www.orlytaitzesq.com Open in urlscan Pro
67.20.113.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orlytaitzesq.com/
Effective URL:
http://www.orlytaitzesq.com/
Submission Tags: falconsandbox
Submission: On November 20 via api (November 20th 2020, 1:35:46 am UTC) from US

Summary HTTP 256 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 29 domains to perform 256 HTTP transactions. The main IP is 67.20.113.97, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.orlytaitzesq.com.

This is the only time www.orlytaitzesq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	67.20.113.97 67.20.113.97	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	3.210.81.118 3.210.81.118	14618 (AMAZON-AES) (AMAZON-AES)
2 2	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
2	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
30	2606:4700:10:... 2606:4700:10::6816:555	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	35.241.35.213 35.241.35.213	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2005	15169 (GOOGLE) (GOOGLE)
1 2	193.189.143.34 193.189.143.34	34948 (TYPHON-AS) (TYPHON-AS)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	54.192.229.87 54.192.229.87	16509 (AMAZON-02) (AMAZON-02)
1	143.204.201.114 143.204.201.114	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	52.207.113.150 52.207.113.150	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	54.192.229.86 54.192.229.86	16509 (AMAZON-02) (AMAZON-02)
1 1	72.21.202.25 72.21.202.25	16509 (AMAZON-02) (AMAZON-02)
1 1	3.23.172.181 3.23.172.181	16509 (AMAZON-02) (AMAZON-02)
1	13.35.18.134 13.35.18.134	16509 (AMAZON-02) (AMAZON-02)
4	104.215.88.166 104.215.88.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	34.98.126.214 34.98.126.214	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:803::2010	15169 (GOOGLE) (GOOGLE)
2 72	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
37	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4009:81c::2003	15169 (GOOGLE) (GOOGLE)
2	13.35.253.118 13.35.253.118	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
256	36

27 67.20.113.97 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: host2075.hostmonster.com

orlytaitzesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.orlytaitzesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.210.81.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-81-118.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.21 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:10::6816:555 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thegatewaypundit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.35.213 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 213.35.241.35.bc.googleusercontent.com

media.breitbart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2005 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mail.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.189.143.34 (Ankara, Turkey) 1 redirects

ASN34948 (TYPHON-AS, FR)
PTR: www.netvibes.com

www.netvibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

us.i1.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

buttons.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.229.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-87.waw50.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-114.fra53.r.cloudfront.net

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.113.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-113-150.compute-1.amazonaws.com

www.petition2congress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.229.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-86.waw50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.202.25 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cloudfront-labs.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.23.172.181 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.18.134 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-18-134.sin5.r.cloudfront.net

abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.215.88.166 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.126.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.126.98.34.bc.googleusercontent.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6eb15277e7829a510c29fc3c4840b5c7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
92713f7f149d5899b76f48411c2075dd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ba0827bec1644166cbbd0d6728cbb6c6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3ecfcd4e5e13f1bcb54b0907058aa30b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
22b382d475a5b4e590d5e060899505cc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
974fb119e4e402415781d0de7af8b2da.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b858f05e4df9e0be9c6e4add1e73bb48.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4009:81c::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-118.fra6.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	googlesyndication.com buttons.googlesyndication.com 6eb15277e7829a510c29fc3c4840b5c7.safeframe.googlesyndication.com 92713f7f149d5899b76f48411c2075dd.safeframe.googlesyndication.com ba0827bec1644166cbbd0d6728cbb6c6.safeframe.googlesyndication.com 3ecfcd4e5e13f1bcb54b0907058aa30b.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 22b382d475a5b4e590d5e060899505cc.safeframe.googlesyndication.com e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com 974fb119e4e402415781d0de7af8b2da.safeframe.googlesyndication.com b858f05e4df9e0be9c6e4add1e73bb48.safeframe.googlesyndication.com	397 KB
38	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	931 KB
30	thegatewaypundit.com www.thegatewaypundit.com	303 KB
27	orlytaitzesq.com 1 redirects orlytaitzesq.com www.orlytaitzesq.com	547 KB
19	googletagservices.com www.googletagservices.com	494 KB
11	google.com mail.google.com adservice.google.com	2 KB
8	twitter.com platform.twitter.com syndication.twitter.com	63 KB
6	google.de adservice.google.de	1 KB
5	ampproject.org cdn.ampproject.org	97 KB
5	gstatic.com csi.gstatic.com fonts.gstatic.com	30 KB
5	googleapis.com storage.googleapis.com fonts.googleapis.com	1 MB
4	google.pl adservice.google.pl	1 KB
4	lanistaads.com api.lanistaads.com	1 KB
4	mthsense.com ads3.mthsense.com	14 KB
4	cloudfront.net d31qbv1cthcecs.cloudfront.net abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net d2tbmvllb55wxq.cloudfront.net	5 KB
3	gweini.com s.gweini.com fs.gweini.com	17 KB
2	googleadservices.com partner.googleadservices.com	610 B
2	youtube.com www.youtube.com
2	google-analytics.com www.google-analytics.com	17 KB
2	netvibes.com 1 redirects www.netvibes.com	1 KB
2	breitbart.com media.breitbart.com	93 KB
2	paypalobjects.com www.paypalobjects.com	4 KB
2	paypal.com 2 redirects www.paypal.com	1 KB
1	a2z.com 1 redirects redirect.prod.experiment.routing.cloudfront.aws.a2z.com	242 B
1	amazonaws.com 1 redirects cloudfront-labs.amazonaws.com	186 B
1	alexametrics.com certify.alexametrics.com	552 B
1	w.org s.w.org	935 B
1	petition2congress.com www.petition2congress.com
1	yimg.com us.i1.yimg.com	2 KB
256	29

	Domain	Requested by
35	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.orlytaitzesq.com pagead2.googlesyndication.com
35	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.orlytaitzesq.com
30	www.thegatewaypundit.com	www.orlytaitzesq.com
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.orlytaitzesq.com cdn.ampproject.org pagead2.googlesyndication.com
26	www.orlytaitzesq.com	www.orlytaitzesq.com
19	www.googletagservices.com	www.orlytaitzesq.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
10	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	platform.twitter.com	www.orlytaitzesq.com platform.twitter.com
6	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	adservice.google.pl	securepubads.g.doubleclick.net
4	storage.googleapis.com	ads3.mthsense.com
4	api.lanistaads.com	www.orlytaitzesq.com
4	ads3.mthsense.com	fs.gweini.com
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
2	d2tbmvllb55wxq.cloudfront.net	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.youtube.com	www.orlytaitzesq.com
2	www.google-analytics.com	www.orlytaitzesq.com
2	www.netvibes.com	1 redirects www.orlytaitzesq.com
2	media.breitbart.com	www.orlytaitzesq.com
2	www.paypalobjects.com	www.orlytaitzesq.com
2	www.paypal.com	2 redirects
2	s.gweini.com	www.orlytaitzesq.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	b858f05e4df9e0be9c6e4add1e73bb48.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	974fb119e4e402415781d0de7af8b2da.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	22b382d475a5b4e590d5e060899505cc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	3ecfcd4e5e13f1bcb54b0907058aa30b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ba0827bec1644166cbbd0d6728cbb6c6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	92713f7f149d5899b76f48411c2075dd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	6eb15277e7829a510c29fc3c4840b5c7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	syndication.twitter.com	www.orlytaitzesq.com
1	abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net	www.orlytaitzesq.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	1 redirects
1	cloudfront-labs.amazonaws.com	1 redirects
1	certify.alexametrics.com	www.orlytaitzesq.com
1	s.w.org	www.orlytaitzesq.com
1	www.petition2congress.com	www.orlytaitzesq.com
1	fs.gweini.com	s.gweini.com
1	d31qbv1cthcecs.cloudfront.net	www.orlytaitzesq.com
1	buttons.googlesyndication.com	www.orlytaitzesq.com
1	us.i1.yimg.com	www.orlytaitzesq.com
1	mail.google.com	www.orlytaitzesq.com
1	orlytaitzesq.com	1 redirects
256	48

This site contains links to these domains. Also see Links.

Domain
taitzreport.com
www.drtaitz.com
www.taitzofficesuites.com
www.democracydocket.com
www.thegatewaypundit.com
www.breitbart.com
news.google.com
www.foxnews.com
da.lacounty.gov
www.netvibes.com
add.my.yahoo.com
fusion.google.com
www.feedly.com
www.petition2congress.com
petitions.whitehouse.gov
plus.google.com
www.youtube.com
www.facebook.com
www.orlytaitzforussenate2012.com
www.videospromo.com
www.washingtonamerica.com
www.elementsofseo.com
www.drewstauffer.com
www.alibiproductions.com

Subject Issuer	Validity	Valid
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.breitbart.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-06-27`	2 years	crt.sh
mail.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.netvibes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-25` - `2021-08-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.pl GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 36 frames:

Primary Page: http://www.orlytaitzesq.com/
Frame ID: 1D2CD6BA2868A701E2240EC16EFF75C7
Requests: 82 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Frame ID: BAAB8D1092131C7EC6DD7EE97AA9B5CB
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Frame ID: 4C0EB2C734B873091E35453703507BFA
Requests: 1 HTTP requests in this frame

Frame: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Frame ID: 257850EDC0A0EA478E0D3F947E287352
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Frame ID: C6D86DF11EFBDB5D56C17E265831246A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1329261913834991616&lang=en&origin=http%3A%2F%2Fwww.orlytaitzesq.com%2F&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=500px
Frame ID: 217E00934A117821A5728125F7AAF655
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: 32A22A82F0518A425F37ECE1C4A62554
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Frame ID: F1CA26B0D4600CA76D73B45F6139004B
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Frame ID: 985E0BB44BC7AC2CB2D82307D4C26B18
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Frame ID: 4EBE1BCF1C5CAD2E2F6F222867A15A94
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Frame ID: E16B0CDCD66F48A65BDE12319F6187EC
Requests: 1 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 1CCC66B26CBE3593D0F7F4409F4AC9EC
Requests: 12 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: CB60BEF8F677AF6E95897B178D6475A0
Requests: 12 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 0AA0700B9DACDDD24F6336F604316E53
Requests: 11 HTTP requests in this frame

Frame: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: A5364BC876AB86D2E9C365B37ACB71DB
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyXlRjAWu4uasVqNH9Ui_bsDt2oLaNm-K1p3t_ZK2NrbOAaLusCUeBYkxyNnw9--SrG1Jl6jyZE4p-nVbGYx-sKozknekP_173oW3SZ6pbz3yiTx2ZARgWDu1CaCNZb8LeGUpw_sESkCLi86WzgOEnKSwt14s9hZi4rMOLN3R7FpbhKG4b7cg-vvrVvx1hF287_v6SlgSjEhc-_mTXHgGnumW783UHTXMmGcv-TgGVrRYheTAF_Z3lWFRRJhbbDMnj8vhYtJ8DMB4wH_CgkVYFnj8&sig=Cg0ArKJSzLnOkdIUcAqoEAE&urlfix=1&adurl=
Frame ID: 0D7399267B1AE2A7644CF0FCF51F2A31
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGP_rCeu9oHOvlqqlc3nn8bt8mEzbxqglbtcEkKy2wO6pY-bMVkW6dg5G6qpoz4rVK3eRHenOZeR0ZQvbt1PQfBiez4U0ld8ZAKl3d0dWK0s1xNr624Uco3bijAWBzGDTR-4hVNt1WrDK8fxIRmqYzK4AdcqM-vY3beki6PuEdxOZY7ALHuN-von9VI5I7t05OwbamTpL5KFo22mxqqiTkRFcUBXAhIsCWeOTt-bFcVWv4kfNhq55aN6gdvunGd5Oejdb-Z5PRsbZJ5mV__hs55nc&sig=Cg0ArKJSzFgCYl9_N_JuEAE&urlfix=1&adurl=
Frame ID: AB6C5126EB3C8FFCB424A3834A99CE37
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 237AAFB767FF185016C0E5ADB452488F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4r-3grUbZNCclxh_ry8zGMzVYgeOpPI4mGIsVpBq6SpWUMzUrPheU6H2l7K1uVT3jqflMzj2XybioClDjNXH3-LZhRjfF-a2SjwRvDk8qoWO3mbu2LsxcnNmeSv7KCv8-dDiG5FmClItYlQKKpH2U8T6qwNsVOCQKTYfgibuhehS2Jx7uCmhswsImdsW9C5hrF8JXDFuwocayq_aVoG1eEFgFiQk3rnHf6kNKNls1Wyr3yBcSSlvVWIoaeeuyEaIq7dUFdhjgwjN_Q1vG6kR6sgQ&sig=Cg0ArKJSzFXfyXVtI-oSEAE&urlfix=1&adurl=
Frame ID: BF706BCC8B973E2218DC3E3E47403CD2
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1IdPz_SNrInBW69QKOEiQwQlEiDG_2QOFkDip9Lp4smawHH4kA34wsPz9etU26pAHM1dUgcC6qh3cgXkxMzL-eurqd2dgcVzR60u2RdnRS9KA9QZ-vM4gPtDjad2GDOZygC3wH2llsJit5UhgAAOej8iCcHBtNoP0rsRu8-RwPESKGbwSw1o-7mStTNsBIIizwEBOl6Qcb2sMy8B0iVDklHLE-niFro492eYpE2eL6tHBpsmFacrir5V3XCBkl6itltPSOZiXzRAdMp3N2QH8p2M&sig=Cg0ArKJSzH2jgoLKpL9EEAE&urlfix=1&adurl=
Frame ID: 6145106929D3BA94943052F0EC344415
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: E65C6D800589978274B6C33D35D5A038
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: F0D0FF0DBA7A92C0FFD050043149B4EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 7AE9EC7A44FE1D6739670098E6DC4C04
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdMqvn5xKuSkZxCuNgCPAouwPXBKSzgBwfs7TJ_Ip7xDjURAbfgf8B-WXUlKuF2xO3XQzD51XvXYRGRz_kJQIVDFtKK072OFJweEqggSS1-Z9DbFibNrV-vbgUe75CKTW1KRflEv7zadGIq_E6qZcu0OiFz8OzMnhBOlsxgnrsFtet8CsZMKVy9cGiM0HmYPU8YAYJcnHMlbAgAtqrlXX3RcKCt4QfAyPJLCuQ2UGcvfQO5bjIp87MZHlpUWzln0SueLUpkR4ZbOYAvJPnH7mFFT1uuQ&sig=Cg0ArKJSzKxLbHRO9EgrEAE&urlfix=1&adurl=
Frame ID: E88141B821BF752A36A91771D3131890
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 574BE0602EF9665EC8E2B240E5391E6F
Requests: 1 HTTP requests in this frame

Frame: https://e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Frame ID: 572BF611C9967E6114AEB7873A7134F7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 43794DEAA9B4306733AE2674E5699D5D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuund9tl34-E8mwCOC85saHii8uDvrRI3bxMNtr_wyTcroCIfGDmXg87GgU4gsfyVZZX0iEaaYtcjy3hRcPrSP6FAaljMoGNxDo5ShUJs53IXCkyiozIuSNn-jF0naPiquYnviDJpt4-vA8t_oi2oxufO5hdKm5sPJ7wjAxYIv-6RsIxEQrrUkK-OI1ipmkU3ubN6qQUCErHEJZ3Bz5JmqODXhq3t4qrKLPhsFsE4SIp0JG0QAVf6iiEacO1VZ6ZktN2UQ4vl42Ut0mTUcWBVhCmbc7Yg&sig=Cg0ArKJSzFMq7IJMjAYFEAE&urlfix=1&adurl=
Frame ID: F2F5E39A12460AC8262FE9773BF876BD
Requests: 13 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Frame ID: F8116ACE31362C4DF1FC29AEFE31A4F9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 3D4D1936F262D4368E7A510197855B0F
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 551B9A9FA553BEA8CB2C2FD1DBB49846
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 76662436C9012942EC954D7B05BEA98C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: AF0554D4154C309D465798ECDBFFB414
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Frame ID: 2BE1112EC2282E69228550BBB3013184
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C374268A222F31C17A6F3F9884D577D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1C203ED9344BA577E4AC46CA900E16B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://orlytaitzesq.com/ HTTP 301
http://www.orlytaitzesq.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

256
Requests

79 %
HTTPS

50 %
IPv6

29
Domains

48
Subdomains

36
IPs

5
Countries

4233 kB
Transfer

7840 kB
Size

9
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: http://taitzreport.com/
Title: TaitzReport.com

