tomandlorenzo.com Open in urlscan Pro
172.67.70.205 Public Scan

URL:
https://tomandlorenzo.com/
Submission: On April 21 via manual (April 21st 2021, 4:08:46 pm UTC) from US

Summary HTTP 310 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 80 IPs in 8 countries across 62 domains to perform 310 HTTP transactions. The main IP is 172.67.70.205, located in United States and belongs to CLOUDFLARENET, US. The main domain is tomandlorenzo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2020. Valid for: a year.

This is the only time tomandlorenzo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
68	172.67.70.205 172.67.70.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	104.109.90.77 104.109.90.77	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.30.24.107 184.30.24.107	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700::68... 2606:4700::6811:4f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
3	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f113:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	184.30.25.161 184.30.25.161	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:8200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.224.102.122 13.224.102.122	16509 (AMAZON-02) (AMAZON-02)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
7 7	52.29.176.117 52.29.176.117	16509 (AMAZON-02) (AMAZON-02)
2	35.164.25.130 35.164.25.130	16509 (AMAZON-02) (AMAZON-02)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
4	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
1	52.35.237.254 52.35.237.254	16509 (AMAZON-02) (AMAZON-02)
2	44.239.227.210 44.239.227.210	16509 (AMAZON-02) (AMAZON-02)
3	35.156.13.167 35.156.13.167	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
7 13	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
6 11	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
5 15	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	18.194.69.169 18.194.69.169	16509 (AMAZON-02) (AMAZON-02)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	46.101.132.18 46.101.132.18	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a04:4e42:1f::84 2a04:4e42:1f::84	54113 (FASTLY) (FASTLY)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
11	2a02:26f0:10c... 2a02:26f0:10c:486::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
19 27	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 5	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
11	213.254.244.13 213.254.244.13	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba08	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:211... 2600:9000:211e:e00:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.124.9.99 3.124.9.99	16509 (AMAZON-02) (AMAZON-02)
2	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.169 213.155.156.169	1299 (TELIANET ...) (TELIANET Telia Carrier)
8	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
2 4	52.19.21.254 52.19.21.254	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
2 2	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	18.158.22.14 18.158.22.14	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	184.30.212.16 184.30.212.16	16625 (AKAMAI-AS) (AKAMAI-AS)
2 7	3.124.79.200 3.124.79.200	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.99.7 3.125.99.7	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.215.44 35.210.215.44	19527 (GOOGLE-2) (GOOGLE-2)
2 3	52.51.154.44 52.51.154.44	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
310	80

68 172.67.70.205 (United States)

ASN13335 (CLOUDFLARENET, US)

tomandlorenzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.109.90.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-90-77.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.107 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-107.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:8200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.102.122 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.29.176.117 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.25.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-25-130.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.10 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p24.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.237.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-237-254.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.227.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.13.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.252.173.62 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.108.145.8 (Berlin, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.244.159.8 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.132.18 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1f::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:10c:486::4469 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.98 (United States) 19 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.31.88.106 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 213.254.244.13 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20516.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20520.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20240.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba08 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:e00:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.9.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.21.254 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-21-254.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.227 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.22.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.124.79.200 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.99.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.215.44 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)

ads.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.51.154.44 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.232.32 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	tomandlorenzo.com tomandlorenzo.com	9 MB
47	googlesyndication.com d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	200 KB
45	doubleclick.net 19 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	215 KB
22	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps.doubleverify.com tps20516.doubleverify.com tps20520.doubleverify.com tps20240.doubleverify.com	149 KB
15	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	34 KB
15	openx.net 5 redirects propermedia-d.openx.net us-u.openx.net eu-u.openx.net	3 KB
14	adnxs.com 7 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	11 KB
11	casalemedia.com 6 redirects as-sec.casalemedia.com dsum-sec.casalemedia.com	10 KB
7	3lift.com 2 redirects eb2.3lift.com	3 KB
7	yahoo.com 5 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	5 KB
7	bidswitch.net 7 redirects x.bidswitch.net	3 KB
7	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	99 KB
6	googletagservices.com www.googletagservices.com	208 KB
6	twitter.com platform.twitter.com syndication.twitter.com	149 KB
5	teads.tv 2 redirects sync.teads.tv	2 KB
5	2mdn.net s0.2mdn.net	190 KB
5	google.com adservice.google.com www.google.com	287 B
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	37 KB
5	iubenda.com cdn.iubenda.com www.iubenda.com hits-i.iubenda.com	71 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	14 KB
4	fastclick.net secure.cdn.fastclick.net	152 KB
4	facebook.com www.facebook.com	138 KB
4	gstatic.com fonts.gstatic.com	65 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	adform.net 3 redirects c1.adform.net	2 KB
3	sharethrough.com btlr.sharethrough.com	343 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	10 KB
3	taboola.com cdn.taboola.com	141 KB
2	programattik.com 2 redirects ads.programattik.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	994 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	besafe.global cdn.besafe.global	58 KB
2	google.se adservice.google.se	921 B
2	pinterest.com assets.pinterest.com log.pinterest.com	19 KB
2	districtm.io dmx.districtm.io cdn.districtm.io	427 B
2	dotomi.com web.hb.ad.cpe.dotomi.com proc.ad.cpe.dotomi.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	addthis.com s7.addthis.com	190 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	96 KB
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	444 B
1	simpli.fi um.simpli.fi	607 B
1	zeotap.com mwzeom.zeotap.com	595 B
1	criteo.com dis.criteo.com	304 B
1	justpremium.com pre.ads.justpremium.com	4 KB
1	brealtime.com biddr.brealtime.com	1 KB
1	createjs.com code.createjs.com	48 KB
1	addthisedge.com v1.addthisedge.com	985 B
1	emxdgt.com hb.emxdgt.com	160 B
1	lijit.com ap.lijit.com	778 B
1	1rx.io tag.1rx.io	173 B
1	sharedid.org id.sharedid.org	215 B
1	id5-sync.com id5-sync.com	532 B
1	quantcount.com rules.quantcount.com	346 B
1	moatads.com z.moatads.com	1 KB
0	rlcdn.com Failed api.rlcdn.com Failed
310	62

