKto-bP7EEH7ew3SjVOsth_grrv9IQm-tY7CNszz0MH-T_XFFoE-zje78P6WWzka_pXbjoycbCt8RUdJGMrwCFiJ5eH8hL0Z-GQF2XrJZIMlnMNBaFsbXmfSqh6PHwZFJt3-H_OX6LP-zn0gZGEVZH67ekwmXbX4flCw_aOmT3wQMACAbL0P9cW-TvZGBemLsg8Eo3oLoQVTB6ztzzy_TgTUX1uvEqGKiZw30kWxxeZxuUEIymoNVMggGef2O1JHrBnMF0mv_BUkTFzuIkKQtIPr8rUVChjHKQL9tE_jWu3ABKu0o8u_BOAEAYgFr4vXxUySBQQIBBgBkgUECAUYBKAGLoAH8OrpkgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQiPgt0ggUCIBhEAEYHTICigI6AoBASL39wTqaCf8BaHR0cHM6Ly93d3cudGVtdS5jb20va3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0yMTF-ZW5-VVNEJmdvb2RzX2lkPTYwMTA5OTUxNzY4OTUxOSZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QxNTEzNjk1LTEmdG9waWNfY2xhc3NpZnk9MTIxgAoDyAsB2gwQCgoQsOGJ0fOCu74JEgIBA-INEwj78eHGnO6BAxVRrZ8KHY8rDsXYEw3QFQGAFwGyFx4KHAgAEhRwdWItMzYyMjE5MzI5MzUyNTQ2NhjAhWw&sigh=leHSKK4q4_4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 14:39:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9198 37 KB
14 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 07:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 07:37:41 GMT

GET
H2 200 loglyjuicer_track.js Show response
cdn.cookie.sync.usonar.jp/live_access/ 1 KB
2 KB 837ms
647ms Script
text/javascript 2600:9000:23cb:dc00:12:6e90:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie.sync.usonar.jp/live_access/loglyjuicer_track.js
Requested by: Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/collabo?color=DfUBG/9gaEA=&version=2.2.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:dc00:12:6e90:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b321bc9876facc5b7e38a4e4510c569032e28a1498f67ebf31cab917333fe709

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:07 GMT
via: 1.1 f72e244fb4f0eab694c4c73be7c5f44e.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 04:40:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
etag: "8e197210644fcad2d9e3c9d3e296b225"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 1247
x-amz-cf-id: WI8kGaKNmvvVHly6BcjNxGS0B7sjO8hri6vjTHDoQfW4-Fc3GP-usQ==
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

px.gif
juicer-lift.s3-ap-northeast-1.amazonaws.com/
Redirect Chain

https://sync.logly.co.jp/sync/sync.gif?ssp_id=1013&jid=srn:smooothieapi:usercard:juicer:d08c4da9-f40b-4757-a5cc-4027c2739d85
https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:d08c4da9-f40b-4757-a5cc-4027c2739d85&uid=bdIt4yvMVoUzQdLLOI9Sx_Yfm6Y

37 B
392 B

642ms
208ms

Image
image/gif

52.219.150.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:d08c4da9-f40b-4757-a5cc-4027c2739d85&uid=bdIt4yvMVoUzQdLLOI9Sx_Yfm6Y
Requested by: Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/
Protocol: HTTP/1.1
Server: 52.219.150.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-northeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 14:39:07 GMT
Last-Modified: Fri, 12 Jun 2020 04:06:49 GMT
Server: AmazonS3
x-amz-request-id: YD5KXW3FBBDHZFEJ
ETag: "3eacd0132310ea44cad756b378a3bc07"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 37
x-amz-id-2: hjKmL/8Ko/vZHWAu/nXyho9IH+C7TbtsjNV1Kg7mViQVzpE4vGPOjD6kP1BXvaqT2UE67EpgM5E=

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:06 GMT
server: nginx
content-type: image/gif
location: https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:d08c4da9-f40b-4757-a5cc-4027c2739d85&uid=bdIt4yvMVoUzQdLLOI9Sx_Yfm6Y
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2798&partner_device_id=d08c4da9-f40b-4757-a5cc-4027c2739d85
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2798&partner_device_id=d08c4da9-f40b-4757-a5cc-4027c2739d85
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%252C%252C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%2C%2C

95 B
124 B

60ms
60ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%2C%2C

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&ttd_puid=2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0%2C%2C
date: Wed, 11 Oct 2023 14:39:05 GMT
server: Kestrel
content-length: 359

GET
H2 200 / Show response
kitchen.juicer.cc/function/popup-nps/ 0
378 B 210ms
202ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/function/popup-nps/?color=DfUBG/9gaEA=&ip=38.132.118.75&deviceType=1&url=https%3A%2F%2Fahm11rxu.pics%2F&isShow=0&isAnswer=0&lastAnswerDate=0&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=0, no-store, no-cache, must-revalidate
x-robots-tag: noindex, nofollow
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
kitchen.juicer.cc/function/popup-ad/ 0
378 B 211ms
203ms Script
application/x-javascript 54.92.125.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kitchen.juicer.cc/function/popup-ad/?color=DfUBG/9gaEA=&id=7313c29b-8286-41c3-bd3c-05b80ef58426&jid=srn:smooothieapi:usercard:juicer:d08c4da9-f40b-4757-a5cc-4027c2739d85&ip=38.132.118.75&deviceType=1&url=https%3A%2F%2Fahm11rxu.pics%2F&isShow=0&lastShowDate=0&version=2.2.9