Search URL Search Domain Scan URL

URL: http://www.drtaitz.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.taitzofficesuites.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.democracydocket.com/states/
Title: https://www.democracydocket.com/states/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/massive-criminal-voter-fraud-going-blow-mind-everyone-country-sidney-powell-dominion-systems-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/sidney-powell-smartmatic-voting-machines-chairman-board-peter-neffenger-named-joe-bidens-transition-team/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/ga-poll-watcher-expert-non-trump-supporter-affidavit-sudden-surge-20000-mail-votes-biden-early-hours-nov-5-approx-1000-votes-trump-disappeared/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/11/19/9-key-points-from-trump-campaign-press-conference-on-challenges-to-election-results/
Title: 9 Key Points from Trump Campaign Press Conference on Challenges to Election Results

Search URL Search Domain Scan URL

URL: https://news.google.com/articles/CAIiEPbCbcIBHcZdIntBknn9SswqGQgEKhAIACoHCAowzuOICzCZ4ocDMM7TqQY?hl=en-US&gl=US&ceid=US%3Aen
Title: Megyn Kelly says she’s leaving New York because ‘far left’ schools ‘have gone off the deep end’

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMM7jiAswmeKHAw?hl=en-US&gl=US&ceid=US%3Aen
Title: Daily Mail

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/developing-trump-team-lawyers-hold-presser-today-noon-clear-viable-path-victory/

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/category/us/los-angeles
Title: Los Angeles

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/category/politics/voting
Title: ballot applications

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/category/us/us-regions/west/california
Title: California

Search URL Search Domain Scan URL

URL: https://da.lacounty.gov/sites/default/files/press/111720-Pair-Charged-With-Voter-Fraud.pdf
Title: announced

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/wow-rudy-60000-ballots-milwaukee-county-40000-ballots-dane-county-tossed-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/breaking-rudy-giuliani-calls-682770-mail-ballots-thrown-due-fraud/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/will-not-intimidated-going-reclaim-united-states-america-sidney-powell-throws-rnc-presser-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/boom-sidney-powell-drops-moab-algorighm-plugged-steal-votes-president-trump-election-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/fbi-agents-arrest-cincinnati-democrat-accepting-bribes-exchange-votes/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/breaking-exclusive-steal-massive-expert-reveals-hundreds-thousands-trump-votes-shifted-biden-election-night/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/arizona-governor-will-not-accept-election-results-court-cases-settled/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/huge-attorney-sidney-powell-coinfirms-alleged-dominion-servers-germany-confiscated-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/fox-news-dumpster-fire-dana-perino-urges-dominion-voting-sue-rudy-giuliani-sidney-powell-attorney-lin-wood-responds/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/president-trump-many-avenues-victory-rudy-giuliani-shared-last-night/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/boom-election-fraud-expert-russ-ramsland-files-affidavit-showing-physical-impossibility-election-results-michigan/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/democrats-allocated-votes-civil-war-based-three-fifths-compromise-now-allocate-voting-machines/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/people-smiling-trump-attorney-jenna-ellis-posts-late-night-photo-rudy-giuliani-gen-flynn/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/breaking-wayne-county-michigan-election-board-republicans-rescind-votes-certifying-results-file-affidavits-families-threatened/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/rudy-giuliani-says-votes-sent-country-counted-company-venezuela-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/oh-no-12-republican-workers-picked-176-workers-wisconsin-recount/
Title: OH HELL NO! Only 12 Republican Workers Were Picked Out of 176 Workers in Wisconsin Recount!

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/breaking-4/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/fox-news-loses-msnbc-daytime-ratings-first-time-since-2001/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/president-trumps-executive-order-2018-covering-interference-us-elections-foreign-entities-looks-relevant-today/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/dominion-voting-machines-include-weighted-race-feature-whose-purpose-cheat-elections-contacted-dominion-not-get-response/
Title: Dominion Voting Machines ALL INCLUDE “Weighted Race Feature” Whose Only Purpose Is Cheat in Elections — We Contacted Dominion But Did Not Get a Response

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/caught-part-7-wisconsin-like-mi-ga-pa-va-caught-drop-roll-biden-gained-lead-massive-vote-dumps-rest-votes-possessed-biden-t/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/11/18/republican-canvassers-rescind-their-votes-to-certify-wayne-county-michigan-results/
Title: Michigan Mayhem Continues Republican Rescind Votes to Certify Wayne County Election Results

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/caught-part-6-michigan-georgia-like-pa-va-caught-pattern-biden-gained-lead-massive-vote-dumps-remainder-votes-possessed-biden-trump/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/happening-now-alex-jones-leading-crowd-trump-supporters-storming-georgia-state-capitol-video/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/welcome-america-venezuela-election-experience/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/category/free-venezuela/
Title: FREE VENEZUELA

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/report-georgia-elections-officials-instructed-state-report-original-vote-totals-not-recount-totals/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/dominion-voting-systems-not-pci-compliant-failed-10-12-requirements/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/11/trump-campaign-file-wisconsin-recount-two-counties/

Search URL Search Domain Scan URL

URL: http://www.netvibes.com/subscribe.php?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://add.my.yahoo.com/rss?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://fusion.google.com/add?feedurl=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.feedly.com/home#subscription/feed/http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.petition2congress.com/18945/ban-importation-200000-syrian-migrants-us/
Title: PETITION TO CONGRESS: Ban importation of 200,000 Syrian migrants into the US

Search URL Search Domain Scan URL

URL: https://petitions.whitehouse.gov/petition/institute-edward-snowden-national-whistleblower-patriots-against-government-corruption-day/Qhjys2vw

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/117378858973367836955/posts/KuCZfqzLPut
Title: CHANNEL (Google Plus)

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/DrOrlyTV
Title: SUBSCRIBE TO YOUTUBE

Search URL Search Domain Scan URL

URL: http://www.facebook.com/orlytaitz?ref=ts

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donateslogan.html

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donate.html
Title: RunOrlyRun.com

Search URL Search Domain Scan URL

URL: http://www.videospromo.com/
Title: Videography by Barbara Rosenfeld

Search URL Search Domain Scan URL

URL: http://www.washingtonamerica.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.elementsofseo.com/
Title: Elements of SEO

Search URL Search Domain Scan URL

URL: http://www.drewstauffer.com/
Title: Website Design

Search URL Search Domain Scan URL

URL: http://www.alibiproductions.com/html/website-development.html
Title: Accessible Website Development

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orlytaitzesq.com/ HTTP 301
http://www.orlytaitzesq.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 4

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 43

http://www.netvibes.com/img/add2netvibes.gif HTTP 301
https://www.netvibes.com/img/add2netvibes.gif

Request Chain 61

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 68

http://www.youtube.com/embed/OreNM9NDxlE?rel=0 HTTP 307
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Request Chain 69

http://www.youtube.com/embed/948FBVCqTu4?rel=0 HTTP 307
https://www.youtube.com/embed/948FBVCqTu4?rel=0

Request Chain 74

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1577307176&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1754935033&utmr=-&utmp=%2F&utmht=1605836128939&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1020210520.1605836129.1605836129.1605836129.1%3B%2B__utmz%3D209516236.1605836129.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=582174964&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1577307176&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1754935033&utmr=-&utmp=%2F&utmht=1605836128939&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1020210520.1605836129.1605836129.1605836129.1%3B%2B__utmz%3D209516236.1605836129.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=582174964&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 79

http://cloudfront-labs.amazonaws.com/x.png HTTP 301
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
http://abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net/test.png

Request Chain 206

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193766&pi=t.ma~as.9866181553&w=728&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605836130801&bpp=74&bdt=75&idt=261&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D24e3669d7d931baf%3AT%3D1605836130%3AS%3DALNI_MZweakwdHkf9WyZhZSxq-mhPRZ9Ww&correlator=3692054536676&frm=23&ife=4&pv=2&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=1453420012&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=552&ady=16&biw=1600&bih=1200&isw=728&ish=90&ifk=2772832079&scr_x=0&scr_y=0&oid=3&pvsid=3334703367340624&pem=297&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.uvjblcd316kb&fsb=1&dtd=319 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

Request Chain 236

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193769&pi=t.ma~as.9866181553&w=728&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605836131261&bpp=7&bdt=276&idt=341&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D24e3669d7d931baf-22d920293eb90001%3AT%3D1605836131%3ART%3D1605836131%3AS%3DALNI_MbMOyjDuN8VuudDMuCqTVVVl5hxrg&correlator=3692054536676&frm=23&ife=4&pv=1&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=1941828131&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=15657&biw=1600&bih=1200&isw=728&ish=90&ifk=2772832079&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=944300928043226&pem=297&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.7bkxboi8rudt&btvi=1&fsb=1&dtd=408 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

256 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.orlytaitzesq.com/
Redirect Chain

http://orlytaitzesq.com/
http://www.orlytaitzesq.com/

126 KB
42 KB

1928ms
1800ms

Document
text/html

67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: e34df181c4daec4aca7ff50934b75b946b90dfd4dd47ceabbfa8e847a5e4e22d

Request headers

Host: www.orlytaitzesq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:26 GMT
Server: Apache
Link: <http://www.orlytaitzesq.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 20 Nov 2020 01:35:24 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.orlytaitzesq.com/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.min.css
www.orlytaitzesq.com/wp-includes/css/dist/block-library/ 52 KB
10 KB 423ms
398ms Stylesheet
text/css 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 14:37:37 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 9824

GET
H/1.1 200
OK si_captcha.js Show response
www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/ 685 B
707 B 419ms
393ms Script
application/javascript 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/si_captcha.js?ver=1605836127
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Mar 2018 19:48:30 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 380

GET
H/1.1 404
Not Found gweiniClientV1.php
s.gweini.com/ 0
0 298ms
257ms Script
text/html 3.210.81.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 3.210.81.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-81-118.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

3 KB
3 KB

165ms
46ms

Image
image/gif

151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55aa10c520820efc278e36fe19790a41aca0bd582f202a7fae6637941a025ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1204842
x-cache: HIT, HIT
fastly-io-info: ifsz=2993 idim=147x47 ifmt=gif ofsz=2984 odim=147x47 ofmt=gif
paypal-debug-id: f53a0750bb730
fastly-stats: io=1
dc: slc-b-origin-www-2.paypal.com
content-length: 2984
x-served-by: cache-sjc10060-SJC, cache-hhn4082-HHN
x-timer: S1605836129.920149,VS0,VE0
etag: "dWrYZ+935H5E6HTlGcMhqTzjKO1EMA4bNVj6vFiR28w"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 2060, 7

Redirect headers

date: Fri, 20 Nov 2020 01:35:28 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1605836129.600159,VS0,VE154
x-served-by: cache-lhr7322-LHR, cache-hhn4076-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 3157552ffcab8
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 0
x-cache-hits: 0, 0

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

42 B
260 B

47ms
47ms

Image
image/gif

151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1204843
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 53f9fac256110
fastly-stats: io=1
dc: phx-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10033-SJC, cache-hhn4082-HHN
x-timer: S1605836129.937954,VS0,VE0
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 48299, 13

Redirect headers

date: Fri, 20 Nov 2020 01:35:28 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1605836129.688058,VS0,VE155
x-served-by: cache-lhr7359-LHR, cache-hhn4076-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: cfb3abed354ef
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0, 0

GET
H/1.1 200
OK 1Apple3b.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 41 KB
41 KB 221ms
213ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Apple3b.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 42198

GET
H/1.1 200
OK 1Office4a.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 34 KB
34 KB 224ms
217ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Office4a.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 34330

GET
H2 200 powell-voting-dominion-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 729ms
707ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/powell-voting-dominion-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 261275faae4ee3fa8c82e8c64700f12ce4bff66410d5f6a3dfd4dc64176bb67b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=13717
content-length: 12895
cf-request-id: 0684e3d9a600001f353d256000000001
last-modified: Mon, 16 Nov 2020 01:15:38 GMT
server: cloudflare
etag: "5fb1d2ba-3595"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c3cff1f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 peter-neffenger-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
10 KB 730ms
708ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/peter-neffenger-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed30ed233af3f2467e420a1e77cd6e2645912e03ae2cc0b687a13a8adcd6a097

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=10706
content-length: 10231
cf-request-id: 0684e3d9a600001f355d90e000000001
last-modified: Sun, 15 Nov 2020 21:45:09 GMT
server: cloudflare
etag: "5fb1a165-29d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c3d011f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 ballots-ga-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
10 KB 729ms
707ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/ballots-ga-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c92fdf17857106cbf957518931c2093e89a8117bb83d78d33a3f18c8a284ae

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=10537
content-length: 9914
cf-request-id: 0684e3d9a600001f35300e2000000001
last-modified: Sat, 14 Nov 2020 19:29:58 GMT
server: cloudflare
etag: "5fb03036-2929"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c3d021f35-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 14 KB
5 KB 273ms
255ms Script
application/javascript 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 14:37:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 4928

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 33ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 736
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/40DE)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 Rudy-Giuliani-Associated-Press-640x480.jpg
media.breitbart.com/media/2020/11/ 53 KB
54 KB 135ms
51ms Image
image/jpeg 35.241.35.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.breitbart.com/media/2020/11/Rudy-Giuliani-Associated-Press-640x480.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.35.241.35.bc.googleusercontent.com
Software: shield /
Resource Hash: 4e531c09549f103a84113e9d3d1ca00d268087f54fa60744bd8ac5fd9ddd22d2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 19 Nov 2020 19:14:46 GMT
server: shield
etag: "5fb6c426-d5c4"
content-type: image/jpeg
x-shield-request-id: d3e82bec53317f97fcecc819903ec6b8
cache-control: max-age=31556926
accept-ranges: bytes
alt-svc: clear, clear
content-length: 54724

GET
H2 200 Rudy-Giuliani-1-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 16ms
13ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Rudy-Giuliani-1-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2284859e007c0ca5b71c51cab40d3c883aad27ed01552771a54ae43fdc22da37

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1580
cf-polished: origSize=13666
content-length: 12933
cf-request-id: 0684e3d9b800001f3544b72000000001
last-modified: Sun, 08 Nov 2020 00:17:42 GMT
server: cloudflare
etag: "5fa73926-3562"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d241f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 cleardot.gif
mail.google.com/mail/u/0/images/ 43 B
429 B 26ms
6ms Image
image/gif 2a00:1450:4001:809::2005
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.google.com/mail/u/0/images/cleardot.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2005 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-WtOi3eik0iHN8FgVy/s7zg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://mail.google.com/mail/cspreport
Strict-Transport-Security	max-age=10886400; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'nonce-WtOi3eik0iHN8FgVy/s7zg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://mail.google.com/mail/cspreport
x-content-type-options: nosniff
server: GSE
age: 59421
date: Thu, 19 Nov 2020 09:05:07 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=10886400; includeSubdomains
alt-svc: clear
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 19 Nov 2021 09:05:07 GMT

GET
H2 200 Sidney-Powell-Rudy-Giuliani-Jenna-Ellis-Press-Conference-Screen-Image-11192020-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 25ms
23ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Sidney-Powell-Rudy-Giuliani-Jenna-Ellis-Press-Conference-Screen-Image-11192020-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e936a6ff6918d499ccc4a58817dd4a083e956aaa2d6e8139924c73b5c1a90d7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1082
cf-polished: origSize=14370
content-length: 13578
cf-request-id: 0684e3d9b900001f3552073000000001
last-modified: Thu, 19 Nov 2020 17:26:48 GMT
server: cloudflare
etag: "5fb6aad8-3822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d251f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 rudiy-giuliani-sidney-powell-jenna-ellis-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 710ms
708ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/rudiy-giuliani-sidney-powell-jenna-ellis-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6812a8f0e85be7e87cf05aeb4f7aeff4434f6d8f3dc302a17a856b62b7f17bf

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=13658
content-length: 12994
cf-request-id: 0684e3d9b900001f352aa6b000000001
last-modified: Thu, 19 Nov 2020 17:20:59 GMT
server: cloudflare
etag: "5fb6a97b-355a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d261f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 powell-rudy-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 12 KB
13 KB 24ms
22ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/powell-rudy-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc38ad0311ad130be347e637c2e3d954d400fb8036d35f6aea81a4910ad24cea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1222
cf-polished: origSize=13449
content-length: 12732
cf-request-id: 0684e3d9b900001f3564b3e000000001
last-modified: Thu, 19 Nov 2020 18:27:52 GMT
server: cloudflare
etag: "5fb6b928-3489"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d271f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 sidney-powell-drops-moab-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/sidney-powell-drops-moab-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e719d8fa82926d14f05a54aa4036de88cb9c4f63de1738a519ff7f90383d52e6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 219
cf-polished: origSize=14361
content-length: 13615
cf-request-id: 0684e3d9b900001f35512c6000000001
last-modified: Thu, 19 Nov 2020 18:01:59 GMT
server: cloudflare
etag: "5fb6b317-3819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d281f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 IMG_6678-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 8 KB
8 KB 17ms
15ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_6678-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b5d46cb52aee2f25fed79375e101c53e613d950efc1f69dceb27a887450c1a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 234
cf-polished: origSize=8690
content-length: 8086
cf-request-id: 0684e3d9b900001f355ba88000000001
last-modified: Thu, 19 Nov 2020 18:03:23 GMT
server: cloudflare
etag: "5fb6b36b-21f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d291f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A0266435-C620-4890-9DE5-F8D98A0FCF55-360x188.jpeg
www.thegatewaypundit.com/wp-content/uploads/ 9 KB
9 KB 24ms
22ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/A0266435-C620-4890-9DE5-F8D98A0FCF55-360x188.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 746a77454c435ea3ff0b95c7d8269058aa331b81ef62428f4e07b276536c76d3