	Domain	Requested by
68	tomandlorenzo.com	tomandlorenzo.com
27	cm.g.doubleclick.net	19 redirects googleads.g.doubleclick.net eu-u.openx.net eb2.3lift.com
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com tomandlorenzo.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com tomandlorenzo.com tpc.googlesyndication.com googleads.g.doubleclick.net
11	ib.adnxs.com	6 redirects global.proper.io googleads.g.doubleclick.net eb2.3lift.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	us-u.openx.net	4 redirects googleads.g.doubleclick.net eu-u.openx.net
9	cdn.doubleverify.com	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com cdn.doubleverify.com s0.2mdn.net tomandlorenzo.com
7	eb2.3lift.com	2 redirects global.proper.io eb2.3lift.com
7	googleads.g.doubleclick.net	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com tomandlorenzo.com
7	x.bidswitch.net	7 redirects
6	www.googletagservices.com	securepubads.g.doubleclick.net d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net tomandlorenzo.com www.googletagservices.com
5	eu-u.openx.net	1 redirects global.proper.io eu-u.openx.net
5	sync.teads.tv	2 redirects googleads.g.doubleclick.net global.proper.io
5	s0.2mdn.net	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com tomandlorenzo.com s0.2mdn.net
5	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	simage2.pubmatic.com	ads.pubmatic.com
4	match.adsrvr.org	2 redirects eu-u.openx.net eb2.3lift.com
4	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
4	googleads4.g.doubleclick.net	tomandlorenzo.com
4	secure.cdn.fastclick.net	global.proper.io secure.cdn.fastclick.net
4	ups.analytics.yahoo.com	4 redirects
4	www.facebook.com	tomandlorenzo.com www.facebook.com
4	fonts.gstatic.com	fonts.googleapis.com
4	platform.twitter.com	tomandlorenzo.com platform.twitter.com
3	match.prod.bidr.io	2 redirects eu-u.openx.net
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com eu-u.openx.net
3	c1.adform.net	3 redirects
3	tps20520.doubleverify.com	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
3	tps20516.doubleverify.com	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
3	www.google.com	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
3	c.amazon-adsystem.com	global.proper.io c.amazon-adsystem.com
3	btlr.sharethrough.com	global.proper.io
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com tomandlorenzo.com
3	cdn.taboola.com	tomandlorenzo.com cdn.taboola.com
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	ads.programattik.com	2 redirects
2	pm.w55c.net	2 redirects
2	eus.rubiconproject.com	global.proper.io eus.rubiconproject.com
2	rtb.mfadsrvr.com	2 redirects
2	sync.mathtag.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	secure.adnxs.com	1 redirects
2	tps20240.doubleverify.com	cdn.doubleverify.com
2	ads.pubmatic.com	global.proper.io ads.pubmatic.com
2	cdn.besafe.global	d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.se	securepubads.g.doubleclick.net
2	syndication.twitter.com	platform.twitter.com tomandlorenzo.com
2	hits-i.iubenda.com	cdn.iubenda.com
2	pixel.quantserve.com	1 redirects tomandlorenzo.com
2	bids.proper.io	global.proper.io
2	usync.proper.io	tomandlorenzo.com
2	www.google-analytics.com	tomandlorenzo.com www.google-analytics.com
2	global.proper.io	tomandlorenzo.com global.proper.io
2	s7.addthis.com	tomandlorenzo.com s7.addthis.com
2	cdn.iubenda.com	tomandlorenzo.com cdn.iubenda.com
1	ade.googlesyndication.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	pre.ads.justpremium.com	global.proper.io
1	biddr.brealtime.com	global.proper.io
1	cdn.districtm.io	global.proper.io
1	acdn.adnxs.com	global.proper.io
1	tps.doubleverify.com	cdn.doubleverify.com
1	code.createjs.com	s0.2mdn.net
1	log.pinterest.com	tomandlorenzo.com
1	eb.proper.io	global.proper.io
1	v1.addthisedge.com	s7.addthis.com
1	assets.pinterest.com	tomandlorenzo.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	hbopenbid.pubmatic.com	global.proper.io
1	dmx.districtm.io	global.proper.io
1	hb.emxdgt.com	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	as-sec.casalemedia.com	global.proper.io
1	fastlane.rubiconproject.com	global.proper.io
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	ap.lijit.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	www.iubenda.com	cdn.iubenda.com
1	id.sharedid.org	global.proper.io
1	id5-sync.com	global.proper.io
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	secure.quantserve.com	global.proper.io
1	z.moatads.com	s7.addthis.com
1	ajax.googleapis.com	tomandlorenzo.com
1	fonts.googleapis.com	tomandlorenzo.com
0	api.rlcdn.com Failed	global.proper.io
310	103

This site contains links to these domains. Also see Links.

Domain
feeds.feedburner.com
twitter.com
www.facebook.com
instagram.com
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.iubenda.com DigiCert SHA2 Secure Server CA	`2021-03-26` - `2022-03-31`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-06` - `2022-04-11`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-31` - `2022-01-30`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.se GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
cdn.besafe.global Amazon	`2020-07-23` - `2021-08-23`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://tomandlorenzo.com/
Frame ID: 0FA05C9EEF1E0EA6078D64045347E74C
Requests: 144 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Ftomandlorenzo&width=450&layout=standard&action=like&size=small&show_faces=true&share=false&height=80&appId=136301103114664
Frame ID: 149BEC5FF913CA1C6F58AEEB65F240C1
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Ftomandlorenzo.com
Frame ID: 7DB733A2555B54866156B86D72F75229
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.63899b173766ee6f8a729a72b542b0fb.en.html
Frame ID: 5A0ABB46DEFBEA47DA633456C18D9450
Requests: 2 HTTP requests in this frame

Frame: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B51F69DB7813F303E169EDC21EFC5151
Requests: 17 HTTP requests in this frame

Frame: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E21A6133B166D82F0A555A620C6795F0
Requests: 13 HTTP requests in this frame

Frame: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A6675BA7AA24F9ABB72DD01EE95D0309
Requests: 17 HTTP requests in this frame