Requested by

Host: kitchen.juicer.cc
URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.125.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-125-230.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
vary: accept-encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
content-language: en-US
cache-control: max-age=0, no-store, no-cache, must-revalidate
x-robots-tag: noindex, nofollow
expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 242ms
85ms Preflight
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 14:39:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK juicertag_second_logs Show response
in.treasuredata.com/js/v3/event/juicer/ 89 B
559 B 62ms
60ms Script
application/javascript 44.216.52.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/juicer/juicertag_second_logs?api_key=8318%2Fc581f430f34edc4f65d24732a5629e31f04d19e4&modified=1697035145558&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJhY2Nlc3Nfc291cmNlIjoiIiwiYWdlIjozNywiYXJlYSI6IiIsImNhcnJvdF9pZCI6IiIsImNlZiI6MSwiY2xpZW50X3N0YXR1cyI6MCwiY3YiOjAsImNvb2tpZSI6Il9jYj1DNG9xbUREbThfWUtDajFhYnQ7IF9jaGFydGJlYXQyPS4xNjk3MDM1MTQxOTM2LjE2OTcwMzUxNDE5MzYuMS5DVGg0WWZEUEthQUxETzVWbmlCM3BjajVDa25vUnYuMTsgX2NiX3N2cmVmPW51bGw7IF9pbV92aWQ9MDFIQ0ZKVEpCMVZEMEFBUUtYVDk1SFpDSzE7IF9fZ2Fkcz1JRD01NWJjMWU0ZTdlMjI3MGRiOlQ9MTY5NzAzNTE0MjpSVD0xNjk3MDM1MTQyOlM9QUxOSV9NYkFXZ1dLMUFiekZ6enA0eXNfd0E5MVQ1R3lTUTsgX19ncGk9VUlEPTAwMDAwZDk4YWVmMGQ3YTM6VD0xNjk3MDM1MTQyOlJUPTE2OTcwMzUxNDI6Uz1BTE5JX01hM1JHWU5tNFp6VmFBWjBRaXVYUUI5Vl9sYUV3OyBfX3RkX3NpZ25lZD10cnVlOyBfdGQ9ODczNTk2NWUtYmM2Ny00MTRiLWFlOTctNDEyZDgxMDY5M2UwOyBfdGRfZ2xvYmFsPTgwZDdkYWY4LWY3MTEtNDdhMC05NTUyLTQxMzIwZjM4NTMxOCIsImNyZWF0ZWRfYXQiOiIiLCJkY19hY3Rpb24iOiJnZXRJbmZvLyIsImRldmljZSI6IlBDIiwiZXRhZyI6IiIsImludGVyZXN0X3Q3IjoiIiwiamlkIjoic3JuOnNtb29vdGhpZWFwaTp1c2VyY2FyZDpqdWljZXI6ZDA4YzRkYTktZjQwYi00NzU3LWE1Y2MtNDAyN2MyNzM5ZDg1IiwibWxfdHlwZSI6MSwibGJjX2lwIjoiIiwib3JnX25hbWUiOiIiLCJvcmdfbmFtZV9vcmciOiIiLCJwZWFjaF9pZCI6IjVlZmMzNTA4LWM2YzYtNDdlZC05NzQ1LWJiNWVkNmE5ZGVlMCIsInBpYWlkIjoiZmZlMGUzNGQtNjYwNi00YzI0LWI4MTgtN2EwZjU2MTRkOGIyXzI5Yjg0ODM4LTU4M2QtNDU3OC05M2M4LWZjZDM1N2ExNjllYiIsInJlZmVyZXIiOiIiLCJzY2lkIjoiIiwic2lkIjoyNDMxMjgsInNlc2lkIjoiZmZlMGUzNGQtNjYwNi00YzI0LWI4MTgtN2EwZjU2MTRkOGIyIiwic2V4IjoyLCJzdGF0dXMiOiIiLCJ0ZW1wZXJhdHVyZSI6bnVsbCwidGNpZCI6Ijg3MzU5NjVlLWJjNjctNDE0Yi1hZTk3LTQxMmQ4MTA2OTNlMCIsInRnaWQiOiI4MGQ3ZGFmOC1mNzExLTQ3YTAtOTU1Mi00MTMyMGYzODUzMTgiLCJ0aW1lc3RhbXAiOjE2OTcwMzUxNDMsInRpdGxlIjoiKDPjg5rjg7zjgrjnm64pIOOCouOCpuODiOODieOCouOAjOaEj%2BWRs%2BOBjOWIhuOBi%2BOCi%2BOBqOaAluOBhOOAjeepuuOBruWGmeecn%2BOAjOeZu%2BWxseODu%2BOCreODo%2BODs%2BODl%2BODu%2BmHo%2BOCiuOAjeS4gOimi%2BOBmeOCi%2BOBqOaZrumAmuOBp%2BOCguKApuKApuOAjOacrOW9k%2BOBq%2BWNseOBquOBhOWFhuWAmeOAje%2B9nOeZu%2BWxse%2B9nOODi%2BODpeODvOOCue%2B9nEJSQVZPIE1PVU5UQUlOIiwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNiIsInVpZCI6IjczMTNjMjliLTgyODYtNDFjMy1iZDNjLTA1YjgwZWY1ODQyNiIsInVybCI6Imh0dHBzOi8vYWhtMTFyeHUucGljcy8iLCJwbGFjZSI6IiIsInBsYWNlX2NpdHkiOiIiLCJwbGFjZV9jaXR5X2lkIjoiIiwicGxhY2VfcHJlZiI6IiIsInBsYWNlX3ByZWZfaWQiOiIiLCJ0eHQxIjoiIiwidHh0MiI6IiIsInZpc2l0IjowLCJ3ZWF0aGVyIjpudWxsLCJ3aWQiOjI0MzEyOCwidnRzIjoxNjk3MDM1MTQzLCJpbV91aWQiOiIiLCJnYV9jbGllbnRpZCI6IiIsIm1lbiI6MCwid29tYW4iOjEsImdlbmRlciI6IuWls%2BaApyIsInBjIjoxLCJzcCI6MCwidXNlX2lwX2FwaSI6IiIsImpkdWYiOjEsImxvZ190eXBlIjoidHJhbiIsImFjdGlvbl90eXBlIjoidmlldyIsInRlc3RpZCI6IiIsInBpZCI6IiIsImFjaWQiOiIiLCJ0ZXN0X3R5cGUiOiIiLCJpbWFnZSI6IiIsImxpbmsiOiIiLCJpbnRlcmVzdF9pZCI6Im5fOTkwMDAwMDAwMCIsImludGVyZXN0X2FjdGlvbl9zY29yZSI6MSwic2l0ZV9jYXRlZ29yeV9pZF9uNCI6Im5fOTkwMDAwMDAwMCIsInRkX3ZlcnNpb24iOiIyLjMuMCIsInRkX2NsaWVudF9pZCI6Ijg3MzU5NjVlLWJjNjctNDE0Yi1hZTk3LTQxMmQ4MTA2OTNlMCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIoM%2BODmuODvOOCuOebrikg44Ki44Km44OI44OJ44Ki44CM5oSP5ZGz44GM5YiG44GL44KL44Go5oCW44GE44CN56m644Gu5YaZ55yf44CM55m75bGx44O744Kt44Oj44Oz44OX44O76Yej44KK44CN5LiA6KaL44GZ44KL44Go5pmu6YCa44Gn44KC4oCm4oCm44CM5pys5b2T44Gr5Y2x44Gq44GE5YWG5YCZ44CN772c55m75bGx772c44OL44Ol44O844K5772cQlJBVk8gTU9VTlRBSU4iLCJ0ZF9kZXNjcmlwdGlvbiI6Iigz44Oa44O844K455uuKSDnmbvlsbHjgoTjgq3jg6Pjg7Pjg5fjgarjganjgIHjgqLjgqbjg4jjg4njgqLjgpLml6XpoIPjgYvjgonmpb3jgZfjgpPjgafjgYTjgovjgajjgIHnqoHnhLbjga7osarpm6jjgavopbLjgo%2FjgozjgZ%2FntYzpqJPjgYzjgYLjgovjga7jgafjga%2FjgarjgYTjgaDjgo3jgYbjgYvjgILjgIDlpKnmsJfjga7opovmpbXjgoHjga%2Fpm6PjgZfjgY%2FjgIHntbblpb3jga7jgYrlh7rjgYvjgZHml6XlkozjgavopovjgYjjgabjgoLjgIHnqoHnhLbjga7pm7fpm6jjgavopbLjgo%2Fjgozjgovjga7jga%2FjgqLjgqbjg4jjg4njgqLlpb3jgY3jgYLjgovjgYLjgovjgaDjgILjgZfjgYvjgZfjgIHlh7rjgZfmipzjgZHjga7pm7fpm6jjgavopovjgYjigKYiLCJ0ZF91cmwiOiJodHRwczovL2FobTExcnh1LnBpY3MvIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC41OTM4LjE0OSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJhaG0xMXJ4dS5waWNzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiJ9&callback=TreasureJSONPCallback3

Requested by

Host: cdn.kitchen.juicer.cc
URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.52.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-52-233.compute-1.amazonaws.com

Software

Resource Hash

b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 11 Oct 2023 14:39:05 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 154ms
86ms Preflight
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 14:39:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0C67 42 B
64 B 132ms
131ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseeLbkOvYvPeo_zliEbiqhaFuN5XgpdhAxOzqKV3Dhx9_yDI-PfdKH5zZ16c_8_i-SMpAgi-l68nIWR-_zDD7Wic4XfxhDzyDwBG4o9_yW1l3kHl7h0wRrbneYQ5F1YUPkh368ZZlBiQ&sai=AMfl-YQ0qa0TFj-cuJfTYVm73R5sOCPLC5DzsDkkKPF6cJUbKdLpKVcv8LRMInBMb4BMPCwL_Yw7WXh20K_qaqH783xqOZjufGP4SfxVOnzAI-l_e7UMdFThAP92eT0&sig=Cg0ArKJSzBe3ymUo6CL5EAE&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&id=ampim&o=315,155&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=1499&tls=2499&g=100&h=100&tt=2500&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: ahm11rxu.pics
URL: https://ahm11rxu.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 766E 42 B
64 B 269ms
137ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7_tFM-zKZC-fHHY_UiwxEkSTuQhT6Z40SWjuBJaAD8S4WJhDBYQwCugBrJ8feE9muliSL5m5qjxiYezhvxyqdR5afAfnhun42zRr22A_2eP7TFUju51U-Rpd4jfSB51jkv0s6J51qJg&sai=AMfl-YR5RlbbQWwQzWNxlCE3OpWywGS0a6dV2TUEfvfrfz4RmAqUF8wh_-XFPdfSUUXSrZzwVNtLUZdiJtN4JX7nBSvx_oVpTBorhfPnIIEuPsRphj9qxc-uTZfytAU&sig=Cg0ArKJSzP7VTliRZHDyEAE&cid=CAQSOwDICaaN8WPEiJhat3SEDmzbGZtlyjvTcWa3aRKP3em5JqTedctg5nGwDSsJwq-hRXvdSElyTyVQ461pGAE&id=lidar2&mcvt=1000&p=445,1000,1045,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3210573583&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697035143664&rpt=1703&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
110ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0839adb79f12aa435527d3a4604353d4d2fa366ce1a32d0f284ad2011b59c825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11981
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5372 15 KB
6 KB 179ms
62ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ahm11rxu.pics