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 237
cf-polished: origSize=9644
content-length: 9078
cf-request-id: 0684e3d9ba00001f3566ba1000000001
last-modified: Thu, 19 Nov 2020 16:46:27 GMT
server: cloudflare
etag: "5fb6a163-25ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d2a1f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 IMG_2272-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 8 KB
8 KB 19ms
17ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_2272-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20e6a960e098918a85fafc66d1bfa2d75a7063b7615cf578e475c33b5ad0b499

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1254
cf-polished: origSize=8529
content-length: 8132
cf-request-id: 0684e3d9ba00001f3549b7f000000001
last-modified: Mon, 29 Jun 2020 22:56:59 GMT
server: cloudflare
etag: "5efa71bb-2151"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d2c1f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 computer-raid-germany-police--360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 14 KB
14 KB 18ms
16ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/computer-raid-germany-police--360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c8af61043cce456a13f02c51b18bc1bad68d1fe34932447a3a844545826c6b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 707
cf-polished: origSize=15132
content-length: 14184
cf-request-id: 0684e3d9ba00001f353d257000000001
last-modified: Sat, 14 Nov 2020 03:42:26 GMT
server: cloudflare
etag: "5faf5222-3b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d2d1f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 rove-perino-1-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 24ms
22ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/rove-perino-1-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a027f27ca1710146533207f5237aef2162a2124468eacd136124beb522432010

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1429
cf-polished: origSize=13914
content-length: 13165
cf-request-id: 0684e3d9ba00001f3579885000000001
last-modified: Thu, 19 Nov 2020 22:33:27 GMT
server: cloudflare
etag: "5fb6f2b7-365a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d2e1f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Rudy-Giuliani-on-Newsmax-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 7 KB
7 KB 25ms
23ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Rudy-Giuliani-on-Newsmax-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299cfb7bb4fe64211da4b4bde79af3df1b685d23713affdc1de81359ac1606fa

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1580
cf-polished: origSize=7651
content-length: 7021
cf-request-id: 0684e3d9ba00001f35300e4000000001
last-modified: Thu, 19 Nov 2020 14:51:43 GMT
server: cloudflare
etag: "5fb6867f-1de3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d2f1f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Russ-Ramsland-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 9 KB
9 KB 18ms
16ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Russ-Ramsland-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f98499ab29b0cd9a98eb3454f94f09596e04952d9566a3b9ea0c2d6b78cfef

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1571
cf-polished: origSize=9545
content-length: 9056
cf-request-id: 0684e3d9ba00001f3525bc9000000001
last-modified: Mon, 16 Nov 2020 15:19:11 GMT
server: cloudflare
etag: "5fb2986f-2549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d301f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1-692-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 23ms
21ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/1-692-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43f2bca5f3b450ce0ebb9ef1f46a98c70782a9ac53e9d8d72c36ebb4dbdd9c5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 550
cf-polished: origSize=13674
content-length: 12892
cf-request-id: 0684e3d9bb00001f352b277000000001
last-modified: Tue, 10 Nov 2020 02:32:58 GMT
server: cloudflare
etag: "5fa9fbda-356a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d311f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Michael-Flynn-Jenna-Ellis-Rudy-Giuliani-Twitter-11192020-e1605767735571-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 12 KB
12 KB 22ms
20ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Michael-Flynn-Jenna-Ellis-Rudy-Giuliani-Twitter-11192020-e1605767735571-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08dc13a9d37170cf50ac4b17f98bbdceb05010bf473ffe134ae8e819b1919c15

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 548
cf-polished: origSize=12420
content-length: 11814
cf-request-id: 0684e3d9bb00001f357bb2b000000001
last-modified: Thu, 19 Nov 2020 06:35:35 GMT
server: cloudflare
etag: "5fb61237-3084"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d321f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 3-191-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 8 KB
8 KB 24ms
22ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/3-191-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a097c7831a8d96f2290acbed90eee2ac475ec536846d11cc181735422121b205

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 548
cf-polished: origSize=8759
content-length: 8203
cf-request-id: 0684e3d9bb00001f3527289000000001
last-modified: Wed, 04 Nov 2020 20:45:06 GMT
server: cloudflare
etag: "5fa312d2-2237"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d331f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Rudy-Giuliani-Smartmatic-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 6 KB
6 KB 706ms
704ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Rudy-Giuliani-Smartmatic-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2820f9372d876470bd214e0c4d0bdb5ae1d84acae01d126865174c0cd11c5ccc

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=6192
content-length: 5806
cf-request-id: 0684e3d9bb00001f35773fa000000001
last-modified: Thu, 19 Nov 2020 04:29:55 GMT
server: cloudflare
etag: "5fb5f4c3-1830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d341f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 D3973205-BAB0-489A-9AD7-0D473509E7EA-360x188.jpeg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
10 KB 704ms
702ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/D3973205-BAB0-489A-9AD7-0D473509E7EA-360x188.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebff79fcdc92802fc42067502f7eb89a5c7d357d6af20ae411cee852b628d3ef

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=10694
content-length: 10197
cf-request-id: 0684e3d9bc00001f35930aa000000001
last-modified: Thu, 19 Nov 2020 04:05:00 GMT
server: cloudflare
etag: "5fb5eeec-29c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d361f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 fox-down-lost-lies-blimp-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 8 KB
8 KB 707ms
705ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/fox-down-lost-lies-blimp-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ae073c75041cf7949c6990e94c0026e01f8de08578e16f466a206b3d1e6342

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=9200
content-length: 8454
cf-request-id: 0684e3d9bc00001f3595b0d000000001
last-modified: Wed, 11 Nov 2020 20:59:08 GMT
server: cloudflare
etag: "5fac509c-23f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d381f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 site-logo.gif
www.thegatewaypundit.com/wp-content/plugins/tgp-functionality/assets/images/ 2 KB
2 KB 25ms
23ms Image
image/gif 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/plugins/tgp-functionality/assets/images/site-logo.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b8955aa76e21bdffb131ac5ac86e83023b6b0e9065b8f53c5e4ec8eedc7dd57

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
cf-cache-status: HIT
age: 1613
cf-polished: origSize=1556
content-length: 1548
cf-request-id: 0684e3d9bd00001f35968d7000000001
last-modified: Mon, 30 Mar 2020 20:22:58 GMT
server: cloudflare
etag: "5e825522-614"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d3a1f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Trump-Signs-Executive-Order-White-House-Photo-04272017-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 15 KB
15 KB 714ms
712ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Trump-Signs-Executive-Order-White-House-Photo-04272017-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d987cc1a2e2f4d8cbaf01bc4896c9fb1bf0ef9e9456483c39d376c2edc30f0cc

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=15451
content-length: 15080
cf-request-id: 0684e3d9be00001f3542904000000001
last-modified: Sat, 26 Jan 2019 01:36:33 GMT
server: cloudflare
etag: "5c4bb9a1-3c5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d421f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 wisconsin-dump-votes-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 6 KB
6 KB 707ms
706ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/wisconsin-dump-votes-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f332ba9cf9fe723c47ca1b6cc8b2d87c9f443f444b485711a6be3607282195dd

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=7071
content-length: 6119
cf-request-id: 0684e3d9be00001f3532bf4000000001
last-modified: Wed, 04 Nov 2020 14:37:04 GMT
server: cloudflare
etag: "5fa2bc90-1b9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c5d431f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Wayne-County-voting-Associated-Press-640x480.jpg
media.breitbart.com/media/2020/11/ 39 KB
39 KB 88ms
51ms Image
image/jpeg 35.241.35.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.breitbart.com/media/2020/11/Wayne-County-voting-Associated-Press-640x480.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.35.241.35.bc.googleusercontent.com
Software: shield /
Resource Hash: ded93aed18031ce823b0bbcfb82c4e1803f51ae5ecbbc5705925016ad8194d2a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:28 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 19 Nov 2020 05:35:42 GMT
server: shield
etag: "5fb6042e-9c7a"
content-type: image/jpeg
x-shield-request-id: 4b84b09461818f933b59ea67cb289f7b
cache-control: max-age=31556926
accept-ranges: bytes
alt-svc: clear, clear
content-length: 40058

GET
H2 200 ballot-fraud-election-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 739ms
738ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/ballot-fraud-election-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d006d41c84deae696150435643da5a9464d60f86831b945f6a5511ef2cdac53

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=13776
content-length: 13074
cf-request-id: 0684e3d9d300001f3582abe000000001
last-modified: Mon, 09 Nov 2020 15:18:56 GMT
server: cloudflare
etag: "5fa95de0-35d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c8d501f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1-733-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
10 KB 739ms
738ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/1-733-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f8741f9cf8e08786c805251c72c9680ea2552d9de1987b262a4f67ad01c013

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=10366
content-length: 9899
cf-request-id: 0684e3d9d300001f358b2cd000000001
last-modified: Wed, 18 Nov 2020 18:38:01 GMT
server: cloudflare
etag: "5fb56a09-287e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c8d511f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Smarmatic-CEO-Antonio-Mugica-360x188.jpeg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
10 KB 740ms
739ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Smarmatic-CEO-Antonio-Mugica-360x188.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc44a56debfd307731e05a47b37e6a448dad0729b4b901eeb05833cd41a3bb47

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=10363
content-length: 9891
cf-request-id: 0684e3d9d300001f3568b1b000000001
last-modified: Wed, 18 Nov 2020 17:46:18 GMT
server: cloudflare
etag: "5fb55dea-287b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c8d521f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 53B08083-903E-49B1-8C5E-D77C077DE05D-360x188.jpeg
www.thegatewaypundit.com/wp-content/uploads/ 9 KB
9 KB 706ms
705ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/53B08083-903E-49B1-8C5E-D77C077DE05D-360x188.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3521f561f4df71fe6b21d2a9553ce7f95b79f6c5dfbb759d10114a91d7d0abc

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=9948
content-length: 9495
cf-request-id: 0684e3d9d300001f3552075000000001
last-modified: Sat, 14 Nov 2020 17:16:24 GMT
server: cloudflare
etag: "5fb010e8-26dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c8d531f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 5A3ED6CE-9493-44A9-9F58-58921E8B1619-360x188.jpeg
www.thegatewaypundit.com/wp-content/uploads/ 7 KB
7 KB 700ms
699ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/5A3ED6CE-9493-44A9-9F58-58921E8B1619-360x188.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4550508652a41a48e642686ac18e08a003d9b870fd150e6c3c12cc649c1e05c2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=7855
content-length: 6741
cf-request-id: 0684e3d9d300001f352aa6d000000001
last-modified: Fri, 13 Nov 2020 14:10:59 GMT
server: cloudflare
etag: "5fae93f3-1eaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c8d541f35-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 wisconsin-latest-after-dump-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 7 KB
7 KB 707ms
705ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/wisconsin-latest-after-dump-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bee76ba0eba171ef8d5f3ffb9339e35713c31cb5ca2e2f903680c33264e31c

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=7500
content-length: 6672
cf-request-id: 0684e3d9d300001f3564b3f000000001
last-modified: Wed, 04 Nov 2020 16:54:59 GMT
server: cloudflare
etag: "5fa2dce3-1d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5f4e6f3c8d551f35-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK rss.png
www.orlytaitzesq.com/wp-includes/images/ 608 B
875 B 396ms
371ms Image
image/png 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-includes/images/rss.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Sun, 05 Jan 2014 06:00:00 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 608

GET
H2

200

add2netvibes.gif
www.netvibes.com/img/
Redirect Chain

http://www.netvibes.com/img/add2netvibes.gif
https://www.netvibes.com/img/add2netvibes.gif

832 B
967 B

186ms
60ms

Image
image/gif

193.189.143.34
TYPHON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netvibes.com/img/add2netvibes.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 193.189.143.34 Ankara, Turkey, ASN34948 (TYPHON-AS, FR),
Reverse DNS: www.netvibes.com
Software: nginx /
Resource Hash: 5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
x-slb: slb1
last-modified: Fri, 03 Apr 2015 14:18:16 GMT
server: nginx
content-type: image/gif
x-men: web17
accept-ranges: bytes
content-length: 832

Redirect headers

Location: https://www.netvibes.com/img/add2netvibes.gif
Date: Fri, 20 Nov 2020 01:35:28 GMT
X-slb: slb4
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK addtomyyahoo4.gif
us.i1.yimg.com/us.yimg.com/i/us/my/ 765 B
2 KB 43ms
22ms Image
image/gif 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software: ATS /
Resource Hash: e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 17:25:58 GMT
x-amz-meta-created-date: Wed, 14 Nov 2012 17:41:49 GMT
Age: 29372
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1352914909579380
Connection: keep-alive
x-amz-request-id: 6D23AFBB9A19187B
x-amz-id-2: hbwcxpmb+/GLdvcJ6K2Ja6ocVxA3c0WXeDrCkWV7QkX/NKVrzqJ6Ng6XUF7CRwVD5jzb6eVx/P0=
Accept-Ranges: bytes
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 17 May 2018 13:30:46 GMT
Server: ATS
ETag: "9652eeb62b03f1fbf4d358ea0ce13107"
Vary: Origin
Content-Type: image/gif
Cache-Control: public,max-age=315360000
Content-Length: 765
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:a7bd8e41-25b9-44bf-917e-b7efec483bac0004ce780c98c874"
Expires: Sun, 14 May 2028 13:30:45 GMT

GET
H/1.1 200
OK add.gif
buttons.googlesyndication.com/fusion/ 2 KB
2 KB 46ms
38ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buttons.googlesyndication.com/fusion/add.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 12:00:00 GMT
Server: sffe
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2068
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 01:35:28 GMT

GET
H/1.1 200
OK feedly.png
www.orlytaitzesq.com/wp-content/uploads/2013/05/ 2 KB
2 KB 218ms
200ms Image
image/png 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/05/feedly.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 1662

GET
H/1.1 200
OK Petition2Congress_200px.png
www.orlytaitzesq.com/wp-content/uploads/2015/11/ 4 KB
5 KB 423ms
420ms Image
image/png 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2015/11/Petition2Congress_200px.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Wed, 18 Nov 2015 19:28:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 4521

GET
H/1.1 200
OK WethePeople1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/06/ 25 KB
25 KB 211ms
211ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/06/WethePeople1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 25452

GET
H/1.1 200
OK Defend.jpeg
www.orlytaitzesq.com/wp-content/uploads/2013/10/ 2 KB
2 KB 214ms
203ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/10/Defend.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Mon, 28 Oct 2013 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 1956

GET
H/1.1 200
OK Ad-1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/02/ 44 KB
44 KB 214ms
213ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/02/Ad-1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 45118

GET
H/1.1 200
OK OrlyABC1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 63 KB
63 KB 209ms
209ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/OrlyABC1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 64632

GET
H/1.1 200
OK 281_DVD-3.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 46 KB
46 KB 202ms
201ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/281_DVD-3.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 47025

GET
H/1.1 200
OK appealing-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
15 KB 244ms
244ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/appealing-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 14766

GET
H/1.1 200
OK office-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
14 KB 232ms
231ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/office-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 14275

GET
H/1.1 200
OK fame-small.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 3 KB
4 KB 205ms
204ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/fame-small.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Thu, 30 Jun 2011 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3530

GET
H/1.1 200
OK Obama-bumper-sticker-Thumbnail.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 13 KB
13 KB 204ms
202ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/Obama-bumper-sticker-Thumbnail.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Tue, 07 Jun 2011 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 13273

GET
H/1.1 200
OK Washington-America-Ad1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/08/ 4 KB
4 KB 210ms
208ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/08/Washington-America-Ad1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Thu, 04 Aug 2011 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 3733

GET
H/1.1 200
OK Orlypix1.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 117 KB
117 KB 220ms
220ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/Orlypix1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 120067

GET
H/1.1 200
OK wp-embed.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 1 KB
1 KB 249ms
249ms Script
application/javascript 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-embed.min.js?ver=5.4.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 14:37:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 782

GET
H/1.1 200
OK style.css
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/ 13 KB
4 KB 222ms
222ms Stylesheet
text/css 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2016 17:35:21 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4281

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5433
date: Fri, 20 Nov 2020 00:04:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 20 Nov 2020 02:04:55 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
5 KB 92ms
26ms Script
text/javascript 54.192.229.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-87.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 1445e630b6d1f6c7bc629c30771fcf03.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 4496441
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: h-8YZ6YFGpN3WvkkS_Crl42oGKbHyKWLby9YYBx8hTYZmoIly9aoJg==