Frame: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A8E2DCE9B9CB4609A63EBB064A01224E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGJS6uqABMAE&v=APEucNVTeHmYB0sKZ9-pv9x0TfUbUKmbxOUaRKEl5ffbwfymQ4i95WBjsa8Y0eobO-ymhRzhRnQfglKQY7D37SL67bS_kKMaY78TjcSVoRO-_rCXw_WlshgUKl-BADep16SFqDjNcFH7ReKoSGWpcub48e4VJknKSEdtHc3L5zLp-gpGunE2wRWzVxJUM_q4gXvzX2NBFnfo-uV7mcLVz1NbfkS5q4hVhw
Frame ID: FAC1C9B1BA210D0BDC71E2087081930C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQrM_sAhiDpcqeATAB&v=APEucNWE1io1v_h8dhsINNON2aGQmiAgW0F9X2Xi3ear-hOoGbbqV3m3foioSVdsQL80IxiK_wLOSz1ZAqfRXd_s5NAHqCPZNjHEgWEYa0hkk4_lNVN1SWemkGkJucSS3K03kK68YxWAV8BMjDMTm73Uesr7xOpVm-sBLEr50mECsLP_8iIYtcq6HQ1WeX3HgTYbcyn7uQsm_7HWcseYgOUyoplUWsKEyA
Frame ID: A42D49A2F2831943B9A301E1E2523226
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNU1yKLzaScT4KDYvDF9O-dm91F2k2Czqr3Nir2J4YWXzS9Qz48-JnpZHVIi4Z127jGCY3c11XqKHnSNWOJuCE7EAkBxw_lcdd4gA1FO3UeKrmShxgxXVxvv3flW8Yt_ILzDg22M9ZBpzEchUJvIh_syXvyCzwI7APdIqjVCrSjIaBOXllIsw1wAjKkVBk30XK5X6YUoHimy-HRQBjYoeWyML5CSEQ
Frame ID: D2B9EAB6C43534E8B7F27264262AF1FD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNULEFpHEM8_wTX1xlIWgtjte-xC_FzzWNgfjrmN3liKAH0a1fcGNu6B9hpIJXV6ZlRxNPEIxyq-tKSlmvnZB0jkH9iHM9ERTT26dOYEvtTNfxKFjQBLhxnpCnnD00NU8nAUC9WpkzNLfDKeP8RsMwvrg5JEy8UEeEkD1YanYnN0LuE_VKfqqQYYY4i1mVm3yW9QN8fdA50tWmDAMTc4B4uiBPMX_Q
Frame ID: 99FAF8898F8241FF6612375881988892
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FD1935BEBA5EE8E54721D05C8EDB3ECE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6C3DA2C121C941842134FE050376A2B8
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1h6JsNT6XuE0QONE-F8RXWpXbzVX1lN0YkCcerwy8_xbV_qH1TgPZ8HYq4plZPcWFPUBAQk3r3il5ibvrphzYUi5bMuKDrbFj6Ud6mdO-HsiExoUz3V-N0qXXc9b_VqtQBmnD03krevsg4-ITI6LJE-QWAn3LjJwXL8uKiWmMU_WDFtAdp0sNM8d8D_dzqOqN38FfuCIkNxCymUhHxlTARXaNTcqKBrOqE3z-qFBRK6Hv1EHyUDOJW_PA1iX5lWqlQAOynDmixJBMQvwK2bqX2pUQDWQx3PdmF9XoBT5Ev2p9NQGUmf5WrdS_RklS&sai=AMfl-YQrEJScB96S6qPc8_oKd0f5k6ikMOTHLBcLRliqvml9u1UCStNV_s14u2N80gvBtfEcp4Dh5mk6M6iZrqCG8XftsY5UQJ5-pAbKkObTjkKPRAs2WLw-uwn3y7wSCbc&sig=Cg0ArKJSzIP18hmQPK_jEAE&urlfix=1&adurl=
Frame ID: E58E8809889833BF26D344CE11498004
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/index.html
Frame ID: 21FDC74D760C52F305E8E3967548B88B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8C7495902D208F51C0667FABDEFAB528
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C3DD8F23AD19A215846351CB2EE14466
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 30A57F454E8D75980306692167262D3C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 9CE92653077B4286B15DA1F4E7444F04
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: AC304C0BE2EDB89D1F2B5BA4A51C6666
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 07497412C74967D2B144B295003B31CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5F89E7380B48AA3D36E8FB23AB19471C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1165.js
Frame ID: 3D57E6B2D11CAD1DBA74315AC2F2352B
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: 39CE4A74EB19BA9651832BC284A0BAA1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F6E83B4AD3D1F480AB4679603985D6CD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 03D9196F16CB7BE4485141C131D523AD
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E6C2675AC1BCF8D2D948CDDF09742FA0
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=akomur1619021303611
Frame ID: 40DA932A9C732E44E093B41310DB0115
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B34E00FD67F0FCC90A53BBA81ADB56D6
Requests: 17 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 63141AB8623FB18590BC4763F37EC07A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4776947433013387682
Frame ID: BD76BD28CE0C3306AF97923F1BC88284
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CD8D66614334EEF07D0EE7EEA2B32D4A
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: CA0CC0032BB0F812A1CC6B7599C91B46
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C4FD6C15FC685944B596370CF475D16A
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 82D913A8CEC0CF3C4277F66A895B9E15
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

310
Requests

100 %
HTTPS

33 %
IPv6

62
Domains

103
Subdomains

80
IPs

8
Countries

11504 kB
Transfer

16814 kB
Size

19
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://feeds.feedburner.com/tomandlorenzo/tlo

Search URL Search Domain Scan URL

URL: https://twitter.com/tomandlorenzo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tomandlorenzo

Search URL Search Domain Scan URL

URL: http://instagram.com/tomandlorenzo

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D58ce2fb4-2312-4347-b67f-b27dcf0929f1%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_94870783_de4b7cb4_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D58ce2fb4-2312-4347-b67f-b27dcf0929f1%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_94870783_de4b7cb4_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&uid=241e9e32-75a3-4739-8dda-59564a24d5e3

Request Chain 92

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_097e7092_9be6b81d_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_097e7092_9be6b81d_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZoRCwvNE2uHrOiHHj8EXEgrsEvor1u5W~A

Request Chain 117

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619021303842&ns_c=UTF-8&cv=3.5&c8=Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated&c7=https%3A%2F%2Ftomandlorenzo.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619021303842&ns_c=UTF-8&cv=3.5&c8=Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated&c7=https%3A%2F%2Ftomandlorenzo.com%2F&c9=

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIBN.t8oLq0aZZiadMH-nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIBN.t8oLq0aZZiadMH-nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1

Request Chain 196

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNDU3MjAxMTA1NzM0ODYzNQ%3D%3D

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBO2jQNRBfNnxT-JGwE_VF4&google_cver=1

Request Chain 207

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJ8DHehXGVt4wMC5unZyjfs&google_cver=1

Request Chain 209

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjlkZDJjOTEtNzRjYS00YjRiLTg4N2EtZWQwZmZkY2NmMzZk

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcNtJJxr2qo-yZe8St2DNg&google_cver=1

Request Chain 211

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMD39qw3GFMz0CSNKLPRGUw&google_cver=1

Request Chain 213

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzEyMWI4MmUtZGY4Ny00Y2E2LWFmYjEtNjE3MzYzODZiMjRl

Request Chain 268

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 271

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4776947433013387682

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cWctiqfUSHej5KO6PPvrCQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cWctiqfUSHej5KO6PPvrCQ%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 274

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 275

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&addseg=22

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzE2NzJEOEEtQTdENC00ODc3LUEzRTQtQTNCQTNDRkJFQjA5&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzE2NzJEOEEtQTdENC00ODc3LUEzRTQtQTNCQTNDRkJFQjA5&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGsjRTn8arWCiHaFXZjGYIc&google_cver=1

Request Chain 279

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a89d0053-306e-47b7-88aa-e83631fe94ff

Request Chain 280

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8743766757847171548

Request Chain 281

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd5a6080-4dfd-4c00-bb1f-f41824b0db26&gdpr=0&gdpr_consent=

Request Chain 282

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5833518869471164362&gdpr=0&gdpr_consent=

Request Chain 283

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=5c97d800-c2cb-4b09-9cce-a5be5db13e4c HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=5c97d800-c2cb-4b09-9cce-a5be5db13e4c HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=42184b8b-4fd7-414e-9cca-bc9981ff3a67&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c97d800-c2cb-4b09-9cce-a5be5db13e4c&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 285

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-90J7BjlE2uWLoNc.1pKhm9rN0OJzVoc-~A&gdpr=0&gdpr_consent=

Request Chain 289

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 290

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Request Chain 292

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=BZ7QD4qe1LzfoW5

Request Chain 293

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=4660e9a1-e0fd-47c1-9462-91da57a10b64&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=5c97d800-c2cb-4b09-9cce-a5be5db13e4c

Request Chain 294

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIdXhFN0JBSndBQUNyLUxmTGNKdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 295

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bd5a6080-4dfd-4c00-bb1f-f41824b0db26

Request Chain 296

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=e8b5b3mSpzpgl_dve87sOy7H9Wlgx6NuecAgoAo4

Request Chain 297

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8743766757847171548

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPIIosCxkJR4Td4FyjFGMk&google_cver=1