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 14:39:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 260690
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 124ms
124ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 14:39:07 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B292 0
54 B 75ms
74ms Ping
image/gif 2607:f8b0:4004:c08::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnluwqa1&c=938218641676&slotId=469109320838&qqid=CLCQ5Mac7oEDFVGtnwodjysOxQ&umsem=0&ape=1&ple=1&met.4=vil.lnluwqzp~vfl.lnluwr71
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0277aed6376f32fca04fcf4b137a8261.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::78 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5372
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ahm11rxu.pics&sn=ChromeSyncframe&so=0&topUrl=ahm11rxu.pics&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Rmxo_HxJZ0VjZTJ4TWpwcGE1bUJnRzhsV2lITEx5NU1nVXU0UkNxQy9vM245WEpZbmF6QTdCRG9CK3pQNlpIMmtjMWN1SkoyUkRFZWVxMDJDUWFDMkRSRTEyL2ZzQUpROGFwZGNCSkViNTIwaVNZVU56c2lyS0xBbzI0el...

433 B
650 B

181ms
57ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Rmxo_HxJZ0VjZTJ4TWpwcGE1bUJnRzhsV2lITEx5NU1nVXU0UkNxQy9vM245WEpZbmF6QTdCRG9CK3pQNlpIMmtjMWN1SkoyUkRFZWVxMDJDUWFDMkRSRTEyL2ZzQUpROGFwZGNCSkViNTIwaVNZVU56c2lyS0xBbzI0elZSRzRYdGlGMi9OZHY4RENROHUrTlFySWpiYVdZTDg4aytSK0RXN1dRQmkvK3JqMndOSm5WcUZ3N2grcWVVdUF0OW05WG1WaDArRS9BZWszTEppOTh6SkRuR2dCUlZUaFJ6VkFkVFZMbE04MVBBSWxoMUR0dGNza3p1ZHhNeXE4L2pvN01PVEJUS2NsYlVEQzZlWEtxUm5ETW9QdWltUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2dad66aaaec2502bae9ebe0635496b5bf666d1e65d14f763b2787a0b7cbe881b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2129872
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Rmxo_HxJZ0VjZTJ4TWpwcGE1bUJnRzhsV2lITEx5NU1nVXU0UkNxQy9vM245WEpZbmF6QTdCRG9CK3pQNlpIMmtjMWN1SkoyUkRFZWVxMDJDUWFDMkRSRTEyL2ZzQUpROGFwZGNCSkViNTIwaVNZVU56c2lyS0xBbzI0elZSRzRYdGlGMi9OZHY4RENROHUrTlFySWpiYVdZTDg4aytSK0RXN1dRQmkvK3JqMndOSm5WcUZ3N2grcWVVdUF0OW05WG1WaDArRS9BZWszTEppOTh6SkRuR2dCUlZUaFJ6VkFkVFZMbE04MVBBSWxoMUR0dGNza3p1ZHhNeXE4L2pvN01PVEJUS2NsYlVEQzZlWEtxUm5ETW9QdWltUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 528752
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA46 13 KB
5 KB 70ms
66ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 23170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 08:12:57 GMT
expires: Thu, 10 Oct 2024 08:12:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 78E1 829 B
559 B 89ms
88ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49ede9b888a46fcda98f0ec04cadec882fee007a264ea691917b95f72e5073ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-diWi344PNICTBzyOoxrmvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-diWi344PNICTBzyOoxrmvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 14:39:07 GMT
expires: Wed, 11 Oct 2023 14:39:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame DA46 37 KB
14 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 10:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 10:44:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 78E1 0
0 125ms
124ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=2080221586828470&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DA46 0
12 B 66ms
65ms Image
text/plain 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5x8ySQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C4DC 52 KB
17 KB 282ms
68ms Document
text/html 23.196.56.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.196.56.215 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-56-215.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 11 Oct 2023 14:39:07 GMT
ETag: "623de86a-cf34"
Expires: Thu, 12 Oct 2023 14:39:09 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3A27 281 B
554 B 220ms
64ms Document
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 11 Oct 2023 14:39:07 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame CA11 3 KB
2 KB 132ms
48ms Document
text/html 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/12162_bravo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://ahm11rxu.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 445
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8147d9c88b9e0359-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 14:39:07 GMT
expires: Wed, 11 Oct 2023 18:39:07 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 42A6 2 KB
1 KB 78ms
77ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df62136d3ace42c9fc4d066db3552580e8a507b76152cc0ed088ebbc695bb601

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8147d9c90ecf3714-MIA
content-encoding: br
content-type: text/html
date: Wed, 11 Oct 2023 14:39:07 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvUqSI%2F5JLrDkAug67nBKMfvYNKIycjAhzrZlW8YbQxbPk5TzNdK%2FarWvIFRDP2IVfeoS1EinYBkzmd3XmNJXAsyAQX%2BSaH%2FR1IPZhYmTzKCxl9zVnEIQlg0%2FmTfZmlBls3rEnQnzZ75RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3A27 38 KB
11 KB 64ms
64ms Script
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5dc280f17d00e8a1b9f05ac2bac39994b576fc49b80a42c0e2bb5dfa2fc38170

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 14:39:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Oct 2023 22:23:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27886
Connection: keep-alive
Content-Length: 10836
Expires: Wed, 11 Oct 2023 22:23:53 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 42A6
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&expiration=1699627147&gdpr=0&gdpr_consent=

43 B
734 B

77ms
76ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&expiration=1699627147&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7qsbFlHFMbmfV9wivTlsxI6WAUZnzyStsQDiSN%2ByuK101ifqdKZu3P5x5OgyUZE5ekgqEZ52SzZgvNF4v6yufBYUV0dOv%2Fu8Kpr2%2BSduz54G%2B9iPuIlrDEsJ0VJq5NxMwrJ2BAVTLMiHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8147d9ca08083714-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4c558bc2-c027-4de9-bd7e-da5174e1fe52&expiration=1699627147&gdpr=0&gdpr_consent=
date: Wed, 11 Oct 2023 14:39:07 GMT
server: Kestrel
content-length: 323

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 42A6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSazifHhX-PIrkirgfziGQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOfPjaer00u5sdnAlNHT-Vc&google_cver=1

43 B
733 B

87ms
86ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOfPjaer00u5sdnAlNHT-Vc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe6QrDqDqxZrgeI7xTh7jBZnrwkB%2BA0liT8NBUUd3VabEWTbXSuO7VRcfv0ubWUlvZwrUQqwsCx%2FaQWMaKpEw53JOdxbkS6MSQKOneKPOQA7ertkOSVeIHUMNf732ebnC6ZCHVD%2B3bh99A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8147d9ca98853714-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOfPjaer00u5sdnAlNHT-Vc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 42A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_cver=1

43 B
733 B

80ms
79ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDb8Id6YTgQEHC7bRislOFCagvaG%2FbCGe1OJKMBj37Oo8HOdeAnFPvOlbBMtKsmu6KPLsyLzAcbdp1gE%2B9W0K5LLxwR3QDKYC1d0nGv%2BIsE%2Bijc7oKlExVPuTJOc6gqFFYn5hPP6EpdnTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8147d9ca18193714-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAA1P7VSVooeXbh5LXvWOcM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 42A6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