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 8 KB
1 KB 165ms
164ms Script
text/html 3.210.81.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 3.210.81.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-81-118.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 1140
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 140ms
75ms Script
application/javascript 143.204.201.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: s.gweini.com
URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Protocol: HTTP/1.1
Server: 143.204.201.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-114.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 07:33:40 GMT
Via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Jan 2020 19:47:21 GMT
Server: AmazonS3
Age: 64910
ETag: "e7bb56484553f1223fea5d70ca7104f4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 15682
X-Amz-Cf-Id: 1YD6rl_BRVNkb3VSRjErbtn_OM5Lq9sYml3v0pK6QPlURryaoo0w2w==

GET
H/1.1 200
OK Masthead_Orly_960x244_DOFF.jpg
www.orlytaitzesq.com/wp-content/uploads/2016/06/ 52 KB
52 KB 218ms
217ms Image
image/jpeg 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2016/06/Masthead_Orly_960x244_DOFF.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Last-Modified: Sat, 11 Jun 2016 15:48:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 52821

GET
H/1.1 200
OK top.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 51 B
291 B 281ms
257ms Image
image/gif 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/top.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 51

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 12ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B7) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/40B7)
Age: 571
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H2

200

OreNM9NDxlE
www.youtube.com/embed/ Frame BAAB
Redirect Chain

http://www.youtube.com/embed/OreNM9NDxlE?rel=0
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

0
0

117ms
117ms

Document
text/html

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/OreNM9NDxlE?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 20041
cache-control: no-cache
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
strict-transport-security: max-age=31536000
date: Fri, 20 Nov 2020 01:35:29 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Zdlrwd-oBXo; path=/; domain=.youtube.com; secure; expires=Wed, 19-May-2021 01:35:28 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=Zdlrwd-oBXo; path=/; domain=.youtube.com; secure; expires=Wed, 19-May-2021 01:35:28 GMT; httponly; samesite=None YSC=38KRtMRpGIM; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 20-Nov-2020 02:05:28 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Non-Authoritative-Reason: HSTS

GET
H2

200

948FBVCqTu4
www.youtube.com/embed/ Frame 4C0E
Redirect Chain

http://www.youtube.com/embed/948FBVCqTu4?rel=0
https://www.youtube.com/embed/948FBVCqTu4?rel=0

0
0

100ms
100ms

Document
text/html

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/948FBVCqTu4?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/948FBVCqTu4?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: text/html; charset=utf-8
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 8799
x-content-type-options: nosniff
cache-control: no-cache
strict-transport-security: max-age=31536000
date: Fri, 20 Nov 2020 01:35:29 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=ryx4pEol2Bw; path=/; domain=.youtube.com; secure; expires=Wed, 19-May-2021 01:35:28 GMT; httponly; samesite=None YSC=YO3Olj11xM8; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 20-Nov-2020 02:05:28 GMT VISITOR_INFO1_LIVE=ryx4pEol2Bw; path=/; domain=.youtube.com; secure; expires=Wed, 19-May-2021 01:35:28 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found Cookie set /
www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/ Frame 2578 0
0 300ms
253ms Document
text/html 52.207.113.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 52.207.113.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-113-150.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: www.petition2congress.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 740
Connection: keep-alive
Set-Cookie: AWSALB=UpOw/fTVShC6jwf944zHWNfCeb1HWZjHxsxlxwa5PRtZRbRgF7qvBhEJGCxriN6ni6Z4WUdkHcq4SfrXuDTgKwzxp3QRtUCRYZRPFgFy0FpYaj6Thz0w5Q2h11zc; Expires=Fri, 27 Nov 2020 01:35:29 GMT; Path=/ AWSALBCORS=UpOw/fTVShC6jwf944zHWNfCeb1HWZjHxsxlxwa5PRtZRbRgF7qvBhEJGCxriN6ni6Z4WUdkHcq4SfrXuDTgKwzxp3QRtUCRYZRPFgFy0FpYaj6Thz0w5Q2h11zc; Expires=Fri, 27 Nov 2020 01:35:29 GMT; Path=/; SameSite=None
Server: Apache
Cache-Control: no-cache, private

GET
H/1.1 200
OK bullet.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 49 B
289 B 224ms
223ms Image
image/gif 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/bullet.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: 2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 49

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame C6D8 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 100037
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Nov 2020 01:35:28 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 200
OK foot.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 50 B
290 B 202ms
202ms Image
image/gif 67.20.113.97
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/foot.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Protocol: HTTP/1.1
Server: 67.20.113.97 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2075.hostmonster.com
Software: Apache /
Resource Hash: b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 50

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1577307176&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1577307176&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...

35 B
378 B

40ms
27ms

Image
image/gif

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1577307176&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1754935033&utmr=-&utmp=%2F&utmht=1605836128939&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1020210520.1605836129.1605836129.1605836129.1%3B%2B__utmz%3D209516236.1605836129.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=582174964&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1577307176&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1754935033&utmr=-&utmp=%2F&utmht=1605836128939&utmac=UA-38912701-1&utmcc=__utma%3D209516236.1020210520.1605836129.1605836129.1605836129.1%3B%2B__utmz%3D209516236.1605836129.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=582174964&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js Show response
platform.twitter.com/js/ 6 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (fcn/4188)
Age: 100038
Etag: "15d6bf68a8d65b293e52ddc833724ed4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2195

GET
H/1.1 200
OK button.63c51c903061d0dbd843c41e8a00aa5a.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (fcn/40DE)
Age: 100037
Etag: "62d4b0301f07768d13f3ee5de8633739+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 1f1fa-1f1f8.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 2 KB
935 B 158ms
62ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f1fa-1f1f8.svg

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1feca2279a6e78133bf577b99e4f3e82896622c255d29017cec5f5cfa93e4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 15:22:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 86ms
26ms Image
image/gif 54.192.229.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=OrlyTaitzEsq.com&time=1605836128988&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&random_number=574661121&sess_cookie=0bb5b6fd175e34ac2dce2601be6&sess_cookie_flag=1&user_cookie=0bb5b6fd175e34ac2dce2601be6&user_cookie_flag=1&dynamic=true&domain=orlytaitzesq.com&account=FEYuj1aAkN00q1&jsv=20130128&user_lang=en-US
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-86.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 16:07:13 GMT
Via: 1.1 11feb51f1ab40a62989608642e908bf8.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 34096
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: WAW50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: cGco83zzmKDBTjefX8U-PKUUF-JEAYB2u4ec_AJsHVYIkcHRb0Gcag==

GET
H/1.1

200
OK

test.png
abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net/
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
http://abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net/test.png

58 B
58 B

463ms
424ms

Image
text/plain

13.35.18.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net/test.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 13.35.18.134 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-18-134.sin5.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:30 GMT
Via: 1.1 34a84b82ff144b427f99aaae61510d21.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: foWgs2A-SF4u7NbJ4aCgD5BXJkELtv-StSro67UcmFTS2ylRjWicGA==
Expires: Fri, 20 Nov 2020 01:35:30 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Nov 2020 01:35:29 GMT
Server: Server
Connection: keep-alive
Content-Length: 0
Location: http://abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net/test.png

GET
H/1.1 200
OK index.html
platform.twitter.com/embed/ Frame 217E 0
0 8ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/index.html?dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1329261913834991616&lang=en&origin=http%3A%2F%2Fwww.orlytaitzesq.com%2F&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=500px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40FC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 982
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Nov 2020 01:35:29 GMT
Etag: "18c1cbad7a89225239c4963d441ca471"
Last-Modified: Wed, 18 Nov 2020 21:46:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40FC)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 577

GET
H/1.1 200
OK tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame 32A2 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 100037
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Nov 2020 01:35:29 GMT
Etag: "076dccdedb34f3771be52190b917884e+gzip"
Last-Modified: Thu, 01 Oct 2020 21:49:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DE)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12263

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame F1CA 8 KB
3 KB 333ms
297ms Script
text/html 104.215.88.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 104.215.88.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2d65381c26070d4eced639cf18ef831c98152f7134a2c58493076ae2ad8fed27

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3021

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 985E 8 KB
3 KB 322ms
290ms Script
text/html 104.215.88.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 104.215.88.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a66a9eb842badbde03b4eea09c267bbacf465b5918ff890a3532a72a29cc41b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3022

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 4EBE 8 KB
3 KB 325ms
296ms Script
text/html 104.215.88.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 104.215.88.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 434ab7929510cf842b41ca73cd3d3aa1386ece90ee900afcd58e824c2afe5cea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3023

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame E16B 8 KB
3 KB 338ms
263ms Script
text/html 104.215.88.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 104.215.88.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ae8d679563f9dda3e661b8548f5d79ef87157dfbeae8745e9b39dce177832708

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3021

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 235ms
192ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7281&Zone=ATF&g=836
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Nov 2020 01:35:28 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 208ms
173ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3001&Zone=ATF&g=436
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Nov 2020 01:35:28 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 174ms
173ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3002&Zone=ATF&g=347
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Nov 2020 01:35:28 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
321 B 177ms
167ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7282&Zone=ATF&g=554
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Nov 2020 01:35:29 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: Content-Type
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 164ms
163ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.orlytaitzesq.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1605836129162%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%22ed20a2b%3A1601588405575%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Fri, 20 Nov 2020 01:35:29 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b53824cfd5db5d04bd9d4299a097b14d
x-transaction: 00eaa856009fe8b3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame 1CCC 302 KB
303 KB 48ms
35ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Protocol: HTTP/1.1
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 00:49:55 GMT
Age: 2734
X-GUploader-UploadID: ABg5-Uy1Zd93hE0tQTLrd4ktxQfaF8LsSvLGdegAjErb30JAzMgxU2PeumoLCgi4Ns2KQlEtjJlK0SazaP31lZf8sX8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 20 Nov 2020 01:49:55 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1CCC 54 KB
18 KB 51ms
44ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5ab2c6b83954286dc790037be743189667da5dcb5545e814167597f7207e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "699 / 177 of 1000 / last-modified: 1605827423"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 18525
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame CB60 302 KB
303 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Protocol: HTTP/1.1
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 00:49:55 GMT
Age: 2734
X-GUploader-UploadID: ABg5-Uy1Zd93hE0tQTLrd4ktxQfaF8LsSvLGdegAjErb30JAzMgxU2PeumoLCgi4Ns2KQlEtjJlK0SazaP31lZf8sX8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 20 Nov 2020 01:49:55 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame CB60 54 KB
18 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88fc45b3809bb3121276292e818573c7ab2cbea9a4ba13966c7b51ffe185d9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "699 / 686 of 1000 / last-modified: 1605827423"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 18525
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame 0AA0 302 KB
303 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Protocol: HTTP/1.1
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 00:49:55 GMT
Age: 2734
X-GUploader-UploadID: ABg5-Uy1Zd93hE0tQTLrd4ktxQfaF8LsSvLGdegAjErb30JAzMgxU2PeumoLCgi4Ns2KQlEtjJlK0SazaP31lZf8sX8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 20 Nov 2020 01:49:55 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0AA0 54 KB
18 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88fc45b3809bb3121276292e818573c7ab2cbea9a4ba13966c7b51ffe185d9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "699 / 538 of 1000 / last-modified: 1605827423"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 18525
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H/1.1 200
OK prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame A536 302 KB
303 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Protocol: HTTP/1.1
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 00:49:55 GMT
Age: 2734
X-GUploader-UploadID: ABg5-Uy1Zd93hE0tQTLrd4ktxQfaF8LsSvLGdegAjErb30JAzMgxU2PeumoLCgi4Ns2KQlEtjJlK0SazaP31lZf8sX8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 309272
Last-Modified: Tue, 15 Sep 2020 19:30:03 GMT
Server: UploadServer
ETag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 309272
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 20 Nov 2020 01:49:55 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame A536 54 KB
19 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6a6f581f8d8e20533e2d574a21a86797e1f66486024fd2e43c881aebf2f2f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 01:35:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "699 / 108 of 1000 / last-modified: 1605827423"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 18537
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H2 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1CCC 277 KB
98 KB 154ms
54ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H2 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CB60 277 KB
98 KB 150ms
79ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H2 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0AA0 277 KB
98 KB 155ms
89ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A536 277 KB
98 KB 120ms
67ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0AA0 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0AA0 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0AA0 5 KB
3 KB 300ms
297ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3709458601819739&correlator=2481260338924404&output=ldjh&impl=fifs&eid=21067994%2C21068792%2C21067520%2C21068418%2C21065724&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7281__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1605836129&dt=1605836129886&dlt=1605836129460&idt=407&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=552&adys=16&adks=3753387349&ucis=iklhagxpao0&ifi=1&ifk=3718035668&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=1656618703&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b94b5042fbfaf8d38708dc644793a2c0d0ff7ae96fbf47bba85e5a711a90f9d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293814429
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6eb15277e7829a510c29fc3c4840b5c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0AA0 0
0 64ms
30ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6eb15277e7829a510c29fc3c4840b5c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame CB60 109 B
781 B 56ms
41ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame CB60 109 B
781 B 56ms
42ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CB60 7 KB
4 KB 345ms
344ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1440430414059199&correlator=2817895716804203&output=ldjh&impl=fifs&eid=21068728%2C21068750%2C21068792%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3002__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1605836129&dt=1605836129912&dlt=1605836129418&idt=485&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=980&adys=637&adks=31174620&ucis=hf6nrjcg932e&ifi=1&ifk=1621562291&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=24665376&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

fc290981fad6f026af1aaee029427d8e5d914d999aebf36a4aa8cecaf4322583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
google-lineitem-id: 5219468552
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293847341
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
92713f7f149d5899b76f48411c2075dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CB60 0
0 44ms
29ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://92713f7f149d5899b76f48411c2075dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1CCC 109 B
127 B 21ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1CCC 109 B
127 B 19ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1CCC 5 KB
3 KB 355ms
355ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1730230097164936&correlator=1375640510877895&output=ldjh&impl=fifs&eid=21068777%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3001__54%26passback_pb%3D0.40%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1605836129&dt=1605836129969&dlt=1605836129406&idt=518&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=320&adys=483&adks=30620639&ucis=1h24bm9p20c6&ifi=1&ifk=1621562291&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=1802079084&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b02785448c88bff23049ee2f1eea7eed717e8c61918a9f11f3fbf45745572c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2688
x-xss-protection: 0
google-lineitem-id: 5219468552
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293843660
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ba0827bec1644166cbbd0d6728cbb6c6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1CCC 0
0 28ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ba0827bec1644166cbbd0d6728cbb6c6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame A536 109 B
150 B 17ms
16ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame A536 109 B
150 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A536 5 KB
3 KB 315ms
315ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=797884914128828&correlator=2626719802456885&output=ldjh&impl=fifs&eid=21068776%2C21068418%2C21068479%2C21066705&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7282__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1605836130&dt=1605836130020&dlt=1605836129523&idt=471&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=15140&adks=3698927989&ucis=j2m0tuvix3su&ifi=1&ifk=3718035668&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=1112985651&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

2c01dfe4b297f7d504e808210466ae12e6296754cd7a8d370cd4ca8c2f5e827e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2690
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293814429
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3ecfcd4e5e13f1bcb54b0907058aa30b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A536 0
0 29ms
14ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3ecfcd4e5e13f1bcb54b0907058aa30b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D73 0
0 57ms
56ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyXlRjAWu4uasVqNH9Ui_bsDt2oLaNm-K1p3t_ZK2NrbOAaLusCUeBYkxyNnw9--SrG1Jl6jyZE4p-nVbGYx-sKozknekP_173oW3SZ6pbz3yiTx2ZARgWDu1CaCNZb8LeGUpw_sESkCLi86WzgOEnKSwt14s9hZi4rMOLN3R7FpbhKG4b7cg-vvrVvx1hF287_v6SlgSjEhc-_mTXHgGnumW783UHTXMmGcv-TgGVrRYheTAF_Z3lWFRRJhbbDMnj8vhYtJ8DMB4wH_CgkVYFnj8&sig=Cg0ArKJSzLnOkdIUcAqoEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0D73 54 KB
18 KB 55ms
54ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

ffef44bdc40c9ac5f9bb20a73291bbb5f6e7f584dc5962cb45adcbef5b7400a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "699 / 449 of 1000 / last-modified: 1605827349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18537
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D73 75 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AA0 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0AA0 8 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba20d1ee0ed439de04b107f0ac7c9c25b2bcc3a6da25358994995dbe6c70fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6269
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0D73 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 343456120380b52d2774ff96866173e5e845d9871253beebf95abbe46a9044ad