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECzgqv4aD4Oz9GkedKl_mXk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 304

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI5ODkzNjYzMjc0ODE0ODU3ODM%3D

Request Chain 306

https://pr-bh.ybp.yahoo.com/sync/triplelift/12989366327481485783?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-x9BsKZVE2oTxJBYq.JJwVZA8JREEec7dAZx50Jjbkg--~A&dongle=0883

Request Chain 307

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=5833518869471164362&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 308

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12989366327481485783 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12989366327481485783&dcc=t

Request Chain 309

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

310 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tomandlorenzo.com/ 107 KB
17 KB 723ms
645ms Document
text/html 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: e2385a1c89de07934b23f1d423cd5a3de373ef9fa07d6d3966c72c55e170c489

Request headers

:method: GET
:authority: tomandlorenzo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302; expires=Fri, 21-May-21 16:08:22 GMT; path=/; domain=.tomandlorenzo.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
cf-edge-cache: cache,platform=wordpress
access-control-allow-origin: *
link: <https://tomandlorenzo.com/wp-json/>; rel="https://api.w.org/"
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 83
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 0996c9a1f50000cb002cbeb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1vPQ9vyRExXQF9GQOqCNntf0oPTHUBFIwedt0X8ET7dRleMLn13UqMFCOC0%2FcaIsrAj%2BYdQvzPnDXEsfiR3mc0MvwNmDqd9tab35CT6LJFtTFw%3D%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6437dee329c7cb00-ARN
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 79 KB
4 KB 23ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46f55a528726b81fccd758ec20a258c0e843ba848366c2e2f7c2d2c6f89c9b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 16:08:22 GMT
server: ESF
date: Wed, 21 Apr 2021 16:08:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 16:08:22 GMT

GET
H3-29 200 formidableforms.css
tomandlorenzo.com/wp-content/plugins/formidable/css/ 106 KB
17 KB 163ms
120ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/plugins/formidable/css/formidableforms.css?ver=4112026
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d573a89cf40ed2c0edf9028b71e431b89926993eb676041117a549ac6821d981

Request headers

:path: /wp-content/plugins/formidable/css/formidableforms.css?ver=4112026
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 848148
cf-polished: origSize=112557
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c4000016959698f000000001
last-modified: Sun, 11 Apr 2021 20:26:52 GMT
server: cloudflare
etag: W/"60735b8c-1b7ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NKVUOQ6rLXO%2BLYyka0%2FgRfXqAfuJmOg3Mq3PLhqEqdb%2BZlrkie5bbN%2FVUHQjTP2tdZOKtE9Vq202%2BJL6XZV2maB54vWbDpg3MGqztSuOI8cIUg%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f261695-ARN
cf-bgj: minify

GET
H3-29 200 style.css
tomandlorenzo.com/wp-content/themes/drive/ 61 KB
13 KB 125ms
82ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14cd65f2258cf8e922e3a051cff195b7cbe5d80cbcf5d2719a4d52a813f3cd9a

Request headers

:path: /wp-content/themes/drive/style.css?ver=1593468730
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11304299
cf-polished: origSize=78933
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c100001695da80d000000001
last-modified: Mon, 29 Jun 2020 22:12:10 GMT
server: cloudflare
etag: W/"5efa673a-13455"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wlcyUpUREoH4n0Bank3TloDHqVHzcEth39agp3lD3vTO%2BIyY9UeWLBvj21oobt3fDbixhZCHZKUQRlAqRZ6vcP1%2FqkpSLjiJioFyfAb%2FwRgIWQ%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f211695-ARN
cf-bgj: minify

GET
H3-29 200 prettyPhoto.css
tomandlorenzo.com/wp-content/themes/drive/styles/ 19 KB
3 KB 162ms
119ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/styles/prettyPhoto.css?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f41a8c95dba4c4fc7ae62a720cdfad05e2c88fb94b56ef52d6cf1c64acda5c88

Request headers

:path: /wp-content/themes/drive/styles/prettyPhoto.css?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217329
cf-polished: origSize=19889
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4bd000016958a887000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-4db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ee16zhBq6RL81PLbJ6Efhyzvfmg%2F7C3KqBJgPMZIWfEoPfDIYIlofamYGafwMp4q8ZM5Te6J06959lUbOAxBKPdDefiSe6G%2F3IUbD1Tg%2FEKoHw%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f1f1695-ARN
cf-bgj: minify

GET
H3-29 200 font-awesome.min.css
tomandlorenzo.com/wp-content/themes/drive/styles/ 19 KB
4 KB 161ms
118ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/styles/font-awesome.min.css?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224b7c59c0ad56aa59a1e5b869784834453f850a8d255301ccbb5ea7e5845fc0

Request headers

:path: /wp-content/themes/drive/styles/font-awesome.min.css?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217327
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4bd00001695c88e7000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-4be7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yyGI1NJ%2Br9jr6H7L%2BDlU3B5TTbhZ6V%2FmhoyOcQ00PdBKLQfCjFEDWmhw0UHVATYsPDUWs4DvCpgyf0vRQTk8V5q0IC7G%2BYav7lvXK7IHPOR%2BrQ%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f1c1695-ARN

GET
H3-29 200 font-awesome-ie7.css
tomandlorenzo.com/wp-content/themes/drive/styles/ 28 KB
3 KB 161ms
119ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/styles/font-awesome-ie7.css?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f4ac18ca30dc56af37910e34f126893f07228e4e7cbc801aecdd5bafba7cb54

Request headers

:path: /wp-content/themes/drive/styles/font-awesome-ie7.css?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217325
cf-polished: origSize=33490
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4bd0000169568849000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-82d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oQv5XAsWshJhhSxLQVfYJe%2Bzqr8oaSzk5aaalG3HjA0fXJQ2wYu0c4H%2BTWFtSBUBOL0x7bJb2N%2FHWUxu9gE9%2B9Bgob001eEZdKWXVaAQJGhxdg%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f1d1695-ARN
cf-bgj: minify

GET
H3-29 200 social-media.css
tomandlorenzo.com/wp-content/themes/drive/styles/ 11 KB
2 KB 191ms
149ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/styles/social-media.css?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e89de7226e455c70432b00b9c3c9e41d2d0c3f5a91d1e0776af98419ba0f2d11

Request headers

:path: /wp-content/themes/drive/styles/social-media.css?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217331
cf-polished: origSize=12354
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c00000169599809000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-3042"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wv3L0MHpqBcyKzCk5Ad5pCMqieG6B16uBWm64ISHlhK2QbY%2BXhTiRkxafZ4hJK7hCIb2dohMBdsldPSMkkdJB6jmqC%2BilgJV3oC8WRBpf9E%2Brw%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f2a1695-ARN
cf-bgj: minify

GET
H3-29 200 mobile.start.css
tomandlorenzo.com/wp-content/themes/drive/styles/ 2 KB
1 KB 192ms
149ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/styles/mobile.start.css?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92057c590cd33e9c7fdbbf725566bf6432be3dbca79e041e91f1cc326795b9cb