110ms
109ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RJY37VD5JZRYFE51PET8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YEGMBZ2GQD5HYD93YSN9
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazifHhX_PIrkirgfziGQAACtgAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame 42A6 0
339 B 201ms
71ms Image
image/gif 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 11 Oct 2023 14:39:07 GMT
server: c
content-length: 0
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 42A6
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=55hjZ-7vJ-XU8rBSs5KS

43 B
732 B

77ms
76ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=55hjZ-7vJ-XU8rBSs5KS
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaLkmMULYvpzykhs17Z8dBRHHDPn%2BVbH56YC2zUli4UxfJj5CkEeDhtGBAIbKwRSIr6xqwdX23cJF7GRNTDRSIEUPsHazLg8kQ1KRiYgikVPLvUEA%2BZRkxjHwo2nU9L0e7ErMnqqNhqPgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8147d9cbc9b63714-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:08 GMT
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=55hjZ-7vJ-XU8rBSs5KS
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame 42A6
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=189999071813842673

43 B
334 B

77ms
73ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=189999071813842673
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrRWIGLIvJNo6UKVyFMdr8r%2FuKxh%2BTJJ8jsWWJAYK4%2BZXInot8He0fE4Gqg2emCrSJSuR1t4YOnbn%2FW%2FwFFh6r6sMK7u7BWyWHVdBGQ%2FkASw2giBodknHwqET%2B7Mze15Yq3C7Zfp"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8147d9ca2d6c9ae3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
an-x-request-uuid: c2f85c1d-28b3-4dd2-8dbf-5bea054667ed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=189999071813842673
x-proxy-origin: 38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 42A6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3jTD0qkQUed0i54S8NXORiaEdks

43 B
735 B

83ms
82ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3jTD0qkQUed0i54S8NXORiaEdks
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTrZaT87zG09%2BnjU%2B4%2FqULOhwUh%2FvzYldgQQwo9qH2quzGLIRgKsLRqDiIeXYCOJASdRAZhRaZr28tI6uJap9rLKHp71CzkJ%2F5uoNQL9t2phjONo3Vn718FvRb4eRrT746MDNopuYQdMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8147d9cb393f3714-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3jTD0qkQUed0i54S8NXORiaEdks
Date: Wed, 11 Oct 2023 14:39:07 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 42A6 43 B
229 B 43ms
39ms Image
image/gif 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZSazifHhX-PIrkirgfziGQAA%262776
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11rxu.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:07 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 72195
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8147d9c99cfa0359-MIA
content-length: 43
expires: Thu, 12 Oct 2023 14:39:07 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C4DC 0
594 B 68ms
68ms Script
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:07 GMT
an-x-request-uuid: 2a2021d2-8db5-46eb-bd2f-5260e70ed322
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 3A27 7 B
789 B 253ms
60ms XHR
application/json 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 19ea072139d67f7022c6e463249c998e
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 127ms
126ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=2080221586828470&bg=!6-il6KfNAAbjlzx0w5c7ADQBe5WfOCfhNAOsTAf6j_MyHJHaXMGm7TCQT6zUfeK1Rp4K10RgV2eJibHRcl-zL6bY18qgAgAAAGVSAAAACmgBB5kCus1UjU0BJORTTxqLGXuyBc_P2F1jREy26S_ZuQwHuko85005dP209LHxnJ_NnEZw6xkkPh9GnTPiDmzVZ9md39CmCUgbO5w7lCE0r8vbCiBprjfWj1d0PatXqbKfZbKHLYkhsSSiYvrvY7Gxvf3P2alSVU5LbRyCmnl-E2PPZs6VDMn5HhfNUD14MmttIhYGVxD34mk_02EU3UKrFjIltRfUgQwiUCKRTiRzvUD9pY8-O-8b1CNPTwN9JbIRtTo_GV18cRwIfUYqPXqcbH4FkV8fVzvZ_YYyy4vyzDtaSlVPIOx63FGqCLShNxotJdt8w5n_eB2PYlQCzU1mFHvlIFrE1_dAZTuCqOv_sjTXcRaNwBSKQG40U6J5mXO2VtkPdKRPEEFkjUXf8EiisHCWwEjLtZaBfj8OfyfhUY5hyipIo8PZ-Te4tEPwo-SEDgGtgR3zSUVUUeGlFopQTMzkTVpCmCYdb-mXZYIE1e0yO6VFohesUPVVpOKeoo4KMkG2YW01qEpqKo_sPv3GXxRRwUEbPp3MtsAsiQgvN0LZa9nXDNKHK8YAisGomoDpg3SSFALBhdp00Bl44tPAxiT4jJqfLJFZgu4zQEFBaJujO31P23c-NltC_ijdsj1RiLVZY6FcghIgjnqPvjJ1jqsnvs2n8cClN0CmyRFSX0gTap9uhS9WyquW20Ddo54TLBfNixGa23Ib_NMLYUsku5uNx7UsjIgjOGwUO3f_Enth49zRg7KiO4juezAwDdaTDCgPTPwV_FKQ185r9xQITDd9EMCc0kKNezaVXLOq1yzmUFwZqMUiobi_aYrQ1MiAR99l9KadIbvfjrFzG5Pwx5cmb0WNKCVsUAzQeqAQoZvbXyF4Jnu6BOU095sgsvJtgFe0sZbeEi_3gvGrg14trp5lsDcsAUJhZzd1YqY3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ahm11rxu.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3A27
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWOBS-U-476C

0
514 B

166ms
95ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWOBS-U-476C
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:08 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4B864859C05D425C83D6369165E91466 Ref B: MIAEDGE2121 Ref C: 2023-10-11T14:39:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHcckwsA7im5gruLvWyw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWOBS-U-476C
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDNfzGuHSZ8EuTPfvXu-GVI&google_cver=1

42 B
702 B

221ms
60ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDNfzGuHSZ8EuTPfvXu-GVI&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDNfzGuHSZ8EuTPfvXu-GVI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 3A27 43 B
855 B 654ms
218ms Image
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z6Z1GA61NAB66BBSY4NY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3A27
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oKriEmldRfWvwDOrW5_UHA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oKriEmldRfWvwDOrW5_UHA

43 B
479 B

63ms
62ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oKriEmldRfWvwDOrW5_UHA

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 873S7KHNBAYM2JWFNWYK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oKriEmldRfWvwDOrW5_UHA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A27
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5MVVdPQlMtVS00NzZD
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEtT7faTLzxe-8xTy2E-__g&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdPQlMtVS00NzZD&google_push=

170 B
188 B

83ms
82ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdPQlMtVS00NzZD&google_push=

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdPQlMtVS00NzZD&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8bab65602db075726861004da5629947
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A27
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiNWM0NmIxNjQ5MTBjNjk2ZDQ5NzY3M2Q5Y2QxNTIyN2MxZTZjMQ

170 B
188 B

85ms
85ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiNWM0NmIxNjQ5MTBjNjk2ZDQ5NzY3M2Q5Y2QxNTIyN2MxZTZjMQ

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiNWM0NmIxNjQ5MTBjNjk2ZDQ5NzY3M2Q5Y2QxNTIyN2MxZTZjMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a0d1cefc91c6f8b22fd2adf3abe06a61
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A27
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4c558bc2-c027-4de9-bd7e-da5174e1fe52&gdpr=0&gdpr_consent=&expires=30

42 B
702 B

241ms
62ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4c558bc2-c027-4de9-bd7e-da5174e1fe52&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4c558bc2-c027-4de9-bd7e-da5174e1fe52&gdpr=0&gdpr_consent=&expires=30
date: Wed, 11 Oct 2023 14:39:08 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A27
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/IiFoopVSHQOUzrDQA_hMVw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JBzr93ZE2oLfK333IoaqwIEWbxgayP7Buer5pA--~A