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AA0 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB6C 0
0 56ms
55ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGP_rCeu9oHOvlqqlc3nn8bt8mEzbxqglbtcEkKy2wO6pY-bMVkW6dg5G6qpoz4rVK3eRHenOZeR0ZQvbt1PQfBiez4U0ld8ZAKl3d0dWK0s1xNr624Uco3bijAWBzGDTR-4hVNt1WrDK8fxIRmqYzK4AdcqM-vY3beki6PuEdxOZY7ALHuN-von9VI5I7t05OwbamTpL5KFo22mxqqiTkRFcUBXAhIsCWeOTt-bFcVWv4kfNhq55aN6gdvunGd5Oejdb-Z5PRsbZJ5mV__hs55nc&sig=Cg0ArKJSzFgCYl9_N_JuEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame AB6C 54 KB
18 KB 54ms
54ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

ffef44bdc40c9ac5f9bb20a73291bbb5f6e7f584dc5962cb45adcbef5b7400a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "699 / 73 of 1000 / last-modified: 1605827349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18537
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB6C 75 KB
29 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB60 73 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CB60 9 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18d47f9d5d422421547df83d4dbaa24fa34592bf4285b10a1b045aa86f9d7f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0D73 277 KB
97 KB 53ms
53ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 237A 0
0 33ms
20ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3251
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CB60 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068792

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
DATA 200
OK truncated
/ Frame AB6C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf08bc03bc0194bf530b97aaff470fdf921322860a2c8947842f5ca541767dc

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF70 0
0 61ms
59ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4r-3grUbZNCclxh_ry8zGMzVYgeOpPI4mGIsVpBq6SpWUMzUrPheU6H2l7K1uVT3jqflMzj2XybioClDjNXH3-LZhRjfF-a2SjwRvDk8qoWO3mbu2LsxcnNmeSv7KCv8-dDiG5FmClItYlQKKpH2U8T6qwNsVOCQKTYfgibuhehS2Jx7uCmhswsImdsW9C5hrF8JXDFuwocayq_aVoG1eEFgFiQk3rnHf6kNKNls1Wyr3yBcSSlvVWIoaeeuyEaIq7dUFdhjgwjN_Q1vG6kR6sgQ&sig=Cg0ArKJSzFXfyXVtI-oSEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BF70 54 KB
18 KB 55ms
54ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

ffef44bdc40c9ac5f9bb20a73291bbb5f6e7f584dc5962cb45adcbef5b7400a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "699 / 469 of 1000 / last-modified: 1605827349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18537
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF70 75 KB
29 KB 116ms
114ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CCC 73 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1CCC 9 KB
7 KB 17ms
17ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7004ac125a40f52a4d71a0aafc90f6a0ec317b0e8ca6a8b631c0e1dedef05cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6714
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6145 0
0 58ms
57ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1IdPz_SNrInBW69QKOEiQwQlEiDG_2QOFkDip9Lp4smawHH4kA34wsPz9etU26pAHM1dUgcC6qh3cgXkxMzL-eurqd2dgcVzR60u2RdnRS9KA9QZ-vM4gPtDjad2GDOZygC3wH2llsJit5UhgAAOej8iCcHBtNoP0rsRu8-RwPESKGbwSw1o-7mStTNsBIIizwEBOl6Qcb2sMy8B0iVDklHLE-niFro492eYpE2eL6tHBpsmFacrir5V3XCBkl6itltPSOZiXzRAdMp3N2QH8p2M&sig=Cg0ArKJSzH2jgoLKpL9EEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6145 54 KB
18 KB 54ms
53ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

8d1d98f89b7445f7ac0924ce47772dbc3250ff4576d1973c5c06908e0c44fe9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "699 / 130 of 1000 / last-modified: 1605827423"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18538
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6145 75 KB
29 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A536 73 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A536 8 KB
6 KB 20ms
19ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e386379d6307a1d36c8c9d914c9d37d8a4e2ab01e025af92b73ac286a4803554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6482
x-xss-protection: 0

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame AB6C 277 KB
97 KB 56ms
55ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1CCC 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js?21068777

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame E65C 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3251
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 0D73 109 B
803 B 51ms
28ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0D73 109 B
127 B 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0D73 4 KB
2 KB 275ms
274ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3986903596494238&correlator=3648283692259526&output=ldjh&impl=fifs&eid=21068749%2C21068418%2C21068809&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D24e3669d7d931baf%3AT%3D1605836130%3AS%3DALNI_MZweakwdHkf9WyZhZSxq-mhPRZ9Ww&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1605836130&dt=1605836130417&dlt=1605836130207&idt=188&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=552&adys=16&adks=3312051823&ucis=hy5210fur23l&ifi=1&ifk=3627238188&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=262327459&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

2d16591ae8f41ee2d8d722d1bb11212fd7546de08b727df43b33cc9a2ded9155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2323
x-xss-protection: 0
google-lineitem-id: 4666443339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232711078
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
22b382d475a5b4e590d5e060899505cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0D73 0
0 50ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://22b382d475a5b4e590d5e060899505cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A536 16 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame F0D0 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3251
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6145 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ed97ada7ee23dc9505d2acd0ab86d80e8f2e3d7b133a092c839d0e50471b55c

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BF70 277 KB
97 KB 53ms
53ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6145 277 KB
97 KB 68ms
68ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame AB6C 109 B
127 B 17ms
17ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame AB6C 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame AB6C 52 KB
20 KB 46ms
46ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 00:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2805
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20658
x-xss-protection: 0
server: cafe
etag: 3049979879964453995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Nov 2020 01:48:45 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AB6C 15 KB
8 KB 307ms
307ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2359623818708034&correlator=3796998266591348&output=ldjh&impl=fifs&eid=21066994%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D24e3669d7d931baf%3AT%3D1605836130%3AS%3DALNI_MZweakwdHkf9WyZhZSxq-mhPRZ9Ww&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1605836130&dt=1605836130570&dlt=1605836130267&idt=243&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=980&adys=637&adks=1855475046&ucis=y5a1a2ggmgrq&ifi=1&ifk=624745926&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=17&icsg=2730&std=0&rumc=2359623818708034&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=468167092&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9a3da1e1fc4ab72ebb9f9b073a7dda31b7944d416e57a4e2bdd1f1159b3b991d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8272
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AB6C 0
0 28ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 7AE9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3251
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BF70 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8b8cf67ce51db340578a8fd02f88ba64d36a55149a38303fe9620a13ad7746b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D73 0
22 B 57ms
57ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDPldRy_wB0XoOj3GBSmSkkNoAw-x7aOVRs5p4GAUpoYJRV6cpM-hYdvLtYwTG05VSn8WLsGnJtILCqPIZSqDQLcBVKLG7YW4hpy0Ar6zZCqB7G85_2uvajjdQgSMfm7BDIOmjOxe2YKwV7osOOYuvgC7QF0yx8Eg9Apcvc_nUR7gA1yPQ7GXHqZyeZaXLMKtTDtd1XBD_bPxAIs9YAArdE2nW0H0aZPHd4qOT_fj8haD9dJZB_PYv8I-PhFpXuoXdB2jmF6PMOKYtJfeo3y-wJRb2Zw&sig=Cg0ArKJSzJ5rL-YB8oU2EAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame BF70 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame BF70 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF70 51 KB
12 KB 372ms
371ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=806131981235947&correlator=1812316824327164&output=ldjh&impl=fifs&eid=21068750%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D24e3669d7d931baf%3AT%3D1605836130%3AS%3DALNI_MZweakwdHkf9WyZhZSxq-mhPRZ9Ww&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1605836130&dt=1605836130679&dlt=1605836130342&idt=279&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=320&adys=483&adks=1855475046&ucis=wumd0sm7sbfk&ifi=1&ifk=624745926&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=1698730255&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

8a958dd4ffc359b59d09f98a8a4a1d54783302b058f75bc13cb5687923ddb843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11941
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
974fb119e4e402415781d0de7af8b2da.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame BF70 0
0 29ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://974fb119e4e402415781d0de7af8b2da.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 6145 109 B
127 B 17ms
16ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6145 109 B
127 B 18ms
17ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6145 0
141 B 15ms
15ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=1196560476795703&vrg=2020111601&nslots=0&eid=21068776%2C21064370%2C21068418&pub_url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6145 4 KB
2 KB 190ms
190ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1196560476795703&correlator=519635050388762&output=ldjh&impl=fifs&eid=21068776%2C21064370%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201120&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D24e3669d7d931baf%3AT%3D1605836130%3AS%3DALNI_MZweakwdHkf9WyZhZSxq-mhPRZ9Ww&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1605836130&dt=1605836130701&dlt=1605836130363&idt=330&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=15657&adks=3312051823&ucis=3eeizbclmheu&ifi=1&ifk=3627238188&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=1020210520.1605836129&ga_sid=1605836129&ga_hid=1127247834&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ee059a4819391076bf53485e787951a0eef32f773931c58b9154657d5a0110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2305
x-xss-protection: 0
google-lineitem-id: 4666443339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232711078
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b858f05e4df9e0be9c6e4add1e73bb48.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6145 0
0 28ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b858f05e4df9e0be9c6e4add1e73bb48.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E881 0
0 60ms
59ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdMqvn5xKuSkZxCuNgCPAouwPXBKSzgBwfs7TJ_Ip7xDjURAbfgf8B-WXUlKuF2xO3XQzD51XvXYRGRz_kJQIVDFtKK072OFJweEqggSS1-Z9DbFibNrV-vbgUe75CKTW1KRflEv7zadGIq_E6qZcu0OiFz8OzMnhBOlsxgnrsFtet8CsZMKVy9cGiM0HmYPU8YAYJcnHMlbAgAtqrlXX3RcKCt4QfAyPJLCuQ2UGcvfQO5bjIp87MZHlpUWzln0SueLUpkR4ZbOYAvJPnH7mFFT1uuQ&sig=Cg0ArKJSzKxLbHRO9EgrEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame E881 90 KB
32 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b502d47f3322506391caadc21225ecae1dc4286c62ddb753ef10cfb357625801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 20 Nov 2020 01:35:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3390310256420484827
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 32330
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E881 75 KB
29 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D73 73 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0D73 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c0ca7b0148fc372b921010e62ce4d2d4d879ae22eced87ccfaf108c8db43c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6443
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB6C 0
22 B 83ms
82ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjjxQvhyrg-DDCoEahH5HBPmYzxitC3p8Q_llwTEZhqu6N8TcXeClVmMJvhSN0lTvOeXTu10ldi_Cn21VmhB519ZIhf187efYKJaeEZCTT0ipiYvonHv9sj1l08Qw4XrM_JPs7TFzMVqMEP3Z69MPqmtS9XJS8fYe3xwYTH-HgxImEC10BTGO-HdrpMisOelBdtfrYUEyOplpXkCO6YTSqBkmTAr4jm2r15MLYfn5VM-iDWtVOzjnwAO8sBKq8fYstcNrNHV4Tliwg58ibXxsRc5Slsw&sig=Cg0ArKJSzNuoffr0uCFwEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF70 0
22 B 81ms
79ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOBpQ8q9pHD05WUOseaiSjTHC4y_yeVkZDDDFBSWAqotghCEQs0uBLVXNeueXkgWttTQEhfeqabFJDm3Vtx_q-rheXj1Y1T7zqphA2bF8nsXAL8tgAseJFKnY5PZIkqlZdVpQA0LcAfNgNik0VNXveTcCnmQjNxNKElFxEDlo6Ac2T49rKINSjRmLyX5VJ-b_TxD0vekLwLvzQLf1nGykpTiZYB68zOJ0cGmWa5w6bRk3rCSrvY1FhiPyhP2-oUVx-ACQTasI204RRgGaDukRkquVAjw&sig=Cg0ArKJSzOeSEMcyzAywEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame AB6C 52 KB
20 KB 46ms
45ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 00:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2805
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20658
x-xss-protection: 0
server: cafe
etag: 3049979879964453995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Nov 2020 01:48:45 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame AB6C 0
459 B 18ms
13ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.orlytaitzesq.com&doc=complete&pg_h=250&pg_w=300&pg_hs=250&c=1&aa_c=0&av_h=250&av_w=300&av_a=75000&b=0&all_b=0&d=1&all_d=1&ard=1&all_ard=1&dt=d

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Nov 2020 01:35:30 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6145 0
22 B 71ms
70ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWuQDKUnfIMHz5z940f0C4EdMibNyjXU9dT4nFbo_2RE2QWaROFt-iEzABxE98cd9FnWGx3zyCgRK1aQGdt78nWXyAYim0PHAA87u8kwb7562z4DNJri6316EheH8R1yIZZWr6mSrzKAZil80PQ_lm9nLGhIqmad8nTy84a8YOG6qH7RQtlle2ly7aoV9RR71EFqUKwcrc73ySMPhRUWCfoz84cdBsMYWVpL1ybeHdnw2xtA5T9-_4TNwKPk--V2tlDKw7vafXGzrkCFcSqSE6Ikk3eA&sig=Cg0ArKJSzOyPMBF2p3kpEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D73 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB60 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1440430414059199&vrg=2020111701&nw_id=22803534&nslots=1&eid=21068728%2C21068750%2C21068792%2C21068418%2C676982961&pub_url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&qid=CKKF4OD9j-0CFbmY3godtRULlA&iu=%2F22803534%2FHB_DEFAULT_ADUNIT&e=0&ret=300x250&req=300x250&bm=0&efh=1&stk=0&ifi=1&isc=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame E881 231 KB
87 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 574B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkDWAmXsEgx52HCjDiIClFKYJOf0aTUlzzn3cnDkNbhcNJGAeYciySSa2mo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 20 Nov 2020 01:13:00 GMT
expires: Fri, 04 Dec 2020 01:13:00 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 1350
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E881 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8580013fe0e2da240c72da21ebb99c70dded3ca39dab08d2c720d8a1297b916

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html
e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 572B 0
0 59ms
45ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 20 Nov 2020 01:35:30 GMT
expires: Sat, 20 Nov 2021 01:35:30 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB6C 73 KB
28 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AB6C 8 KB
6 KB 53ms
53ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0709d6c180cab4344ce88fae410c0fb68d07795159e1061056e2f2ecef9cd48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6506
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 4379 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3251
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame AB6C 0
459 B 14ms
13ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Nov 2020 01:35:30 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6145 0
23 B 17ms
16ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1196560476795703&r=728x90&w=728&h=90&a=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2F5 0
0 73ms
72ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuund9tl34-E8mwCOC85saHii8uDvrRI3bxMNtr_wyTcroCIfGDmXg87GgU4gsfyVZZX0iEaaYtcjy3hRcPrSP6FAaljMoGNxDo5ShUJs53IXCkyiozIuSNn-jF0naPiquYnviDJpt4-vA8t_oi2oxufO5hdKm5sPJ7wjAxYIv-6RsIxEQrrUkK-OI1ipmkU3ubN6qQUCErHEJZ3Bz5JmqODXhq3t4qrKLPhsFsE4SIp0JG0QAVf6iiEacO1VZ6ZktN2UQ4vl42Ut0mTUcWBVhCmbc7Yg&sig=Cg0ArKJSzFMq7IJMjAYFEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F2F5 90 KB
32 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b502d47f3322506391caadc21225ecae1dc4286c62ddb753ef10cfb357625801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 20 Nov 2020 01:35:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3390310256420484827
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 32330
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 01:35:30 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2F5 75 KB
29 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6145 73 KB
28 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6145 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96786b07e6c44c944f621d30adee4d49848361278cbccb1b6a457fa0e547f03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6427
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CCC 0
46 B 63ms
62ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1730230097164936&vrg=2020111701&nw_id=22803534&nslots=1&eid=21068777%2C21068418%2C676982961&pub_url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&qid=CLro4-D9j-0CFYSGewodtQAIdg&iu=%2F22803534%2FHB_DEFAULT_ADUNIT&e=0&ret=300x250&req=300x250&bm=0&efh=1&stk=0&ifi=1&isc=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AB6C 16 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AB6C 0
331 B 1206ms
420ms Other
image/gif 2404:6800:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~khpldcps&c=2359623818708034&e=21066994%2C21068418&ctx=1&met.1=1.khpldc63~14.1~15.0~16.1~17.1~18.1~19.1~20.e2~21.e5~22.1o~23.1o&met.3=113.jp_1~112.jp_1&qqid.1=CNGwieH9j-0CFXDLEQgdbY4FXw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:81c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E881 206 B
411 B 87ms
86ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.orlytaitzesq.com&callback=_gfp_s_&client=ca-pub-9339919749774457&cookie=ID%3D24e3669d7d931baf%3AT%3D1605836130%3AS%3DALNI_MZweakwdHkf9WyZhZSxq-mhPRZ9Ww

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b4353de0665903759f03d143b99ad685e44b00ab0a7cb9a8ad9b156ab2218b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame E881 109 B
150 B 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame E881 109 B
150 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/1.1

200
OK

728.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame F811
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193766&pi=t.ma~as.9866181553&w=728&url=...
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