Request headers

:path: /wp-content/themes/drive/styles/mobile.start.css?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217326
cf-polished: origSize=2300
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c000001695b882c000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-8fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dbgjbgPB8Uslz8JccVCGMsg6h%2BhVUIvYHY8uPOYpCKS4oY7D7uQ%2FgdMOStTWJ2toDjjmKg7SzouILgDHgPb0gC3cXvAcqvqqac7YzeG0mq0vJg%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f2c1695-ARN
cf-bgj: minify

GET
H3-29 200 mobile.css
tomandlorenzo.com/wp-content/themes/drive/styles/ 9 KB
3 KB 192ms
150ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/styles/mobile.css?ver=1589925373
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 093e3b5627e69033d46d82fc24393f538a5aea53fd7f03871b58c702e143812e

Request headers

:path: /wp-content/themes/drive/styles/mobile.css?ver=1589925373
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11304298
cf-polished: status=cannot_optimize
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c4000016958c984000000001
last-modified: Tue, 19 May 2020 21:56:13 GMT
server: cloudflare
etag: W/"5ec455fd-24a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J0rd6Ty7mhcVS9xoa2aumDxzkW9RkWxvPNkUuXwun6rVHnxSz0CkHia8p0pa75f63Lct%2F1qZIzB3NKd0e8azJrKrC6S%2BNMyP9Q3TUcAh9WoDjQ%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f301695-ARN
cf-bgj: minify

GET
H3-29 200 style.min.css
tomandlorenzo.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 192ms
150ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217326
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c10000169559b09000000001
last-modified: Mon, 19 Apr 2021 03:09:20 GMT
server: cloudflare
etag: W/"607cf460-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aBXVgOAXcsMPUlDJLwk0Lp1i5UQHT8x4qaBhhx7CAI7FbUIykoZ0qA8op8SBV1Kat5fP5xLSMuCcqbb4%2BugDgiuXxaULs3HbMgc6KYqCNI09gw%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f331695-ARN

GET
H3-29 200 addthis_wordpress_public.min.css
tomandlorenzo.com/wp-content/plugins/addthis/frontend/build/ 587 B
814 B 192ms
151ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

:path: /wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217323
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c500001695cab24000000001
last-modified: Mon, 22 Jul 2019 16:08:55 GMT
server: cloudflare
etag: W/"5d35df97-24b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uHv%2F4Zo4A2W60HzJ5aX%2Br4aJ3xEK82nGRmknxt%2B77prDoG7BBSA9Aeuk5DCA%2BVH4q37qJxXgYp6pwVcAb2Dy2s%2Fmn18%2FRNMKWRyNZY6bOEcRaA%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f381695-ARN

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
92 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 03:42:37 GMT
x-content-type-options: nosniff
age: 563145
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93868
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:42:37 GMT

GET
H3-29 200 css3-mediaqueries.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 15 KB
5 KB 193ms
151ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/css3-mediaqueries.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7380021ebe196401b5a22b49db246ef5cfb4590f578fb7eaa08fc2217a18e244

Request headers

:path: /wp-content/themes/drive/js/css3-mediaqueries.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217328
cf-polished: origSize=16017
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c10000169599285000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-3e91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LQa%2FDIo6%2F4kkaj99dy%2BNDk1gKMYoaJMwa5v%2FtsT7cvju8IDkT51bk38LOl6xbmxFdGqwblPOGABDBUVzb9nPItkzXKkWqsWW8EzumLgOO2thVg%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f3e1695-ARN
cf-bgj: minify

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 451 B
618 B 342ms
60ms Script
application/javascript 104.109.90.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.90.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-90-77.deploy.static.akamaitechnologies.com
Software: nginx/1.19.1 /
Resource Hash: 22ecd242420185533156bc42c58a6b7f20594213bae75f24188cb1cfe8d70c73

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 08:41:56 GMT
server: nginx/1.19.1
etag: "607e93d4-14f"
vary: Accept-Encoding
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 335
expires: Wed, 21 Apr 2021 19:08:23 GMT

GET
H3-29 200 pinit.js Show response
tomandlorenzo.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 313 B
792 B 1073ms
1067ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f95703f2eb7dac37cd0b925d73efd4bf9d9c96eea9937f93fa60c274b99daf

Request headers

:path: /wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11304298
cf-polished: origSize=782
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57c0000169587275000000001
last-modified: Mon, 23 Nov 2020 00:54:59 GMT
server: cloudflare
etag: W/"5fbb0863-30e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r6op7YMEhoT4x7Wd%2BkdKIofce8mnc3P%2FneGhyOYrnsqfCjjunDG1rsN8Jin72zAsptXfdlqM02McLxnU9UeO%2FiJzeRfWWShw8rALMgM5KmKkCA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca301695-ARN
cf-bgj: minify

GET
H3-29 200 shortcodes.css
tomandlorenzo.com/wp-content/themes/drive/functions/css/ 19 KB
4 KB 192ms
151ms Stylesheet
text/css 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/functions/css/shortcodes.css
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c88fcd6d202cb8258ad01c1f770c0fa8dd1eaa71eb857759707dff65ecfde3e

Request headers

:path: /wp-content/themes/drive/functions/css/shortcodes.css
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4891623
cf-polished: origSize=27332
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a4c1000016959b82f000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-6ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ccDIswEGYhLUs1zFQyzA0WptZ6%2FOkt%2FizuWcMuR2L4zeqXpsagS%2BBwgVRIZHeKM0do7HuMF%2B2ZdkHk%2BJHhcwqpwxtngK8rsi5TFqZEhtwax3JQ%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee79f3a1695-ARN
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 73ms
64ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Wed, 21 Apr 2021 16:08:23 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H3-29 200 tlo-logo1.png
tomandlorenzo.com/wp-content/uploads/2014/09/ 36 KB
37 KB 109ms
104ms Image
image/png 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2014/09/tlo-logo1.png
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d7b147bd96ffd8dd8ed44e183e0af56f0c5edea29696a0a4bc2011f0188d26d

Request headers

:path: /wp-content/uploads/2014/09/tlo-logo1.png
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 927153
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36937
cf-request-id: 0996c9a57c00001695ae155000000001
last-modified: Fri, 17 Jan 2020 07:41:21 GMT
server: cloudflare
etag: "42a8d0b8deef5cfcec327de6435be691"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6XIdJNinqmUVNTYvAs67mw8%2ByRnkVc%2Bf4naCc2Rt7owqgjIqzcL4YPa9KMsE%2FWFn5fYCIs5Aba6WRNm0GtkjKCTZohmoeFwkd0iQ%2BnrIsitMnQ%3D%3D"}],"max_age":604800}
content-type: image/png
expires: Mon, 10 May 2021 22:35:50 GMT
cache-control: max-age=2592000
cf-polished: origSize=42861
accept-ranges: bytes
cf-ray: 6437dee8ca341695-ARN
cf-bgj: imgq:100,h2pri

GET
H2 200 tomandlorenzo.min.js Show response
global.proper.io/ 19 KB
5 KB 96ms
49ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/tomandlorenzo.min.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4829b31cf13494a0f848755c53a44fc192718080f1fac40fcbcaa328cf457a2