42 B
702 B

61ms
59ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JBzr93ZE2oLfK333IoaqwIEWbxgayP7Buer5pA--~A
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 11 Oct 2023 14:39:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JBzr93ZE2oLfK333IoaqwIEWbxgayP7Buer5pA--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A27
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB-OU7KTWcAABya-w6lJQ&expires=30

42 B
702 B

63ms
61ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB-OU7KTWcAABya-w6lJQ&expires=30
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB-OU7KTWcAABya-w6lJQ&expires=30
Date: Wed, 11 Oct 2023 14:39:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 3A27
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWOBS-U-476C

43 B
1 KB

87ms
84ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWOBS-U-476C

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:08 GMT
an-x-request-uuid: 75336d8b-3a5b-4e2b-9aee-13867d38e7c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWOBS-U-476C
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 382e2818ca015d35b02cd449aa60881d
Expires: 0

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 3A27
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNLUWOBS-U-476C
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWOBS-U-476C
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWOBS-U-476C&ckls=true&ci=H98kEVDR3g&nc=false&trid=-1265753310

43 B
1 KB

224ms
75ms

Image
image/gif

18.173.219.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWOBS-U-476C&ckls=true&ci=H98kEVDR3g&nc=false&trid=-1265753310
Protocol: H2
Server: 18.173.219.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-12.jfk52.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:09 GMT
via: 1.1 f875ba0ddbd90a5e7c9a82af3af607f6.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: f6ELpjs3tnwvRjPFnwI8kekADQ3v_T-6mJ3NGvR0xgr2eOX4qeJYOA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:09 GMT
via: 1.1 cd691f5232ad8151e816e4693db0dfac.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWOBS-U-476C&ckls=true&ci=H98kEVDR3g&nc=false&trid=-1265753310
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: B2D6y4fMq00mVz1B1i3EHlVmj6iVTNF19ibQec1hZbWSDJ6MISC86w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cksync
hb.yahoo.net/ Frame 3A27
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNLUWOBS-U-476C&redir=true
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNLUWOBS-U-476C&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNLUWOBS-U-476C&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14QkNtNEdKRTJ1RzE5cS5hcElXbzNQVkdFTU5VZFBTSn5B&ovsid=LNLUWOBS-U-476C&dpid=58160

53 B
646 B

668ms
82ms

Image
image/gif

23.40.179.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS14QkNtNEdKRTJ1RzE5cS5hcElXbzNQVkdFTU5VZFBTSn5B&ovsid=LNLUWOBS-U-476C&dpid=58160

Protocol

Server

23.40.179.64 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 11 Oct 2023 14:39:09 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 11 Oct 2023 14:39:09 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS14QkNtNEdKRTJ1RzE5cS5hcElXbzNQVkdFTU5VZFBTSn5B&ovsid=LNLUWOBS-U-476C&dpid=58160
date: Wed, 11 Oct 2023 14:39:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 3A27
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LNLUWOBS-U-476C
https://ce.lijit.com/merge?pid=80&3pid=LNLUWOBS-U-476C&dnr=1

43 B
663 B

66ms
66ms

Image
image/gif

63.251.114.136
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LNLUWOBS-U-476C&dnr=1
Protocol: HTTP/1.1
Server: 63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:08 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 14:39:08 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=80&3pid=LNLUWOBS-U-476C&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ewr1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 3A27
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LNLUWOBS-U-476C

0
449 B

838ms
66ms

Image
text/plain

147.75.198.144
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LNLUWOBS-U-476C
Protocol: H2
Server: 147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:08 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LNLUWOBS-U-476C
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 3A27
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNLUWOBS-U-476C

68 B
281 B

808ms
56ms

Image
image/png

18.211.184.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNLUWOBS-U-476C
Protocol: H2
Server: 18.211.184.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-184-20.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:09 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNLUWOBS-U-476C
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a0d1cefc91c6f8b22fd2adf3abe06a61
Expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 3A27
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWOBS-U-476C

95 B
124 B

55ms
54ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWOBS-U-476C

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:39:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWOBS-U-476C
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C4DC 0
595 B 70ms
69ms Script
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 14:39:08 GMT
an-x-request-uuid: 4f8f2d5f-8e08-4c5d-82c4-1ff6ae01fa8e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.inmobi.com
URL: https://sync.inmobi.com/gobRedirectFromId5?id=ID5-5725ZfLwCcdhusBydMl6rp4pN7YlCACNJhTDMvvWIw&google_push=AXcoOmTA7Hn_IBvyJz2BPwINhdiAzcJkAr0DPHuEKc5lfgl-yAobX6ec3CXViDjuT4wPuTP7WE6ZHAcjmF-jEZzoG6oOmUp1zjT8