0
0

243ms
47ms

Document
text/html

13.35.253.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-118.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 158
Connection: keep-alive
Date: Thu, 19 Nov 2020 22:18:05 GMT
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
ETag: "ad7b75065ec6b24a73a254d232ead673"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: NdvzXuKwZYeue65horlDyV-sUhNZ_pu9v6CZSR56EH6jO0QWBoVvrQ==
Age: 11847

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Nov 2020 01:35:31 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E881 73 KB
28 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6145 16 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 3D4D 180 KB
51 KB 82ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 472738
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3D4D 13 KB
5 KB 89ms
63ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 472738
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3D4D 90 KB
27 KB 86ms
61ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 472738
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3D4D 3 KB
1 KB 85ms
60ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 472733
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3D4D 41 KB
13 KB 84ms
59ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 472738
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3D4D 6 KB
1 KB 86ms
72ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 00:54:42 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 20 Nov 2020 01:35:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/2534888380485847620/ Frame 3D4D 24 KB
24 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2534888380485847620/2076313506083323656

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28fa503186e829dd4625cc83157b896263026819802e175ab53776c7552a30c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 11:53:47 GMT
x-content-type-options: nosniff
age: 481304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24684
x-xss-protection: 0
last-modified: Tue, 26 May 2020 20:14:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 11:53:47 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9052529344464681943/ Frame 3D4D 412 B
515 B 10ms
8ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9052529344464681943/downsize_200k_v1?w=100&h=100

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

679609fd573c819570b0da4190de3afe3e0218c557446798d325766576837c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:41:18 GMT
x-content-type-options: nosniff
age: 10453
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
last-modified: Fri, 24 Jan 2020 20:27:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Nov 2021 22:41:18 GMT

GET
DATA 200
OK truncated
/ Frame 3D4D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3D4D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 731abca0abc353321f13155a7b3bcafac7a2e39c47e9cfd1eb0d7c449de07222

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3D4D 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 51993
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 20 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3D4D 295 B
389 B 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 11010
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 20 Nov 2020 22:32:01 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3D4D 0
0 81ms
81ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CstDZYh23X6DuLc_bgAfBqYp4nIzrgV-y8ZGOyQu_4R4QASD2z4MfYOnkyYXYGqAB6_3siAPIAQmpAiCuR9mu1JE-4AIAqAMByAMKqgSFAk_Q-_0r7Tu5urkV9Ko7qd6FEnAYi2HGjBAOLB8bF4dDuDfJSMiy-rxx4EzwkHGbY_HgmSG0Z6yzOc_bhGsEjYLCbFMvep-Diuo06xKMBXiLlcFddhSXl_uQZPstd2dFZTORyfvyq3FRJJnxiB8DZgeI0jVXYCD1WuTyQZSJ2y3h7VW7XoMNzGxxjTzq4NMZZ0-YRSSA6ZmeJzRlZJjt5mRZAG8tXTXZ6H4hQLG1sK4_HZJPPpvcFNZ4eD4KSlt89oBCroEYU1A2eR7nm8n139qAcEa3_JS1jNrvB4PkwUtKcsuzNKKhGTYK8HQZRVVSielWKKhM3LkFlaYNjE6s5DiTJ0oI1MAEo57LmOcB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_2Bk3eoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ0aoF0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi0zNDQxNjIzODI1NDkzOTE1gAoDyAsB2BMMiBQCshcaChgIARIUcHViLTkzMzk5MTk3NDk3NzQ0NTc&sigh=MsEBYdPyLuA&template_id=484&tpd=AGWhJmuHf9eB0lfVYtahcHsyAbfG5fB_byQxHU3441WSHBReeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BF70 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8992d324dacdc64f1a8440e4e5d120ada556b49e1284302e46d18799c23e6ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6557
x-xss-protection: 0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame F2F5 231 KB
87 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
DATA 200
OK truncated
/ Frame F2F5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfdaa36de9e2564be0617e4642fc4993369eba9f41fc6f065004626372b15b8d

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BF70 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 551B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3252
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3D4D 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.orlytaitzesq.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 20:01:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 365661
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Mon, 15 Nov 2021 20:01:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3D4D 11 KB
11 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.orlytaitzesq.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 20:05:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 538228
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 13 Nov 2021 20:05:03 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3D4D 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.orlytaitzesq.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 224094
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8088
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:20:37 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AA0 0
445 B 16ms
16ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=3709458601819739&bg=!YmGlYUHNAAUoamvQKFgh9xhQfwATkgIAAAIsUgAAALdoAQcKAVwziMyGRPuKySdILyTiEsX8G_wV1DcEbXugYbEDIjsIKH3DCYGFykovIA8MBOTc5oQMohMjvU4Odu5AKVxeakX8W0b9-gx6_DJTXoWFl08syfTGE9o1861Tt7jtW9p7qldJcEipgc-r2zDik21tY_iM35DTIWnx_dhy8L7h2ItbuECZDLzBWzpcoS1PvqhjJyzRXcfdE4ai3TrIiYASOXxCVacv0_mIxc83EmSwU5vUp8SHG94-4adnBA19bFOdNim9d57ntTPGUX6VaN96FSp8KMT8oK6daFlbZos7uqwiKtmMOxIIjZg0xoCtq56EfMpN6hsrrQlniqmON0VMCBywHotSpb_5r_cfOnHi0-9UxgCnBJHb6PhEhdEt4_AnaUXmndvhYem99GSTHyVGhwbo5BTUFkHL0yfOVSCPYOPrQUrFFbbNub0Wtv5MqtbJaQ4PsSEuvhFyaAFYxSCZAfZCq-XvXSHOHsjuTZCIyoIcLVZwGyvdaa41idWdBkjA6OjPuJSPiFNj3OM3wzVYWmI-hmd-xPubwNpiVXqE1xDNrWtnJWWhH6BmcnvF1UDdIrmOPrD26JVYEq4NvWiDYGSyh8pRjgbw4YBFYLoX2vRPegc9yblZUToqQM0v0vXFNNURpo1NE7CjBu5GHwd7pCwVtbhb8sqfdOBQLxotSdCEkWX4rHGpXP8Aui8riCS6A9weaQb7C3wDuhPK1TdUbMlF1mkaq4q-LyVoAS6Eeumj4hbrDnI7PyXdfD8R9KwLOVX764aBzu6nqqOQouE3H8VsFF9RQWDJ9HZpQFSj7pCPpbKQHz550dhLX_UiyYLfR0T34Fy7iwO7ouR_rD1V-Shh4HR8JLoZgHDPQv1fDnXT2NktLVy8qg4sTi39V_qzzcWicvYJcLNaMP5TuBF-f1pqjZrCgeTvIVS75517cupCCQr0xk_N6WcBIDXVbrp_JH44ZKCqhYmLWa-bx9UCwEWnVMmwhbaW7RKIGcQHQXpuMeemVtSOgMQBF8XnUcmz9mG68rRUPJHlzMa8YHJTlp5vLhJwywInQNYfSN9ZOoGcVgTkvu9vrLRXaHWCR5kdmwhYhXMkepTNVaRxhAtAd6tjG-jTtZuz409GVupZone5oLwD5lk_

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 7666 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3252
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame AF05 0
0 62ms
61ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3252
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F2F5 12 B
199 B 95ms
94ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.orlytaitzesq.com&callback=_gfp_s_&client=ca-pub-9339919749774457&cookie=ID%3D24e3669d7d931baf-22d920293eb90001%3AT%3D1605836131%3ART%3D1605836131%3AS%3DALNI_MbMOyjDuN8VuudDMuCqTVVVl5hxrg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame F2F5 109 B
127 B 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame F2F5 109 B
127 B 19ms
18ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/1.1

200
OK

728.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame 2BE1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193769&pi=t.ma~as.9866181553&w=728&url=...
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

0
0

47ms
46ms

Document
text/html

13.35.253.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-118.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 158
Connection: keep-alive
Date: Thu, 19 Nov 2020 22:18:05 GMT
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
ETag: "ad7b75065ec6b24a73a254d232ead673"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: w3QLJ0_afyugVjytiLOetSLL_FK-mtVBZKLNo8G54mu4f129F6si1Q==
Age: 11847

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Nov 2020 01:35:31 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2F5 73 KB
28 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E881 0
200 B 59ms
58ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujSXD8-tjY4uJsrLCrSkaS8H66nIF9xVr2fPwzVFUzuIaGLI_yhZ3zKyF2zGbBQPX8bUCjU3GS9occAlZ0IY81fZIt6tJjD2o9hMvBXLJuJAgqbj6vgMejT8a1RqkA6XHPAyA45FwbHPocuyzRE94v6xkiYriaVRH9Ol_E9DpmHr2R_hECOKmRRdearGqDWTpvIXOsajOLFct1gYv_21NyqQ8qZztpLxew2CNSRTx191bH37P8GF1tcNdKJcH9XfW_sn8fzxd7lIH6KI5FSQAmP-018kgY&sig=Cg0ArKJSzLb32N1ik2MGEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E881 8 KB
6 KB 56ms
56ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e488ed52242ca642757cb293b41b8162338b5f18ef2d6a1d51cb08ae52cf5f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6440
x-xss-protection: 0

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3D4D 2 KB
2 KB 9ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 51993
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 20 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3D4D 295 B
322 B 9ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 11010
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 20 Nov 2020 22:32:01 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB60 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=1440430414059199&bg=!ICOlIwPNAAUoamvQKFjX-tCPAgGZkAIAAAN1UgAAAMFoAQcKAVdW5uuA582qM_BSL2xYeDkouqdY-k7Tpp8TFBpei90HDVjerYHZN_2UGJHs0cwSBoEzNqxV5XlOmU0-IzkXvuoPsLCBNyChbSeFn9LX1-ulMqmrH8K3W0nRQ-iJtbeYh_aZiSgPZmwpCp-OGw--Eto1DCJdkjIVZVUnJvr02iVv-dgusAK7x7bsPWkDXD6AK7GDPHf15Qlm9lub1ceB_Am5HtTaPHnz9RgRhxatroL2iGJJtc24RhRJ-EfV1rnnzINo2NhVYH6YTuzKIi0p8G6nUT8AkO61Kp0wgt3NuGCZAQ-QBbTz-S96kjA0HGrT3De3eRsUcWPhGlBSEnG_xaY89Fn4Eyg0TGXG-QbQhBQZ68z9XEnOvKbFx2nthcOIh3aHF_R7_WBHgZOXcWr8VmmGqAxiQB07rExe4_ChhdQT1w_JR5coDDVhI476GmOm1S_cceml0xZzmQISwRoNpVaz8Rcax5b_1dJbSA1aRVjUUd1MMm_qlJhPu-dyLiE18EppvUQj_oK0JwM_EhY0CvXWF0sonhJ9-aN9p4IfBVHLPNnb-YtfjALILzWRUtThqmdEQwIdgC3tzVypSS3BraNwHFTlMSgbMT3Tq00YdU9w7pdJfIemZRVzeDwQobmxok1S6j0gmjl_jHctr-9hGhVSNI04q2FoOsHuY-W88uqd8GM5irYnc8mYNVJSzptmi5oT2H7A8kAEZzodeP9CLtBkn5XROsJngXTQnxOxzXgPbSuy1SiL9VT4TiRcNacSG_FspqB1cAjMRndyCLj0WjBh1_09ZXKQmVf0w6amRDrqYBx-bmgEZ7RHw7M-o_BnZLPQ_yfmo5anhprqFrz3v4qYnyoZx57FUw7GLpAC8aCYq3I-sNimL9uoGGJjwZcxV9K1R0s0UvewSYhJoh8djumfI8rXoAYta7nhOvhOTtqmFmyT2PG9_SgKRHpFciOv6B_aAK-lJ0CclUkeXfVN1fuRf0iWgztfyA-ZU0MJ1DYZ-JrwXB5Vp8-eImSsoegGrs1ho5b6CYKOoIrS3z3GGAOxICfJ_ia8LhQolOULTDNeIt6fv4KHH1p22NhrRPmtmSQ8-T3vT5E0mC5DpouHiXJoP4dFZc_mp-4ck-vzup6AtBkyHclitBRrGbZDmlb4hwn6bowoX1zezveKUoI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E881 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C374 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3252
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0D73 42 B
68 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKq1-txeiadXd8wKExA68bwEb8cuwCO0cR2V1ZkMT4vFngjVhAHs3rvjl9XGw6DHXCYHGsCH8dkD2O-vTHoAZOAMaiaQlzRZ-qGDZTzEY&sig=Cg0ArKJSzL4VpmlAp29BEAE&adk=3753387349&tt=-1&bs=1600%2C1200&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&p=0,0,90,728&mcvt=1097&rs=0&ht=0&tfs=531&tls=1628&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=365&niot_cbk=378&md=2&btr=0&cpmav=0&lm=2&rst&dlt&rpt&isd&msd&xdi=0&postrxl=1&ps=1600%2C15798&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-6-8-8-0-0-0&tvt=1623&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2F5 0
150 B 88ms
88ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstO7ozWQpCfgXWD_XIOZKD59KJuirP3zyG_EBToBxtqkqBKxKKxUvNJO1P2c7oSdUF_sNwsaeWd4UctdnkuTfqLU99BO5cQAZh2ZTpm6PMXdfs6TWUFE6crWq1ik4tlZTA_Nv9T-Q_ErDN7rD0iDamvw0gofA5dNHYav485KVyFqTEof5HD4V3RPNj1gYy-_eB-JaU68LX-Gbz--8bR4WFoTq1-guRcWgvcPia7bWNtgjY-XqzH5wqQ9mrEGLnKZ1ai3g7wrD4vfRHaPx-jUBtmsEYDMCcZ&sig=Cg0ArKJSzAoU4KR4y0NaEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F2F5 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