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Feb 2021 02:30:02 GMT
server: cloudflare
age: 4886978
etag: W/"6035ba2a-4d15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6437dee8ea042c3e-FRA
cf-request-id: 0996c9a59200002c3ea5250000000001
expires: Wed, 21 Apr 2021 16:13:23 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
tomandlorenzo.com/wp-includes/js/ 14 KB
5 KB 95ms
88ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217303
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a5810000169582ab2000000001
last-modified: Mon, 08 Feb 2021 06:21:15 GMT
server: cloudflare
etag: W/"6020d85b-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dsAfOaVeHnwMTdoAxxn8VCVDfe73Iei9cBrX5NVDOs7n%2FVMu7dlaeHy%2Fww0Vs%2FT7nbgr6cgzWlzFD3zjF%2B5VlKCUcXLkckgjaCymQn6a%2F4h5zA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca361695-ARN

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 310ms
31ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F712) /
Resource Hash: 501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1359
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28769
x-tw-cdn: VZ
Last-Modified: Thu, 15 Apr 2021 22:47:45 GMT
Server: ECS (ska/F712)
Etag: "f8e2082c1f210ffae5a2de107bd73ffc+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3-29 200 double-up-arrow.svg
tomandlorenzo.com/wp-content/themes/drive/images/ 599 B
858 B 914ms
906ms Image
image/svg+xml 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/images/double-up-arrow.svg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d469d2375c3c336aa99657bae309f8a5124ddadfa4c98c9dd442fd1ced5f26

Request headers

:path: /wp-content/themes/drive/images/double-up-arrow.svg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11304298
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57e000016959981d000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-257"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DRVwtWpowTQfK7CEOcJOe6hKNu34yk0MOV%2BxMIgdCaNqleTie9aUGt8rnRSeluZTfmONqPUyajVntRbeF3M6xHppTeDuJFiVniu61SMqS3iFLQ%3D%3D"}],"max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca3d1695-ARN

GET
H3-29 200 shortcodes.js Show response
tomandlorenzo.com/wp-content/themes/drive/functions/js/ 2 KB
1 KB 54ms
54ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/functions/js/shortcodes.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73f8681ad6fb5d5b0694fb863dd7b6db5560f624e36f5016845f8e382f8f078c

Request headers

:path: /wp-content/themes/drive/functions/js/shortcodes.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217320
cf-polished: origSize=3416
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a55d000016956f1de000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-d58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wwweuLCkjzxW2KX041%2FKrVt6Xh5l%2BF9Sdb8kuz%2BsULs9xycAYNIZVT8gRDBcKXy%2FZ4p8%2F9xJW7Q8DlLgjHfDzxGz%2FzGYx%2BRyyrF8G3I3STeSiA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8998a1695-ARN
cf-bgj: minify

GET
H3-29 200 main.js Show response
tomandlorenzo.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 0
548 B 64ms
63ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/main.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/main.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217318
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0996c9a5690000169597156000000001
last-modified: Mon, 14 Dec 2020 23:44:16 GMT
server: cloudflare
etag: "5fd7f8d0-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WjFoNVgo7IceSankGbM6w8aYQJJbVdfnLoPARbURXAxoArsRXQI%2FZSWPqMdzh6Z4%2BhxIfJD52yU0AoUtX8cuZT8FnWi5ittmYEcApLmazpHj7w%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8a9bb1695-ARN
cf-bgj: minify

GET
H3-29 200 superfish.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 3 KB
2 KB 864ms
852ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/superfish.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b326d41c5c1746af8c1b35ad8f74e69ff8edfb92e40e66f80f7ce999dde61f8

Request headers

:path: /wp-content/themes/drive/js/superfish.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217317
cf-polished: origSize=3789
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57d00001695cab37000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mk5SZ59M64v0TKdc8SB3URTtDTMGM%2BQZMdJEvHdwBT6UmHNzsEn%2B0nLHaGDmAPVDDkYiZkt39kUpsOudV3N62sv33p4v5uzxQnrlGsQ2rnH7Lw%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca3b1695-ARN
cf-bgj: minify

GET
H3-29 200 jquery.hoverIntent.minified.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 1 KB
1014 B 917ms
910ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/jquery.hoverIntent.minified.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 556d8b390b11e2e4f9e6f02e5d0815dbeac562b01bc705d5b4194c186a62dd78

Request headers

:path: /wp-content/themes/drive/js/jquery.hoverIntent.minified.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217316
cf-polished: origSize=1464
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a579000016956a00a000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-5b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zk77p8T3fUxVcI5VLNw56%2FwkqTuv4lqTMjstGPZK2mPDzKRflsnJdqxA%2FTJ%2B1RKIRWh0p7ujm21Cro8oHFe2f3uPeeblpMnN%2FaTOQzBqx4YGAg%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca191695-ARN
cf-bgj: minify

GET
H3-29 200 jquery.prettyPhoto.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 21 KB
6 KB 65ms
59ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/jquery.prettyPhoto.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f4af66c5a7c312cb258336e99e102e6f48345073d2a1c0b950a2bc78e6441c

Request headers

:path: /wp-content/themes/drive/js/jquery.prettyPhoto.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217315
cf-polished: origSize=21506
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a579000016959981c000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-5402"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jB4kCj05HomLeXc8YyfUdQJOtqDXK3mAfzdD1H2cAOxt0ez1k4X5esP%2BLaG%2BJUjRZROnX393jbubcq0m1PgjJiqR9ZRFEqnmb9GNnpTEV9vCXQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca1d1695-ARN
cf-bgj: minify

GET
H3-29 200 jquery.flexslider-min.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 16 KB
5 KB 57ms
51ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/jquery.flexslider-min.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d274203a9480a7beceb8405e21775a4b077706794968219b78bce8f4f4a69517

Request headers

:path: /wp-content/themes/drive/js/jquery.flexslider-min.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217312
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57a00001695b8342000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-41a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ir%2B7sQrbYuXmYusf70EX80z%2BA6Yx%2Bp6F%2FeWSzDF%2BZi72Q9ZjFKjo7za0hyx9DflUb5x9qZ0Ptoq1TklHNLxi4lF4B066Y6haiBgM8UPKNZbxFg%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca1e1695-ARN

GET
H3-29 200 jquery.flexslider.start.main.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 175 B
723 B 64ms
58ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/jquery.flexslider.start.main.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ae160a876664b53c91c561dd6b26c26e4ac131830b43eae0fe2d3cafcf572e

Request headers

:path: /wp-content/themes/drive/js/jquery.flexslider.start.main.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217310
cf-polished: origSize=426
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57a0000169595ac6000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1WMqB2TyaNKOW1FAoO4r4o7l9wLyloz7s4pKYkVr4aAV0HuqWLpqukJSPpXwgTJwLDWYlQRu7Vs8ZXqmMcTiHpW7bRw%2BbqINQN7vAtxVV7Kjgw%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca201695-ARN
cf-bgj: minify

GET
H3-29 200 jquery.simplyscroll.min.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 8 KB
3 KB 1062ms
1056ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/jquery.simplyscroll.min.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ad566d7f54eab5cd7297f037b58a3ca301415d8d495553dce1e1528a566f36

Request headers

:path: /wp-content/themes/drive/js/jquery.simplyscroll.min.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217309
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57a00001695d5167000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-1ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TySE4o44PBikKFD1b5N04pIiCgwekmgI%2BVpW9cbMGEShUWpbTQcTcnpcIGMc%2BHmQTsP0qEmfCvaPsCAfJKQd4lbafR2qZce4uEBVKYJiwjhxtQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca221695-ARN