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ahm11rxu.pics/	1970-01-21 00:52:43	Name: _cb Value: C4oqmDDm8_YKCj1abt
.ahm11rxu.pics/	1970-01-21 00:52:43	Name: _chartbeat2 Value: .1697035141936.1697035141936.1.CTh4YfDPKaALDO5VniB3pcj5CknoRv.1
.ahm11rxu.pics/	1970-01-20 15:23:56	Name: _cb_svref Value: null
.rubiconproject.com/	1970-01-21 00:09:31	Name: khaos Value: LNLUWOBS-U-476C
.ahm11rxu.pics/	1970-01-20 16:07:07	Name: _im_vid Value: 01HCFJTJB1VD0AAQKXT95HZCK1
.doubleclick.net/	1970-01-21 00:59:55	Name: IDE Value: AHWqTUka7JIv8fEzrx_tTMbKfmaYXy0K0EzeMivvEAKhez4EW5hrvzucTZ9NWpPelYU
.ahm11rxu.pics/	1970-01-21 00:45:31	Name: __gads Value: ID=55bc1e4e7e2270db:T=1697035142:RT=1697035142:S=ALNI_MbAWgWK1AbzFzzp4ys_wA91T5GySQ
.ahm11rxu.pics/	1970-01-21 00:45:31	Name: __gpi Value: UID=00000d98aef0d7a3:T=1697035142:RT=1697035142:S=ALNI_Ma3RGYNm4ZzVaAZ0QiuXQB9V_laEw
.ahm11rxu.pics/	1970-01-21 00:59:55	Name: __td_signed Value: true
.in.treasuredata.com/	1970-01-21 00:59:55	Name: _td_global Value: 80d7daf8-f711-47a0-9552-41320f385318
.doubleclick.net/	1970-01-20 15:23:58	Name: DSID Value: NO_DATA
ahm11rxu.pics/	1970-01-20 15:24:01	Name: _td_global Value: 80d7daf8-f711-47a0-9552-41320f385318
.adnxs.com/	1970-01-20 17:33:31	Name: uuid2 Value: 189999071813842673
.turn.com/	1970-01-20 19:43:07	Name: uid Value: 2676142341876000858
.360yield.com/	1970-01-20 17:33:31	Name: tuuid Value: bff17090-6700-457e-b9fb-9fdb7e3b41a3
.360yield.com/	1970-01-20 17:33:31	Name: tuuid_lu Value: 1697035144
.yieldmo.com/	1970-01-21 00:09:31	Name: yieldmo_id Value: 3eFwxFFuuwFkxl3Y7Zq2%7C1696982400000%7C0
.teads.tv/	1970-01-21 00:08:04	Name: tt_viewer Value: a4ea2f82-e595-407a-b4fe-6671cb07efcf
.media.net/	1970-01-21 00:09:31	Name: visitor-id Value: 3400367441524338000V10
.media.net/	1970-01-20 15:44:04	Name: data-g Value: CAESEGdVHitPLWdXxOvRj7idNSs~~3
.kitchen.juicer.cc/	1970-01-21 00:09:31	Name: __juicer_peach_id_9i3nsdfP_ Value: 5efc3508-c6c6-47ed-9745-bb5ed6a9dee0
.casalemedia.com/	1970-01-21 00:09:31	Name: CMID Value: ZSazifHhX-PIrkirgfziGQAA
.casalemedia.com/	1970-01-20 17:33:31	Name: CMPS Value: 2776
.casalemedia.com/	1970-01-20 17:33:31	Name: CMPRO Value: 2776
.acuityplatform.com/	1970-01-21 00:09:31	Name: auid Value: 838959174828
.acuityplatform.com/	1970-01-21 00:09:31	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRUdlVQiemGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVHZVUIno90aGlyZFBhcnR5VXNlcklkWkNBRVNFRFJfNkQ5NXZiV1E3aTU2eTFDUmxua/v7hnZlcnNpb27C+w=="
.adingo.jp/	1970-01-20 16:07:07	Name: ID Value: 61aface234f793c68adf7112bb90092c
.ahm11rxu.pics/	1970-01-21 00:59:55	Name: _td Value: 8735965e-bc67-414b-ae97-412d810693e0
.dotomi.com/	1970-01-20 15:23:55	Name: DotomiTest Value: 435b41e17ee305be
.tapad.com/	1970-01-20 16:50:19	Name: TapAd_TS Value: 1697035145653
.tapad.com/	1970-01-20 16:50:19	Name: TapAd_DID Value: 2e2cfcfc-f552-416d-b015-4e0e8c6ef9e0
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjcxNDe1MDAwNTA1MTG1NDQwNhHiM9R1LA-sLM2ssijJL3EGALHCbIIlAAAA
.rfihub.com/	1970-01-21 00:45:31	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dTePikx3jXQuScnN8IzICA8vyokstgjiNTSzNDcwNjU0MTWzMH7FiMI3AQDVYHQzPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dTePikx3jXQuScnN8IzICA8vyokstgAAHJvCoR4AAAA
.rfihub.com/	1970-01-21 00:45:31	Name: rud Value: H4sIAAAAAAAA_-MSNjcxNDe1MDAwNTA1MTG1NDQwNhHiM9R1LA-sLM2ssijJL3EGALHCbIIlAAAA
.adsrvr.org/	1970-01-21 00:10:57	Name: TDID Value: 4c558bc2-c027-4de9-bd7e-da5174e1fe52
.tapad.com/	1970-01-20 16:50:19	Name: TapAd_3WAY_SYNCS Value: 1!6830
.googleadservices.com/	1970-01-20 17:33:31	Name: ar_debug Value: 1
.id5-sync.com/	1970-01-20 17:33:31	Name: id5 Value: a21597f5-c497-7292-ac92-b16457ea4bf5#1697035145796#2
.id5-sync.com/	1970-01-20 17:33:31	Name: 3pi Value:
.logly.co.jp/	1970-01-21 00:09:31	Name: uid Value: bdIt4yvMVoUzQdLLOI9Sx_Yfm6Y
.criteo.com/	1970-01-21 00:45:31	Name: uid Value: 2bd7580b-51d0-4e6e-867e-91221d6e8ea1
.ahm11rxu.pics/	1970-01-21 00:45:31	Name: cto_bundle Value: geH6Z193JTJCYmZKQXNDUDZDeTdFNjFDUFRXeWo4clhmWkhFZWcxeDlOa09yZDdtbXRzJTJGQjl3WFNJcDFZOUt0a2IxSU9vV0QyQ0NrSXNLUGZHa01HVU9ZZWFtc0IlMkZUaUpFVDViMW9NJTJGZnBQeXZQSTVXak1jYVZTUDBOJTJCdGd4V1RwTVFLemVBbXIlMkZHd3Ftb0RvaXRQYkFPRm9qWlElM0QlM0Q
.deepintent.com/	1970-01-21 00:59:55	Name: CDIUSER Value: di_964de24b790c4588a032b
.deepintent.com/	1970-01-21 00:59:55	Name: CDIPARTNERS Value: %7B%221%22%3A%2220231011%22%7D
sync.srv.stackadapt.com/	1970-01-21 00:09:31	Name: sa-user-id Value: s%3A0-de34c3d2-a910-51e7-748b-9e12f0d5ce46.YcbwYiIad2wHv3SFZXAk3%2FUg4DBMnJnbyeCPlWPmlgg
.srv.stackadapt.com/	1970-01-21 00:09:31	Name: sa-user-id Value: s%3A0-de34c3d2-a910-51e7-748b-9e12f0d5ce46.YcbwYiIad2wHv3SFZXAk3%2FUg4DBMnJnbyeCPlWPmlgg
sync.srv.stackadapt.com/	1970-01-21 00:09:31	Name: sa-user-id-v2 Value: s%3A3jTD0qkQUed0i54S8NXORiaEdks.c%2F4Jt8jpdMFIcv0wQHjaOENNOlOYGhM0dOX7ojk%2BI3Q
.srv.stackadapt.com/	1970-01-21 00:09:31	Name: sa-user-id-v2 Value: s%3A3jTD0qkQUed0i54S8NXORiaEdks.c%2F4Jt8jpdMFIcv0wQHjaOENNOlOYGhM0dOX7ojk%2BI3Q
sync.srv.stackadapt.com/	1970-01-21 00:09:31	Name: sa-user-id-v3 Value: s%3AAQAKINTBx7vLGq6MGVcMD1rudXKdet5DsK0Q-gyjzIsPbHIKEHwYBCCL55qpBjABOgSAjA8ZQgQKRs_P.mqmIYF7Lwqa%2FIuVtfnBzAHUZa3OIQ4M87ecdRDJZBkQ
.srv.stackadapt.com/	1970-01-21 00:09:31	Name: sa-user-id-v3 Value: s%3AAQAKINTBx7vLGq6MGVcMD1rudXKdet5DsK0Q-gyjzIsPbHIKEHwYBCCL55qpBjABOgSAjA8ZQgQKRs_P.mqmIYF7Lwqa%2FIuVtfnBzAHUZa3OIQ4M87ecdRDJZBkQ
.zemanta.com/	1970-01-21 00:09:31	Name: zuid Value: 55hjZ-7vJ-XU8rBSs5KS
.amazon-adsystem.com/	1970-01-20 21:44:04	Name: ad-id Value: A05kQKMGBEAYrBflm-xGHnQ
.amazon-adsystem.com/	1970-01-21 00:59:55	Name: ad-privacy Value: 0
.adsrvr.org/	1970-01-21 00:10:57	Name: TDCPM Value: CAESFAoFdGFwYWQSCwj8jJ6nu5ylPBAFEhUKBmNhc2FsZRILCJq55bi7nKU8EAUSFgoHcnViaWNvbhILCJDzi727nKU8EAUYBSADKAIyCwjsndPT0ZylPBAFOAE.
.linkedin.com/	1970-01-21 00:09:31	Name: bcookie Value: "v=2&3da69f09-741e-4141-874f-cfc4e31c1837"
.linkedin.com/	1970-01-20 15:25:21	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3143:u=1:x=1:i=1697035148:t=1697121548:v=2:sig=AQGLN6WgZp943HGZVFEpm5GRNdhdDeo_"
.bidr.io/	1970-01-21 00:52:28	Name: bito Value: AAB-OU7KTWcAABya-w6lJQ
.bidr.io/	1970-01-21 00:52:28	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 17:33:31	Name: anj Value: dTM7k!M40DF7/.XF']wIg2C%uly$.a!]tbP6j2F-.aDyjByG0>mtJ'o4z0y?ABx75e<(VBXbh0TU$')E:4=sB!!=aFXI#wq
.adnxs.com/	1970-01-20 17:33:31	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxOTFVXT0JTLVUtNDc2QyIsImV4cGlyZXMiOiIyMDI0LTAxLTA5VDE0OjM5OjA4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTExVDE0OjM5OjA4WiJ9
.yahoo.com/	1970-01-21 00:09:52	Name: A3 Value: d=AQABBIyzJmUCEEUjKT2GVwcTpPdYtMrH-TYFEgEBAQEFKGUwZdxH0iMA_eMAAA&S=AQAAApI17q3NOSwhcXSi-MYAeiM
.primis.tech/	1970-01-20 15:59:55	Name: csuuid Value: 6526b38c9fd9d
.rubiconproject.com/	1970-01-21 00:09:31	Name: audit Value: 1\|mFVHqHkj5bEmKoM39QQPYKS5Bv7H1ouoxdnNVF8ci16zoyPc/fZWNdb8LJoFsgxGJRVbjF6FEFvkyoE6uD3zXiYbB5SW5XQ3atdxyOhtrrTQD5U7tEfUTQ==
.lijit.com/	1970-01-21 00:09:31	Name: ljt_reader Value: Hd_PdQZHlZzhe2dYTJm4Qcju
.analytics.yahoo.com/	1970-01-21 00:09:31	Name: IDSYNC Value: "18vk~2ef2:19e0~2ef2"
.lijit.com/	1970-01-21 00:09:31	Name: _ljtrtb_80 Value: LNLUWOBS-U-476C
.sharethrough.com/	1970-01-20 16:07:07	Name: stx_user_id Value: 86782758-5a6a-4478-b7cf-76dd8410890f
.prebid.a-mo.net/	1970-01-20 15:25:21	Name: _sv3_7 Value: 1
.a-mo.net/	1970-01-21 00:09:31	Name: amuid2 Value: 61cba15b-baa0-420f-8e32-b722d0e566be
.prebid.a-mo.net/	1970-01-21 00:09:31	Name: sd_amuid2 Value: 61cba15b-baa0-420f-8e32-b722d0e566be
.intentiq.com/	1970-01-21 00:59:55	Name: intentIQ Value: H98kEVDR3g
.intentiq.com/	1970-01-21 00:59:55	Name: IQver Value: 1.9
.hb.yahoo.net/	1970-01-20 19:43:07	Name: visitor-id Value: 3400367491524323000V10
.hb.yahoo.net/	1970-01-21 00:09:31	Name: data-mag Value: LNLUWOBS-U-476C~~63
.intentiq.com/	1970-01-21 00:59:55	Name: intentIQCDate Value: 1697035149614
.intentiq.com/	1970-01-21 00:59:55	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 00:59:55	Name: CSDT Value: UEQ6MTUxMDZfMCZUc09BWGZF
.intentiq.com/	1970-01-21 00:59:55	Name: IQPData Value: 646215243#1697035149610#0#1697035149610