674f78aaa8cdeeb515888064ed24ce02330148c647815477f8747000c92cbd9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6378
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame AB6C 0
54 B 420ms
420ms Other
image/gif 2404:6800:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~khpldck3&c=2359623818708034&e=21066994%2C21068418&ctx=1&met.4=fb.2~lb.1k~ol.e4~idt.3m~dt.-9v&met.3=197.1i~123.1i_1~118.1l~118.2a~118.5c~118.9e~118.dx~112.dz_1~117.e2~298.e3~116.e2_2~118.e9~118.ea~113.ec_3~118.em~118.ep~143.hb_1~118.j9~118.ja&met.9=1.31~2.6r~3_1.8l~7_1.0~4_1.he~5_1.hk&met.1=1.khpldc63~14.1~15.0~16.1~17.1~18.1~19.1~20.e2~21.e5~22.1o~23.1o
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:81c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F2F5 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 20 Nov 2020 01:35:31 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1C20 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 20 Nov 2020 00:41:19 GMT
expires: Sat, 20 Nov 2021 00:41:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3252
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CCC 0
23 B 17ms
15ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=1730230097164936&bg=!HxylHDzNAAUoamvQKFhz6akgAvtDMgIAAAPpUgAAALBoAQcKAW8q4H9Ges4ddw_nw-_oWftigww13LvddQ5rNdKSWNKHoYsEPthu8846GcYf754H34OC8Z-8zKEY2ReDkVpjPm7Kr5iz-_4L18Lr0eLGiPYHvHW3kJiHWW5Jx13mS5OK-ZhNzQ3qNJgJRGFPrj8T1cETxRUORpJTAaUfB_egfBVmp4DumrcddkWAaG9AaMNLV9F8byQBUc0BuL3waJBO0WKcIXp4nGIww0WSjWFS8Uo5_aWCNQIhgJrgblAZMFlDKf7gANDimA1j3WKMn73IzX693BrpVdIaXIlZa1-sKIWbQix9kX2RKDpFURfRQ911YFOARkqU5U2eKCfUy-J9dS0lDMvdgiZ5T-DdPScANuHKBG4AegXXFqMHHs1y5z3knMU3-C42a7M-wTFvEKshdKJvJuoc4RwmLhFQOGco2Uh7YG2mACUVz0JEbIZ1g4hrlcu1XpllvDKDGntYYqe1gpnRvbtbFp9Z-hthsIN29DZgmQIHF9fuoOo4BMf5PjBON9u8PSvT-Tq-vNa_d83Pf3eVZXWkKtya8X5n3uxiIb8s7l3Ptzh-TK87iO5q3lvqGRIwHUcv04F7DDZAMvYU0c3l-1thmiqIue58TBspA3q-3Phu1NkyPWG4sUwzKmUXK-AE7lzuEpl0dohOTiXULUxNJ12onJ-hi0kTjKcI0uoZVeL1zu1uYHNqeJge6SD4WM4rVN3m7oPOQKlE1AKtzsllVUcFPQErBvATSQuOfpBIeqmy6bX60We1nF_-muHkXthBuBxqyTowad9l4RuOIgTwYWgOkCJGtpa_3ekdQB7LZPPhUjZSECCh3p1gX0xGWZmFZaSFQZbd0Qs0VP74oAIdM_eCTFQnGkUQEsBlNpDe7lE0evVhq99HVoSIPzLVfdiyEQH8vNj1GwWiwXCtKwOo0Fxb9c3PsFY98yqwTjcU6bTxT4VXfxgGNWxgPisbuj9NIY4IkU4h8MLG_uoUtvDyvlWBx2dUqC4rfFAx4MIiGUwdTODJHQZ7Mtihrd7CmgT9g5lg69sDX7NTCIDDiqDYSZhC1u5FQMrkOkGn_b7DJVLWyhT0JfzXJjCqKjzAgFepF_noH93SAAAoOoQZu9kvOB_df-kLZe5xAX330haY5v06gTcI6wUxcimlZpJUUlCFwqJAgOcbe3kfJtho2-gxYp_yh7m5ZWLw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AB6C 42 B
66 B 16ms
15ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2bkxjQw7t-CivFdEJfipB7Bf-JkMsBzuj4_b4yFut_kKIgxcERJyumTNEInsfpDUUB7jpXm9zqEIaxh6yaWSQUewmv_ozIQaq_c1_Mjk&sig=Cg0ArKJSzNLFdE4m_D2zEAE&adk=31174620&tt=-1&bs=1600%2C1200&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&p=0,0,250,300&mcvt=1074&rs=0&ht=0&tfs=571&tls=1645&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=454&niot_cbk=473&md=2&btr=0&cpmav=0&lm=2&rst=1605836130271&dlt&rpt=505&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C15798&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-3-8-8-0-0-0&tvt=1644&is=300%2C250&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BF70 42 B
66 B 16ms
16ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEkpHmn88i4VFwIFs20VekvvXhHNzalPAICYyZBoDadWP767H1wbUhr8OVcT76x5SNyOZnn-9NunmWPWiNkA4qfMTKHgsI7yejs1nZX0w&sig=Cg0ArKJSzNaltFI0ng3iEAE&adk=30620639&tt=-1&bs=1600%2C1200&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&p=0,0,250,300&mcvt=1074&rs=3&ht=0&tfs=303&tls=1377&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=188&niot_cbk=201&md=2&btr=0&cpmav=0&lm=2&rst=1605836130346&dlt&rpt=258&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C15798&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-3-8-8-0-0-0&tvt=1376&is=300%2C250&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A536 0
46 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=797884914128828&bg=!eHule1vNAAUoamvQKFjAVib2UzQhNAIAAASoUgAAAJBoAQcKAQe-bMY-MAnSgVDi4BhVRh8zlezu7KBwrY9m9F5M-CRjZJZINjzXd3_fdTWy8vFMy2aKCw6yzb8z7aNjHuE8kXiFyCenG0PLzBn5jIFfo1A10wB_wPVZ0TsJdKheDbCw0GXRDGHRTp-XZMrDQu6sIhF9clQiQ-J2miU7zk4yKoTMim3hrF8k4k9AJK8FQXsQmhYBwb0YDqUMUQrXezN4zO-dDxLGvXq7tRNW1UxySSSbQEEwGdreaB0DDDWigoPe3WH659dzHnQ9pP0yJn1NCkMAG4SXNyFrL09K6K5djOWsCq_doQoGOa5iaxt8KZ1DBWr6pFa0ptaReUKdjW8piIG4m8Hia7_uoZkB9ou-y3DSpMKNfZtGwijGEgC4FEJG_478VszxOil8EKpQ_m0mtyGCHXXcHFEMu-ISmhSgbQy-pw-5HHQv3J50LGoFoDWSPjqbTk-qnRQBDuLEbxh_ivk4dBVykFPrICZMw56HzUL6faGNwvljBi8s9lLB13Dj-XJ7not6YfIZ7nw9XFbx6TGZwuYmmXyKAib6Cp8XLftkBUF-qqs6zY0V2QFS7aZVTW8Sx9ry3T7MVRD_OvKjuhSeBKJH1UXT9m4_4EgqxJCRGOMXm5tZnZOGNnIGm5QKLdRfa0MSUpk2b2uCXriRZC2g1NEtT3j2VPiZpqZw-zvqvigzy6y9TglOQXm-C6-QiI8z9ofC4aslqKwuxP83JRSMLJaUVWYOVa2UfrmkwLF-k06DLN0-tciIRInHGvDWWIADIlvy595Wv0_3fHahFTwojA7ZVpir9KDcA_yTNNnuEx57bZGoZXevCDhzYccFRXKvenvYWv36YA-T4486OWbybL24COL-e8eif93Taqxfhsghf1p7ybQ0PF7ly-XWRmJgmu4O5lzc7ftT3gvbYihzdrGrXwmlTlkRcyC1NfmMEAEapjApN53VoSjw1oXsYf_KNBTanztnVvMTHIkIKsheMyfAbRofvZgNfIDDC1JndCTH2tgnCjUhVQ8qVw_80D0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3D4D 42 B
66 B 23ms
22ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvieJB8NgCxqgIAGWAixRExzgRbjqqzPx6Dy3sxMgHldnqf0OH2uXm-Zfc0UHXMbWh7J6RGYENvZ6lXpPqlrFBvacwc1WlcP23J318Z43jiidqxOIEqjhGw11r54UwnGnWsvkFWq6-JS0a4khNM-pbT&sai=AMfl-YTVupsfGBx4ZmUhdsqKEZqECFdPy7Ypgiq3vS2a_cRN0kTx-e6WeIP9GnLevAoe2wpPbqtrqPcgX6eWxzFFaskbRTBtLngvsKyByHy2IOhUo_jUtI4-wq75It4&sig=Cg0ArKJSzKu_6PRtBL_cEAE&cid=CAASPeRofsV_oHz9JhHCE1uD7IZ8jF9QNrw4rqBsIL99JpWf_UYwLp-LxO9dEqUlcIWjwHonLGpLCjduiTyCnUI&id=ampim&o=320,483&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=309&tls=1309&g=100&h=100&tt=1310&r=v&avms=ampa&adk=1855475046

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D73 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=3986903596494238&bg=!3d6l3v7NAAUoamvQKFjOuVTFa61YQgIAAAN_UgAAAIFoAQcKAWosUrPHNliO8MmNzEXaTK8mWZRI0f6NUhv9GF031W8kYeMf9VACbSduB0r8Wh1sZdCnxNYGQxIL2q2Krm0bzm_K41yj3rATKhmOFY3IHKWTCZmulyDSIFAKOnpqAt4eBa38xhifjITzIqfgsquS0DxEKciT7RpkSUbtX1mORsqLj3Pz4DE7BexyxgCYkuEmFx9pz7ACstd4BpZ4eCwKDP1JwoSn31VgjeI8pKviDBStBfOjUJv7D6HbUsSJk4iXd_CXPYhrZWcY7rG6z2a5TQmSnP5xigBjyGqMfaX75RER7qxBSk0uwJzZIMx8pMd154zn9MWMX742NzzwFqVwEyP8YmnXtD2uABBcmP3aDbrpo7q6enwNwr1O-W_fUc6uIARTHfeI6SybrHma0NUklG4eRZ3SWvCQj2ruCeqHuF1HCYDf8HqGzp6LYBOhDXcolDipk0-4Mwj7m78hTMbih92oJgFQjCOQWihy0pkB_JcMV2fj0YpTXqPhUP1jUe7aub0AEW1qfM4v7ZHLJ8mi_3DIiqMRyHd2F4jw4TUTfNyJSTXZXEmL4-Mk49cCgZfxMjA3BbTQAboi3PhC0m6pfhTCToYchZvuIwwr4QM4sgLdfpwjHwdRArEHBtFg7ij0NOhiWMVKdAsl0sm1DRLYWmOgtq2KptT6QImj59E__xgv-sfpfUwaMQ_kz3uErNaZ-H47vAtsw2kE0RH3a1BYXMYtrgSKndkvNNdoeY_yF_YiPt8xIJxYTUgMz3RD24fENoCIFVXFfGzgaXc2iAekEPeidc_5hn-rQ-05VAFZ0VCVnYN5vHs5FVaXPINcyLoUaCke_BHdEbywC9bjbXf7B9qDibNst2BfeZRMf3Xsmy9JHaWsH_w-8NLFu4Dj0SCQKmq8AtwXNIgQO3Ks-1LCfL3Uih-6aRAftR1Iwp0djlPm2gm9K-CGmJ_tQlBMelvnfi0co7bUXuQIJ82Bahxw8FFQXKTAYkR0J3b0l3OMf8KWg_0Keqb2reyIK_k5QKvHTDl8UBwA1PBXM1_HwNv5Ky7aL6ZUCCH4tpPxC5nMZKzT46l1tzrmfuwnMopWrH5CFoQtSvcS_ykF-fekicT0wLKi4m5sVKPmS6-upTjYb0YJzI5pcc0uV2JBB_NJYJpOQpoip2yhiZAbxZ4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E881 42 B
66 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHqNETWLXQRafAwpybruTccNqiRHgDWLD9jqNSVxqiojNjF1fk0UpumXUG9R8ftvr-CUV8LpObWWpwPLgtZaHHl08OgINMpLKkUygGUaU&sig=Cg0ArKJSzP64X_Ub7XyUEAE&adk=3312051823&tt=-1&bs=1600%2C1200&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&p=0,0,90,728&mcvt=1051&rs=0&ht=0&tfs=935&tls=1986&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=825&niot_cbk=896&md=2&btr=0&cpmav=0&lm=2&rst=1605836130759&dlt&rpt=945&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C15798&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1986&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB6C 0
23 B 19ms
17ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=2359623818708034&bg=!trWltZXNAAUoamvQKFiDWA6inj5-qAIAAAL4UgAAAIxoAQcKAR411FJrQOFz3s4wGoDYaPKnuw-PGS5ACM2sRZ9YLLEpjrGQdq68lqCNFYdVLZv3o4UqUivHkOB6lVUx6Bt5ovdSplsbrScCqAQCwrplr7Q7mdeEGP0QDAnVKCulbQle-y_4wCi5XXawrc2zmXHKTkN-Oy7B6j4q6lbfSOQBUKd2d7qFA3s7DfBzS9Fz_kGa896mcm830Ypbr6DhwkBxOKklTZj7bA_n2pqhC-nmqU691ZK4epKBfAwsF7nwLER7CaQ75LtilG6ecYei59tN5jD3YSb3TvcokDROvopbjpMmufpOIHdn9_uUG-gP6trVEZIq3g10HcJXeAMmVJM57OQM2U2Y-5CXCz0Z812Q1wO7muWWoEjXyyNrCjs-lKxTmQH8k2VUctfE1uPMTo91UCkiRJqModwBVkDyUTdfkZVE0FUB6THhrqPwYozPHaUbT3gpe-SfnUPoSJA20-MwEBdda213f_gWxYcu6EdzMFwDd1TRNjUy3BGekxbUAryZYeykYYV7eXH7V0iYw3H2_pHFsuSRWTU0xYGtmR8VV_Byvn2tp7gcwmjpmm5aTS8PJP38Kx3veacl03yb0xqYBYWECdz1PzwkjX6rT244m3OFHU4bst2IPGJ3EbZV-Cxx0ZzxeulPGVNTpT6ln6H-Zm2DLEEWostbEnjnTKSH5VB7Q9uDRA5wOCeu0JdHcc1e65R_z8Q8AzIUFMejaBGlbaAnA8ykzIx0-lZ9KjkY7Pr6ClhNkLpNHIrimeHLkVQmETbxees7cz-tOb1Sibc5D6bZLL6Y5Kkl4yCP2o6lvewPjwyFBwWgy1LAkz6j6D1KCKsVs5GVz6mtVEwmp8jc0mLhWL9abHLGRGkKw08jOyChpuICzaTkMPb0e3ibwa2mYnmlS1VoqXu625teeM3Vvw_Ch676966CAD4eg57dOOxBOs8v--jrRLMWLmkQS7ywB18ofk7Jln14gO4bBMXv2ccafrVB33kzR_fGvLFwv5g_qsgsEgPOHGiLBOKSHWmvjNbyviIoaDOKrt_T8Td4yfl409DzAm8iBL5dlFu4wA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6145 0
46 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=1196560476795703&bg=!ammlaUnNAAUoamvQKFikm3vDe-ybHQIAAAOKUgAAAIloAQcKAFGTrXeiAsiZx2NGaUAC-J6giOXSjqZp4MsOAZISVgqhnlbQjJ2GpU22yjxUXd6vHIrcwph7U24FOjzZfHK7wsJOxwIvcvYfZyW-7O6gjgq52EmZAfxAFfOJmiay02vkPaJPM7UCeZAdil5DMxU5m2QDu5Sb08P0A3W8hihvew6DqPZPS2pS-dQXK9v1Q4QNyxKxRc67WM60Nuv41m_VxIk1gyfjfnbS3w1cHe_X2Lx4FG37h-qf1XiBWTjSgpELw2XuDHaJmxXU56Y9_cz7w-5c27_byu5luhY7z1c1d9by8qgCDkO6FD_xH3bbmi77H0B1SE1dYospjj15BS4yNhSyLgUZ-83rMSMcr6xVlhPsHu1adR475zumLLLWY06wKC4FRYqIHxYTG_XSKEKt2j2vda96gakU6iqUIXOVzvNTKC-EhGoo0GyVmx_o8STTelmjrqKu_cIF2HsGjrK0CKltQx9l4yrMpdt5u2To0goW-2L1hyPZDTmAarZRJlRTVSmP2ak5JrA-QqLWxjEQ_zqrhcR0yXyJvphrAi4-qmgtX-SnpUclOuB57biP7o6vVUK0GWBAsCVwUd1tbflUq80FaP74R7m_AvX2N0YTQGhw7Z6xVyaqn7ys0uJ9GIQ6jbx5JHoUeTF94Rk67c3-Ns3UcFmPQrtelyUdPkNWNWj6gVg7bRhzAtXOmVZoWRVF5EZ0RSsTFgVaQHNmr6VCjDPROTcyy8KB8gqpux9Slt1Hrv5J__T0I06Kc01vLjCtUsa9pIDNjm3c99kRhKJ3A-0R