GET
H3-29 200 jquery.simplyscroll.start.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 117 B
674 B 65ms
59ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/jquery.simplyscroll.start.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce6b3c4eebfed2f4cd36d677e962efcf918b0d6074c8af26a2b7f37e1c4c16ff

Request headers

:path: /wp-content/themes/drive/js/jquery.simplyscroll.start.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217308
cf-polished: origSize=182
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57a000016956f1e1000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cFGQ9juFauvdS%2FIpj3QyORdGyKlz%2FccUK23SJ3p0rGgM1xvym6OI0kk12QfAR8vj16sAfJcZnIlrSYhPIkBQuJd5iozrWxeZYlYhzqtjhN7OuA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca251695-ARN
cf-bgj: minify

GET
H3-29 200 ownScript.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 1 KB
1 KB 1062ms
1056ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/ownScript.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d923b462f11ba29664d81bc084817b29efdbe5f6214be4a7c6097a027cafbbc

Request headers

:path: /wp-content/themes/drive/js/ownScript.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217307
cf-polished: origSize=2145
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57b000016959307d000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6EB6AEuGGWmywFj%2FKk6BnjGN4kfw7unl5hRnVR%2FyUGXt1H4hjc8JIMPMQ%2BG1z%2FekXQ2rwtOfVhJyYdO2sXyrkQipk23YjVK6cGlJRjHDmuxyHA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca261695-ARN
cf-bgj: minify

GET
H3-29 200 mobile.js Show response
tomandlorenzo.com/wp-content/themes/drive/js/ 893 B
813 B 915ms
909ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/js/mobile.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a38085445fadd82bb764fd51b0aae8269a2eb6495e2013c1630a87af435255e7

Request headers

:path: /wp-content/themes/drive/js/mobile.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217304
cf-polished: origSize=1419
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57b00001695cfb34000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: W/"5a34bc54-58b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Msm6QLuIELXaBZNd3QD6Lglk6tOmFVTJxSHw%2FD6ZyaSIKDrXfq%2BFYsCkwtoF4HFspuHLTu28Mjc8wXygy%2BFZvzVvcltu4N0cZ%2F5KTmn3bKTtcQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca291695-ARN
cf-bgj: minify

GET
H3-29 200 wp-embed.min.js Show response
tomandlorenzo.com/wp-includes/js/ 1 KB
1 KB 1283ms
1277ms Script
application/javascript 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217301
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0996c9a57b000016958c998000000001
last-modified: Mon, 08 Feb 2021 06:21:15 GMT
server: cloudflare
etag: W/"6020d85b-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KOXDKflpTlok%2FbmsJZqakyd9iSNyE76yjjsAV196AuGQSzE2ZXgc%2B7qkELawUctYynmLC9rNk9IeOmzTK57y5wSC10vJfOR77tW61bbam%2Bqe%2BQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6437dee8ca2e1695-ARN

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tomandlorenzo-tomandlorenzo/ 364 KB
31 KB 338ms
57ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tomandlorenzo-tomandlorenzo/loader.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.44.1 /
Resource Hash: b8fb99c65b07efa461d53bc7eb08b8ddeed0bcd41ab1e861bb59163f801ebab6

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RAKepw4XEIK3sd0hFO5BactIbkC6Y9U7
content-encoding: gzip
etag: "3acf493ddb3a65af099132471d193ab47299a6c7"
age: 7871
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
content-length: 31408
x-amz-id-2: QsdGbFflDr+9StlYpPtnVs6wx/LgyaE8qXO+M6nXwy3Hjm+RhBbiifNBpdU33C0WVMhGu7EmYfs=
x-served-by: cache-hhn11561-HHN
last-modified: Wed, 21 Apr 2021 13:57:12 UTC
server: obaker.93.1.2-11.44.1
x-timer: S1619021303.451407,VS0,VE1
date: Wed, 21 Apr 2021 16:08:23 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 59DP56MHP1Y0F6H2
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 7
x-cache-hits: 1

GET
H3-29 200 transparent-light.png
tomandlorenzo.com/wp-content/themes/drive/images/ 68 B
654 B 908ms
903ms Image
image/png 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/images/transparent-light.png
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e50d8b31c60e43dc1f1b5c0adedcc4e6e78f3a9fae738d40490d414964ae0c2

Request headers

:path: /wp-content/themes/drive/images/transparent-light.png
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6008989
cf-polished: origSize=919
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
cf-request-id: 0996c9a58300001695ca011000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: "5a34bc54-397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IateU3nYwQ1yfJOlN3pQUaVD9vCkoj%2BrvNiXzWkBIpx%2FY7tkL8xl%2BIQCYrleddX5TdxeLZVmvAiL8A7GtbCNtwr41bdviwT5enhjyJoeFIzucg%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8da651695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 nav-div.png
tomandlorenzo.com/wp-content/themes/drive/images/ 140 B
730 B 1275ms
1270ms Image
image/png 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/images/nav-div.png
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c692da319dafff2df3272b106f72a33435e9eb223f1e02df0e3cb35ebcded692

Request headers

:path: /wp-content/themes/drive/images/nav-div.png
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11304298
cf-polished: origSize=1042
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140
cf-request-id: 0996c9a583000016959c038000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: "5a34bc54-412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jEXDst3LTf8O%2FS%2Fdzcv1UXru2cT96tb4GUM3q%2Ftiyj%2F6CfZ99AN%2F6jzSUT51EJEDWUTjUnmcc8WGX0dydv5vTwmj0E10JMNXTetSuOAh7KiglA%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8da6a1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 nav-buttons-sprite.png
tomandlorenzo.com/wp-content/themes/drive/images/ 3 KB
3 KB 870ms
865ms Image
image/png 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/images/nav-buttons-sprite.png
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa735206eb2d8d49bac05f2b90f68dfc717aadfcd3a6849d026da379876c0c0

Request headers

:path: /wp-content/themes/drive/images/nav-buttons-sprite.png
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4892704
cf-polished: origSize=5046
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2926
cf-request-id: 0996c9a584000016955791b000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: "5a34bc54-13b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NVKOm7htJ89oOQn%2FMEp694X9eE%2Bovb0Xfv8%2FUTc9hIuwuVCouFesFgzDSr3vbDOGV86DB1qC9%2BgMO16DlcY%2BMbe%2FzSG8v25OaztpxODB2vOEbA%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8da6b1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Kate-Middleton-Catherine-Ducchess-Cambridge-Prince-William-Air-Cadets-Prince-Philip-Tribute-Royal-Watch-Fashion-Dolce-Gabbana-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 187 KB
188 KB 83ms
78ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Kate-Middleton-Catherine-Ducchess-Cambridge-Prince-William-Air-Cadets-Prince-Philip-Tribute-Royal-Watch-Fashion-Dolce-Gabbana-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1316b94d2a6d417986c3e28bba43da25d091ddef3ebd0cf7542fafa0060ce569