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622193293525466&output=html&adk=1812271804&adf=3025194257&lmt=1697071142&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fahm11rxu.pics%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697035141964&bpp=4&bdt=1030&idt=298&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7545956587250&frm=20&pv=2&ga_vid=555113298.1697035142&ga_sid=1697035142&ga_hid=1750327119&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31078597%2C44804783%2C44805099&oid=2&pvsid=2080221586828470&tmod=1383292606&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ahm11rxu.pics/oo/futaba/m.gif?media=bravo-m.futabanet.jp&skin=leafs%2Fpage&id=123786&category=news&subcategory=%2Ctozan%2C%E7%99%BB%E5%B1%B1%2C%E3%81%9D%E3%81%AE%E4%BB%96%E7%99%BB%E5%B1%B1%2C%E3%81%9D%E3%81%AE%E4%BB%96%2C&model=&modelid=&host=ahm11rxu.pics&path=%2F&rhost=&rpath=&rd=0.9252462140403961 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

571b20022a908d3bf4e43b388d1863c3.safeframe.googlesyndication.com
a.rfihub.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.rubiconproject.com
ads.yieldmo.com
ahm11rxu.pics
ajax.googleapis.com
analytics.pangle-ads.com
audiencedata.im-apps.net
b1sync.zemanta.com
bidder.criteo.com
bravo-m.ismcdn.jp
cc.adingo.jp
cdn.ampproject.org
cdn.cookie.sync.usonar.jp
cdn.indexww.com
cdn.jsdelivr.net
cdn.kitchen.juicer.cc
ce.lijit.com
cm.g.doubleclick.net
cs.media.net
csi.gstatic.com
dclk-match.dotomi.com
dmp.im-apps.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
htlb.casalemedia.com
ib.adnxs.com
in.treasuredata.com
js-sec.indexww.com
juicer-lift.s3-ap-northeast-1.amazonaws.com
kitchen.juicer.cc
live.primis.tech
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel.rubiconproject.com
pixel.tapad.com
polyfill.io
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
px.ads.linkedin.com
r.turn.com
r3---sn-q4flrnek.gvt1.com
redirector.gvt1.com
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
sync.inmobi.com
sync.intentiq.com
sync.logly.co.jp
sync.srv.stackadapt.com
sync.teads.tv
sync1.intentiq.com
token.rubiconproject.com
tpc.googlesyndication.com
ums.acuityplatform.com
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
sync.inmobi.com
104.126.118.200
104.18.25.18
104.18.26.193
104.18.27.193
142.250.65.162
142.250.80.98
147.75.198.144
18.173.219.12
18.211.184.20
199.38.167.130
23.196.56.215
23.206.252.26
23.206.253.150
23.32.172.185
23.40.179.62
23.40.179.64
23.47.170.102
2600:141b:1c00:19::17c8:5823
2600:1901:0:e207::
2600:1f18:4e9:5a01:6467:a5d7:cd4a:7efc
2600:9000:211c:ea00:18:f049:c740:93a1
2600:9000:23cb:dc00:12:6e90:f080:93a1
2600:9000:24f1:a00:18:1fcd:353:c61
2600:9000:2512:3e00:1a:5235:f980:93a1
2600:9000:26fa:ae00:1b:6b7d:2300:93a1
2602:803:c002:200::62
2606:4700:3036::ac43:850c
2606:ae80:1471:13::760
2607:f8b0:4000:47::8
2607:f8b0:4004:c08::78
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::200a
2607:f8b0:4006:824::200e
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a04:4e42:400::714
2a04:4e42:600::485
2a04:4e42:e00::282
3.219.155.81
34.111.113.62
34.200.65.202
34.230.251.138
35.173.32.60
35.76.76.91
38.91.45.7
44.216.52.233
44.217.1.110
52.219.150.30
52.223.40.198
52.46.130.91
52.71.211.164
54.226.144.195
54.235.252.130
54.92.125.230
63.251.114.136
64.202.112.63
67.220.228.202
68.67.179.155
69.173.151.100
69.90.254.78
74.119.119.139
007bc38a0ca9e23f5e83b94e667115d0edb030bba227cd530f63e213497cc5a3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03091625cb324d9b6f25c11e6c1b4852931a59cc6a01e9842609119c00c26739
036793d3b8b0e882629495dec0212a0efc96695e55ecd5578a7230f6b35acd9c
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
05cd0335f54dfe81f50cfaaf88502676d23947bb6256721bc113b240694c5baa
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
0839adb79f12aa435527d3a4604353d4d2fa366ce1a32d0f284ad2011b59c825
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf5d627ac3c0d574c9015cfb7fe8ec408948f2de29405dc76bd495209611e74
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
12c78cfcbd44246501cb3af3691f0e9d547937ab25c9be41886941dcb7eb4d82
143d0a6c231ac0d9c0c3c8f54d18813dace25de60a8d1a9a1d897136d7b4693e
16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
183887016b752962f110258ead522c5363f6243c4defe1ea93c3245f70b9dfc1
18916317ceac9ec52a0dc2146a156a6ce62b619b0bc441c223248c705b4dfea9
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1a1eaf2521a055a3af6c2680c352290e75ca8e5c872c983f91cf6d87c3cddc3f
1b50a0a928b2fe06460f184b1a87766726b57a06a141e27795a993a81738b15a
1c08aa1df70a43171fcf1da525a0d82108065f2c10a15ecf882cf50f3e2344dd
1c415ed5efa93c4e3793a7a109f83238beb3f774463e953e9d2556fd246ca782
2046881e89dff423f24cae2d512804b147f2ced339932fd0bda7113c8dd9eced
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22ca529eb465b28396abb8e473e8ac6d14193e18d2e9c113bcadb9fe57695c5e
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
28392238b1eda8dc9e36c05b64e43c49ece7503b90dcc5e3706a4e5b650fe1d7
2dad66aaaec2502bae9ebe0635496b5bf666d1e65d14f763b2787a0b7cbe881b
2ea1618bc38fa25a6baeb5b17ecd61759add85708a6a43950919f4df34250e1e
2ec573f21fef86d447a094a0bcdbe154ac19bb5077b597a7a7f83b9bc835a6f4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
340cd2198537871bb929a462bf7420648f1adeb2924a9a79094824c103e7e3a4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
373ef372dd7ff416b232efbe1ce06f6397fe7b8fac997a9167055b5a42b86764
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c8dd690d8a33d3f48545cf5bdf155061efb7e95b5054f24cf6b891302e2e2ea
3cc4fe79dc62454a9deadc10e105b191561aa1d5894ec052c95c1dbe609aecba
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3d406b3427a99d78dcf63fa1d55a0bd832620b02f9a3e427356460b198fbc8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3d9b32f05a75b551ab19090f6378b0c7364e8a4abc1a90a8b07a70addcb1b3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c532ca70bd3406caaeb443f83971c56cc4b97fe40b4a2d6288b514db7ec062
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45acaeb64a318b777b7ebc54d109c9f5e48e7d01c33ad4d2c3514292d884f977