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF70 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=806131981235947&bg=!-_il-NjNAAUoamvQKFjat_vEhws2lQIAAAM3UgAAAMNoAQcKAbvAEMembagEeMmpexXHgufBHtBSnwNbDZavMHD-MQcQVnKqtqaLbBhIWpe79vEwk5IuutEsVjG5oifMceq-QhoOjlV2LDI943l7Oi1uOvXUS1G3HfAkkOtZSl9J8NrUdDDLiuqOy5gY0VAzv3qK6LGE-kjMyt9PsN3BB4tQuZgHUACo62AfbAgW90ynax4Q1shu7AXbgxd2xy8AJmtXkZLrx7ooKipehniCfbP1mnGs8prCYUV6PVpa2CThcv5krXf4l5vShEuST_6ULN66vLFapwqpVeSMzbibim-dOPimq9kWwsZuBQSqVbQ50mu73NLTsp4-X7SUC9pG4IXk93XZYetghMioh9kAEUJgAk1UQESwXTA3fkDMWsuk2j0o7LO6fNxAA2XAzFWhOm39p7Vug1cPsw2Nasx2zMGt_DQilsGjcptUW9HJCIfpdKEDRznYHgaDzJBm4bu09vs-w_TU98QTgOyUWwNTtTYAysOHbvz93vSaHhKCofgwDGdtIXaeh2nSIoGGvx7ecW_GMurz8hrDnQwsipHd0WLohyYaU81BmmYobRrjs8YUxTx8rg1whOdF7uncHRfEFZkB_LRQ_EbolFkAbs5b5oO2IPujqWwzWN7bqV0RY4_P6FSEMwVbaJhORfaL2rLrgJPdHPMYQvSWR6Tco-lizfDddVe2qwANjivl9a4iul6qMosIsIzkfUHcD-HEBcgvBICdfyaaUcKLmDQ0Q1paDIk1ZWeXgJHlPsO-FkrxKfmfkxSmZROaCVaf3TeZGyaL3Lm7vCq7gGa4cqwlhQJSnucaeJHGBBnlyTAdtQaO7G1lM6kKYX4DUXNg69LiJXx7tlrXoufvyozPCI5O2vAHt1nn_fSL1sZcH7jplrQbIFiVyY4SBwV4qttmUVMTHWQAujYmmzBR20ewiAhZuCJ2G5eGOmvtEUmL8NMUt1palN8gpJcMUHGZ7MIU9o9LAgBeeHJUhhT_s48hh6J7cdxotYCiBMFUq9tpaf3y9XKJYHnMotQk5tXDQl6ppliJ8tYNSQxsfr8jXcV-7fIgDPPv86Y68-v1V6wiy3kv0sHB3Fnr7vS-yRooAY8iJ0HtqoNstHKHaJbtpgKrx5brg4fCAYBAh1JCbHczIHRRnCgMfE8OblT8N960XXIq0DXlTcWXXGeiDpg-xT2uMWevSE42Q7du2MqEiH_7omkZmugMvftTqqWheADgiZlEv0-beF-zEQiCiZrynv8H_lXUfKWS6HAHDa0_GD5nUjnSl4rnMpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E881 0
23 B 16ms
16ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=3334703367340624&bg=!pKelp4fNAAUoamvQKFifypVjbIQ2-AIAAAMpUgAAAGZoAQcKAN7FeLc4hqwKOuJBv6PUjx1aYmpn_ZZdH4CZQG8rQXYmHiNP5EEktMKNiy44ZPU0AsT5_kd27eDEY4YBROQMdYmc3aZNMrKP1UpHNySVTnCzB_fmYnlVIqelWou33T8KqmLoJ8qgI8TigLJJUJjGh--WrN2i-T2RaaL00918elfUZukmmm4zwF1zhTUJjRMLavrxkB_s-pJjQLqaS6h68CGoUE21XhZflKE5bpXUoGGT8KHk0IaSlJwgfpQa_Gm4F1KOt1Y_tyly0GeXIhNh-yVxG3RwMV_4kzz0TdgYMSaZAgK9OmmBnT3uRftGU7H87ACoZBc17KOWTTZOz1V_eypT9j6Vo1CMyAuOWoDmyEYn0I51qNdfAnPN0yWDYjt7cMgncAEM78InJ823TS7RzGgVymRNJoTwGvcWv0GGmlTyxhY5ESi1NlfPdDii48l7qtHJ_K1jRNGSld1sqxtOMi2D3erhD0k6q3kYw18ih0TlPrSNsMWWn-l-AMgzbtKKGOqAhwcraTFkrLtiYKv7vfXDDVcCMTLc7VaPjgu7_yzjOazQHTxi9bfiwtbo2E-PgoaNR-heZsoOLYwRCNjNn8FFOlWQLSoRsSjvEFtfcllCTx1UViFaeNtqwyctZupWZbpaUKNFkodyrHYSIfivm6N4SD7_-0GHjYwwe2f0a3kA6oANPkuK84BRlaWDLo7NsqOz0TFzhsgRPK6EBEgjDngM9w0JhSe5gOXFqUqRmtvE_oLZX_g5e_YA9tYEisuHAC2AR6e_Eo5m1DtLvWSTwILz0DHkXILk_syQA1aMmfwYC_6B2XdGuUnMndYJ6MzdpZTTVZRP2yvq9I_mjrcm0boTe7foiSq35vNrop7k81KQ-5wpU1_ZBHhL6llunGKXujn8h7ReNRmaMGHKYnfcL1SElKq93EwPERApxPPZp85ctUeHIlGIpVIumD3Ytwr5RBJAjXse7gqBJYe86RkjPE4TR02D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2F5 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=944300928043226&bg=!aGula0vNAAUoamvQKFji4OONwpYhfwIAAALyUgAAACtoAQcKADo1NrU_BwA63ZgPnEBwPHKo7qQSX-1sQ6hJGu_PPWnW5yNe5eniyG8rR5m91BWqNWxhPu8wrg6ilMY5mQIChqd2on4GfFWX_CgXwU4vRoNaGgKTMaTSJ7PTpinCDRzd1vifl6Li2oaFx1mcyqfWCNPJSJ-JNyYJseBYbNxbA4hFGzRcwTbWNba64_ZVr-7oZsxoLlyQQ4N8M_yHRmpY1pFANL1-AtdahPwU0zi-k3xelO3IqPXyzyJ3dYU5r83vpX47KT37qnYmlCjROE5-_6MQDK_hzpUyGuVwAYgr76C7fOtBCU_SDeHISBWMbEsjwHz6cMdV_2mCOoWTME_tDX8ddoxTpYrS8CYByY5lCSF8zPZ5qZ806Oj1H1G4ar3btf7_8kQvnSI3iAwOzeKDivRSZYZ--nFfKUf8ztLxq-ODq_yQcSOhusZ6MTDKN931mPvkLxpdNfbTuLGNMYfdV12gfsxLtbawoAoJfmfZ3ByMFF3zybXvfwfQmxAxmMEvwl1mI0-ppE0-_V6zSPXRaUg9eaqj58OZV984eybb0R7SaUG8v1NKFsTBuD0PEe4iocOnN1u8ls7VOBjbxBnAPRy5IA5uw88rMdWu1SiaefxJ92m0Vd1XPKtgTx0ObDoyxPHJTXgO0i7JJLD2UAj8G9iQtKNL8sg3DhyAA_xrHTUAV8eGCGViupCrfiO6ATCxtNSocTNZaxIYiAWgNxT_oP4rXhmFZLCZ0-uqTFKl4Lyuo7NLrYyNcTc_B1FQvRxzCg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 01:35:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 18:23:08	Name: VISITOR_INFO1_LIVE Value: Zdlrwd-oBXo
.orlytaitzesq.com/	1970-01-19 22:50:58	Name: __auc Value: 0bb5b6fd175e34ac2dce2601be6
.orlytaitzesq.com/	1970-01-19 14:03:57	Name: __asc Value: 0bb5b6fd175e34ac2dce2601be6
.orlytaitzesq.com/	1970-01-19 14:03:57	Name: __utmb Value: 209516236.1.10.1605836129
.orlytaitzesq.com/	1970-01-19 14:03:56	Name: __utmt Value: 1
.orlytaitzesq.com/	1970-01-20 07:35:08	Name: __utma Value: 209516236.1020210520.1605836129.1605836129.1605836129.1
.orlytaitzesq.com/	1969-12-31 23:59:59	Name: __utmc Value: 209516236
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 38KRtMRpGIM
.orlytaitzesq.com/	1970-01-19 18:26:44	Name: __utmz Value: 209516236.1605836129.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 http://www.orlytaitzesq.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22b382d475a5b4e590d5e060899505cc.safeframe.googlesyndication.com
3ecfcd4e5e13f1bcb54b0907058aa30b.safeframe.googlesyndication.com
6eb15277e7829a510c29fc3c4840b5c7.safeframe.googlesyndication.com
92713f7f149d5899b76f48411c2075dd.safeframe.googlesyndication.com
974fb119e4e402415781d0de7af8b2da.safeframe.googlesyndication.com
abe1971ed40a5e15802e446949ebefcc5.profile.sin5-c1.cloudfront.net
ads3.mthsense.com
adservice.google.com
adservice.google.de
adservice.google.pl
api.lanistaads.com
b858f05e4df9e0be9c6e4add1e73bb48.safeframe.googlesyndication.com
ba0827bec1644166cbbd0d6728cbb6c6.safeframe.googlesyndication.com
buttons.googlesyndication.com
cdn.ampproject.org
certify.alexametrics.com
cloudfront-labs.amazonaws.com
csi.gstatic.com
d2tbmvllb55wxq.cloudfront.net
d31qbv1cthcecs.cloudfront.net
e9b1825aea198706d9d2358814dfc1ee.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fs.gweini.com
googleads.g.doubleclick.net
mail.google.com
media.breitbart.com
orlytaitzesq.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s.gweini.com
s.w.org
securepubads.g.doubleclick.net
storage.googleapis.com
syndication.twitter.com
tpc.googlesyndication.com
us.i1.yimg.com
www.google-analytics.com
www.googletagservices.com
www.netvibes.com
www.orlytaitzesq.com
www.paypal.com
www.paypalobjects.com
www.petition2congress.com
www.thegatewaypundit.com
www.youtube.com
104.215.88.166
104.244.42.136
13.35.18.134
13.35.253.118
143.204.201.114
151.101.114.133
151.101.193.21
192.0.77.48
193.189.143.34
216.58.206.2
2404:6800:4009:81c::2003
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:555
2a00:1288:f03d:1fa::4000
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2010
2a00:1450:4001:806::200e
2a00:1450:4001:809::2005
2a00:1450:4001:814::2002
2a00:1450:4001:814::2004
2a00:1450:4001:814::200a
2a00:1450:4001:815::2003
2a00:1450:4001:817::2001
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::200e
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
3.210.81.118
3.23.172.181
34.98.126.214
35.241.35.213
52.207.113.150
54.192.229.86
54.192.229.87
67.20.113.97
72.21.202.25
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba
08dc13a9d37170cf50ac4b17f98bbdceb05010bf473ffe134ae8e819b1919c15
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200
18d47f9d5d422421547df83d4dbaa24fa34592bf4285b10a1b045aa86f9d7f1f
1bf08bc03bc0194bf530b97aaff470fdf921322860a2c8947842f5ca541767dc
1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b
1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a
1feca2279a6e78133bf577b99e4f3e82896622c255d29017cec5f5cfa93e4d16
20e6a960e098918a85fafc66d1bfa2d75a7063b7615cf578e475c33b5ad0b499
21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53
2284859e007c0ca5b71c51cab40d3c883aad27ed01552771a54ae43fdc22da37
261275faae4ee3fa8c82e8c64700f12ce4bff66410d5f6a3dfd4dc64176bb67b
2820f9372d876470bd214e0c4d0bdb5ae1d84acae01d126865174c0cd11c5ccc
28fa503186e829dd4625cc83157b896263026819802e175ab53776c7552a30c5
299cfb7bb4fe64211da4b4bde79af3df1b685d23713affdc1de81359ac1606fa
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2c01dfe4b297f7d504e808210466ae12e6296754cd7a8d370cd4ca8c2f5e827e
2d16591ae8f41ee2d8d722d1bb11212fd7546de08b727df43b33cc9a2ded9155
2d65381c26070d4eced639cf18ef831c98152f7134a2c58493076ae2ad8fed27
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed97ada7ee23dc9505d2acd0ab86d80e8f2e3d7b133a092c839d0e50471b55c
2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2
2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6
343456120380b52d2774ff96866173e5e845d9871253beebf95abbe46a9044ad
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2
434ab7929510cf842b41ca73cd3d3aa1386ece90ee900afcd58e824c2afe5cea
4550508652a41a48e642686ac18e08a003d9b870fd150e6c3c12cc649c1e05c2
46ae073c75041cf7949c6990e94c0026e01f8de08578e16f466a206b3d1e6342
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47b5d46cb52aee2f25fed79375e101c53e613d950efc1f69dceb27a887450c1a
47c8af61043cce456a13f02c51b18bc1bad68d1fe34932447a3a844545826c6b
4e531c09549f103a84113e9d3d1ca00d268087f54fa60744bd8ac5fd9ddd22d2
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
55aa10c520820efc278e36fe19790a41aca0bd582f202a7fae6637941a025ec7
58f8741f9cf8e08786c805251c72c9680ea2552d9de1987b262a4f67ad01c013
5a66a9eb842badbde03b4eea09c267bbacf465b5918ff890a3532a72a29cc41b
5b8955aa76e21bdffb131ac5ac86e83023b6b0e9065b8f53c5e4ec8eedc7dd57
5ba20d1ee0ed439de04b107f0ac7c9c25b2bcc3a6da25358994995dbe6c70fe1
5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62f98499ab29b0cd9a98eb3454f94f09596e04952d9566a3b9ea0c2d6b78cfef
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
674f78aaa8cdeeb515888064ed24ce02330148c647815477f8747000c92cbd9c
679609fd573c819570b0da4190de3afe3e0218c557446798d325766576837c42
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
6d006d41c84deae696150435643da5a9464d60f86831b945f6a5511ef2cdac53
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7004ac125a40f52a4d71a0aafc90f6a0ec317b0e8ca6a8b631c0e1dedef05cdc
71bee76ba0eba171ef8d5f3ffb9339e35713c31cb5ca2e2f903680c33264e31c
731abca0abc353321f13155a7b3bcafac7a2e39c47e9cfd1eb0d7c449de07222
746a77454c435ea3ff0b95c7d8269058aa331b81ef62428f4e07b276536c76d3
763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da
78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86
7c0ca7b0148fc372b921010e62ce4d2d4d879ae22eced87ccfaf108c8db43c6f
7e936a6ff6918d499ccc4a58817dd4a083e956aaa2d6e8139924c73b5c1a90d7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88fc45b3809bb3121276292e818573c7ab2cbea9a4ba13966c7b51ffe185d9a4
8992d324dacdc64f1a8440e4e5d120ada556b49e1284302e46d18799c23e6ecb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a958dd4ffc359b59d09f98a8a4a1d54783302b058f75bc13cb5687923ddb843
8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458
8d1d98f89b7445f7ac0924ce47772dbc3250ff4576d1973c5c06908e0c44fe9c
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
96786b07e6c44c944f621d30adee4d49848361278cbccb1b6a457fa0e547f03f
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea
9a3da1e1fc4ab72ebb9f9b073a7dda31b7944d416e57a4e2bdd1f1159b3b991d
9b02785448c88bff23049ee2f1eea7eed717e8c61918a9f11f3fbf45745572c9
9c5ab2c6b83954286dc790037be743189667da5dcb5545e814167597f7207e05
a027f27ca1710146533207f5237aef2162a2124468eacd136124beb522432010
a097c7831a8d96f2290acbed90eee2ac475ec536846d11cc181735422121b205
a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
ae8d679563f9dda3e661b8548f5d79ef87157dfbeae8745e9b39dce177832708
b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b4353de0665903759f03d143b99ad685e44b00ab0a7cb9a8ad9b156ab2218b96
b43f2bca5f3b450ce0ebb9ef1f46a98c70782a9ac53e9d8d72c36ebb4dbdd9c5
b502d47f3322506391caadc21225ecae1dc4286c62ddb753ef10cfb357625801
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51
b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9
b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de
b94b5042fbfaf8d38708dc644793a2c0d0ff7ae96fbf47bba85e5a711a90f9d2
bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bfdaa36de9e2564be0617e4642fc4993369eba9f41fc6f065004626372b15b8d
c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
cc44a56debfd307731e05a47b37e6a448dad0729b4b901eeb05833cd41a3bb47
cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74
d0709d6c180cab4344ce88fae410c0fb68d07795159e1061056e2f2ecef9cd48
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d8580013fe0e2da240c72da21ebb99c70dded3ca39dab08d2c720d8a1297b916
d8b8cf67ce51db340578a8fd02f88ba64d36a55149a38303fe9620a13ad7746b
d987cc1a2e2f4d8cbaf01bc4896c9fb1bf0ef9e9456483c39d376c2edc30f0cc
d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc38ad0311ad130be347e637c2e3d954d400fb8036d35f6aea81a4910ad24cea
dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5
ded93aed18031ce823b0bbcfb82c4e1803f51ae5ecbbc5705925016ad8194d2a
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e0c92fdf17857106cbf957518931c2093e89a8117bb83d78d33a3f18c8a284ae
e1ee059a4819391076bf53485e787951a0eef32f773931c58b9154657d5a0110
e34df181c4daec4aca7ff50934b75b946b90dfd4dd47ceabbfa8e847a5e4e22d
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e386379d6307a1d36c8c9d914c9d37d8a4e2ab01e025af92b73ac286a4803554
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e488ed52242ca642757cb293b41b8162338b5f18ef2d6a1d51cb08ae52cf5f41
e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9
e6a6f581f8d8e20533e2d574a21a86797e1f66486024fd2e43c881aebf2f2f71
e719d8fa82926d14f05a54aa4036de88cb9c4f63de1738a519ff7f90383d52e6
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ebff79fcdc92802fc42067502f7eb89a5c7d357d6af20ae411cee852b628d3ef
ed30ed233af3f2467e420a1e77cd6e2645912e03ae2cc0b687a13a8adcd6a097
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e
f332ba9cf9fe723c47ca1b6cc8b2d87c9f443f444b485711a6be3607282195dd
f3521f561f4df71fe6b21d2a9553ce7f95b79f6c5dfbb759d10114a91d7d0abc
f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c
f6812a8f0e85be7e87cf05aeb4f7aeff4434f6d8f3dc302a17a856b62b7f17bf
fc290981fad6f026af1aaee029427d8e5d914d999aebf36a4aa8cecaf4322583
ffef44bdc40c9ac5f9bb20a73291bbb5f6e7f584dc5962cb45adcbef5b7400a3

www.orlytaitzesq.com Open in urlscan Pro 67.20.113.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

79 %HTTPS

50 %IPv6

29 Domains

48 Subdomains

36 IPs

5 Countries

4233 kBTransfer

7840 kBSize

9 Cookies

60 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.orlytaitzesq.com Open in urlscan Pro
67.20.113.97 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

79 %
HTTPS

50 %
IPv6

29
Domains

48
Subdomains

36
IPs

5
Countries

4233 kB
Transfer

7840 kB
Size

9
Cookies

256 HTTP transactions
8 data transactions