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4721cdc736887ef400a633428825ba3845d4cb8a84951ca6844503a3c6a9dacd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4992623bfc6836353138e2b458636e76a8862c24c8d0fe38361d82ad0c9508e7
499a51f7a8056c1021b5adb4b3cb3639636728427a44a3de87d4456a2c13cb41
49ede9b888a46fcda98f0ec04cadec882fee007a264ea691917b95f72e5073ba
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
539db8720494ccac2ed6042940713ba983b564a74eda346d2fbe04e08e98d2a7
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a97b920e4e39220d9f33c3b18fccc1d5971dfe7a538420fb7bd86ba0f863be
582b44ca18e9867127a74998bcec430ad8cf327a1fb00c5e651a2360d905caf0
59106d12574844a345283e4835b9e553770cd2a1033bca26add0bce6510fb052
5dc280f17d00e8a1b9f05ac2bac39994b576fc49b80a42c0e2bb5dfa2fc38170
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
617a8c03bc199718a77329e9fcf0504ab56497479b9e10dc30e0e14c98a4bfdc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67bc306d7941ffcee222ef28dac00f2e1dfc5ed15d5c545aaa5027b7752ba24c
6ce109030f98aa8f736561d4f03aa73896362e2cc6458feb32d8f5cb912db351
70d35d43a6310fe9a0d89413c0433af3c0593d950aa14c01b6fdf507b0d5feab
71dd2e7acef7e282793d01dcdd18c6e935ac0f400e49e94b6f6637a79da71af5
7be2c7e8cce151e9031fea57d971e470d8f5103f03fd313f7e25d1b812c642ea
7caaed55c522743e42d6ad4d939e5a8c5956599ef468c1abeac7b4a2d9adf3a6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80bbf987f34855c51dabe3ea19e2e4148b8916a871d191824dbeebd8616ceea7
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
81e8648bfe86a38a4a825270d8dbab74491d04947469d320a37f7ad4cfe867f0
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
85a2eadf71eb38663b33593605ab2c3766b66fd7df265dcb165e19811dc196c3
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
894af9427a92864bd588606b9a486f0d4bf395742b9243afe31691c237e8c031
8db52fdea2f514df3abf434dae05727dfe8d3740e49072dc654546506e772f6b
92f87952c50630d9c151966d4a60821fbf1ae2d54521086ab7f66fe7a0a95ffe
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
960eb62509087c8348b640e00bc6253a0c322470eaf644d8fb91f6660d9533ec
999956c24c190f7f757e66f0d26788e459ae58ab376c3577bc5dd75df8ae1494
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd99165e7966006945ff4ab5f9735648b8e624b11fcd77deda61c739c8f3b95
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9d991d673745ab5dd75c3ca86a7aac7a7b998d5e8d009c67732fa7bea0bb82bf
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a33b9cb7be6394bbbb02202baae100cf6d2e1ecb0121411da04fabcfcbfb2ed8
a478900b93b6d8bcfb41d17acfbc034c885d685f7c4e9f59106e22faffe2b8d3
a6fab6bc0dcefd89a4ef44e312a12a422022c6795c49ead9eff48284a3c84240
a7c8a846c6759b882e95b1005b4ffd9201eeba2ae5bb48de360d58048fc674f7
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af006a5352ba9739e60b4cd6d5b2e35f23d6f3e5c111946308badc55ee16828d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b321bc9876facc5b7e38a4e4510c569032e28a1498f67ebf31cab917333fe709
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
b3e60cf44ab9e1c70e0ac587149d640cfcf4390ba8e7f4152f9b44c077b463ba
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bb7c4e0cf1897be27fae302901cf1337945d8249bff863152759ca471808ec5a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26c584737a56c53569500a07782fc36f3f74d079475dbf38295f0ce3dd429d1
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c52249f2bbea53c346356d0d3e6936c4c3cf200054f0821eda122175d9d54e55
c6bc05a4e74e6c87cebf9a485054f4f28c32eb4dc57100ea3aa3f382e25abc66
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
ce673f029c11857478eb72842b5b956b37d981a70ca7a08a597fdb2069c802ce
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1bc4b5f08aa0b87aa9a2ab19eacb03441dc4978e78d095f5b1663ee0d3c67bc
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4bdecf04f2c9314696c2f2f74ab3438b5670396cc05ffaf27b5d04859fd19ac
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da32307abc3d8014fbf7c8e4ece7e8180303ba1146a8075e25cd7007c9da7747
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
dd81e9f5d40a61872986376ee4e7b569a79a4913b04a629029bc3156c743a45b
df62136d3ace42c9fc4d066db3552580e8a507b76152cc0ed088ebbc695bb601
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bad3d4594b7342fc439e89c989cd83c8f75bcaecc00f95ca78fd42aa7aaede
e4fc5e6306e73720b79085bea3093b0765e3d14cae21bae2c687816aafeec151
e5cbb5b11bed15a7f3c57affd9dbee18c8c5c0649880f06794568deb47c8b6f1
e5df71bd84c3ef10303217795383dce4020bb9bf8a3c8ea918545d2ff7ce7fb5
e62dfac84d8232899682bc860b884754236024dd280dae51906a7185b575c622
e64b40f47f6671d38a61f88a50564b8f5600aee3abbc0f64651675745d8ac577
e74176959de176588fa6f15f4339f6ce331bd9639ea9bb6c5f42372d9b291b76
ecf6e2dfcd7a0bfc92547cf972c024659ccea7696fb80a660ffbef32fbabd3f1
ed0e083102350ca67f46afd29329c2be6994ad11e62e44e491e22f12fea9bd39
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ee7950fc5d6e6b1166ec8b9d5a6611cbff642c877124d57ed8162dceff9c3368
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bf81f7cec79fde4d594be203b20ddce637c4d01010f1ec250e510a32023ded
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f645d589a8f7eebdc28993c4ca72cd264d3ae3f68d09af5d4da1e6c3b47636ec
f68a7333fcd1059c6510fd2b11b03e772ac9343b5bece1ad4371cb5b57804a24
f74833d7d6275a561e73863a007e091775c4cde45b25b9c56cfee421317aa446
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc1a36df183b74ae9bd6f966b131ea0e5f69c2f134c7191ffd25a8a81575fdf9
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

ahm11rxu.pics Open in urlscan Pro 2606:4700:3036::ac43:850c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

292 Requests

84 %HTTPS

48 %IPv6

53 Domains

86 Subdomains

60 IPs

5 Countries

3999 kBTransfer

8389 kBSize

79 Cookies

10 Outgoing links

Redirected requests

292 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ahm11rxu.pics Open in urlscan Pro
2606:4700:3036::ac43:850c Public Scan

Screenshot
Live screenshot

Full Image

292
Requests

84 %
HTTPS

48 %
IPv6

53
Domains

86
Subdomains

60
IPs

5
Countries

3999 kB
Transfer

8389 kB
Size

79
Cookies

292 HTTP transactions
14 data transactions