Request headers

:path: /wp-content/uploads/2021/04/Kate-Middleton-Catherine-Ducchess-Cambridge-Prince-William-Air-Cadets-Prince-Philip-Tribute-Royal-Watch-Fashion-Dolce-Gabbana-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3166
cf-polished: origSize=201621
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 191447
cf-request-id: 0996c9a58400001695d5169000000001
last-modified: Wed, 21 Apr 2021 15:04:36 GMT
server: cloudflare
etag: "60803f04-31395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QQQzdLWRddcX34pV1QAiCBgL%2BAUJ%2BX9O2odWtPrNbpcys9lmsK5NrZbHOfMUzR1LXyqVJUz0IG9fDm8IFDRy3rzBP5hdpJqKAr4%2BAQXXq9CGUw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 21 May 2021 15:15:37 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8da6d1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 kvrKi_C0.jpg
tomandlorenzo.com/wp-content/uploads/2020/12/ 172 KB
173 KB 1188ms
1180ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2020/12/kvrKi_C0.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 372bdc6e35d6e422946a6df279b69c22d14718103e56a9d831a387ecf0610fb7

Request headers

:path: /wp-content/uploads/2020/12/kvrKi_C0.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2291863
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 176222
cf-request-id: 0996c9a585000016959307f000000001
last-modified: Mon, 14 Dec 2020 07:10:42 GMT
server: cloudflare
etag: "aceb848d73ffe66dfe53df2cce9ef7e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bKWPQs7IA6pbAFF6HNzHQ0ib5YQSKpLHn44vqE57hNA0ilyJWPV1zpqlt9zbNLWJ9B%2F4ctGgA7SRxKuqwQdd%2FGPI1c7cotZdQSKHN954iUg5Dg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Sun, 25 Apr 2021 03:30:40 GMT
cache-control: max-age=2592000
cf-polished: origSize=177022
accept-ranges: bytes
cf-ray: 6437dee8da721695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Sharon-Stone-LOfficiel-Magazine-Editorials-March-2021-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 192 KB
192 KB 54ms
47ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Sharon-Stone-LOfficiel-Magazine-Editorials-March-2021-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b32ef0a8d9a4492c1af52575057aa70ede44ac23a2d58ff6bbd5d1c61ac6bc2

Request headers

:path: /wp-content/uploads/2021/04/Sharon-Stone-LOfficiel-Magazine-Editorials-March-2021-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 49696
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 196125
cf-request-id: 0996c9a58500001695c88fd000000001
last-modified: Tue, 13 Apr 2021 07:10:13 GMT
server: cloudflare
etag: "ac7275ea7ee18898952b58075ad0e8fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s11AG6H9Vho%2FRy6yxQzxj0XRQjwpYRbz1N5XQtoijv2z2YzuFyCsKGlsjl%2FxT17sW%2BEFNjboqqSc4MRCrF%2FZ3aqZbYTknE5J4GN06191aGFvUw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Fri, 21 May 2021 02:20:07 GMT
cache-control: max-age=2592000
cf-polished: origSize=230411
accept-ranges: bytes
cf-ray: 6437dee8da761695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Kate-Bosworth-Victoria-Justice-Kate-Mara-KSNYBBE-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2018/03/ 921 KB
922 KB 470ms
463ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2018/03/Kate-Bosworth-Victoria-Justice-Kate-Mara-KSNYBBE-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adfe82deca9b631ba0cadd8e307a6ada8d8dbeb48b01b3ae9cfadd5339535488

Request headers

:path: /wp-content/uploads/2018/03/Kate-Bosworth-Victoria-Justice-Kate-Mara-KSNYBBE-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 119
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 942925
cf-request-id: 0996c9a586000016956736b000000001
last-modified: Sat, 25 Jan 2020 08:25:27 GMT
server: cloudflare
etag: "3baccf79e23832049e9d2fc3b96a600b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eb5TfThlhUohdUXCr4VKtVs2pyC72%2FH1TtUQUrwLwloLnDhdkwXZnrzAF0c16aImGjH102fmv32JMft9gSo3%2B1UY4kIQnaFxtW%2FLRADiBureQA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6437dee8da791695-ARN
expires: Fri, 21 May 2021 16:06:24 GMT

GET
H3-29 200 zoom.png
tomandlorenzo.com/wp-content/themes/drive/images/icons/ 122 B
710 B 905ms
894ms Image
image/png 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/images/icons/zoom.png
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d502ab326980186fbb01b9b269e3d1fe3e6796b4ddd6255c1b824db4e3bb28

Request headers

:path: /wp-content/themes/drive/images/icons/zoom.png
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4861801
cf-polished: origSize=1072
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122
cf-request-id: 0996c9a58c0000169561895000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: "5a34bc54-430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Bq7bqo1GChiL9mD1rPCgKXBOC3a8Np2FfB68WzwgRJjUg%2Fut4SNpDwhlqxvlqDqk0U%2F0RVTyAFDqEKMP0sQnuE%2B4FmoRk7vv7S6YcezuOZCiQ%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8da8a1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Bars-Restaurants-Lounges-Cafes-42121-Tom-Lorenzo-Site-Tlo-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 190 KB
191 KB 826ms
809ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Bars-Restaurants-Lounges-Cafes-42121-Tom-Lorenzo-Site-Tlo-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2de4841d5b7049e098bc0196ffb1b6081288b8f218b6ea8d0a3b54f11811101

Request headers

:path: /wp-content/uploads/2021/04/Bars-Restaurants-Lounges-Cafes-42121-Tom-Lorenzo-Site-Tlo-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7578
cf-polished: origSize=209571
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194739
cf-request-id: 0996c9a59100001695969a7000000001
last-modified: Wed, 21 Apr 2021 11:17:06 GMT
server: cloudflare
etag: "608009b2-332a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fLlUVep%2BwXGrOEvsYkKiunVQiJHbn4U%2FHBiik0V5XGB%2FB9VF4ahyEMbr3Vi6qHtOWpva3yHXLUkzFwmDnDeRs5vt3NQ2oBtZx1zx3V5zIK9YcQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 21 May 2021 14:02:05 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8ea9b1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Naeem-Khan-Spring-2022-Bridal-Collection-Wedding-Gowns-Fashion-Trends-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 177 KB
177 KB 883ms
865ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Naeem-Khan-Spring-2022-Bridal-Collection-Wedding-Gowns-Fashion-Trends-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7432231e77e2ccd2013abc9c0bca13a6132871ed93de1fc53a4f98f1bfd10b18

Request headers

:path: /wp-content/uploads/2021/04/Naeem-Khan-Spring-2022-Bridal-Collection-Wedding-Gowns-Fashion-Trends-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66178
cf-polished: origSize=194507
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 180836
cf-request-id: 0996c9a59300001695a8be0000000001
last-modified: Tue, 20 Apr 2021 15:23:41 GMT
server: cloudflare
etag: "607ef1fd-2f7cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g1jvdFQQe5qqu3HTPKcz1jF4%2Fo0az3NMfrD61mEwXKJnECeRb7ELv9ZV9l7VauXM6phHR9bwz%2FWZr9AZPIequideL1yuoTPa9uTDw4mkpY6RGQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 21:45:25 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8eaa91695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Katy-Perry-American-Idoal-TV-Style-Fashion-Dolce-Gabbana-Alessandra-Rich-Tom-Lorenzo-Site-0.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 274 KB
275 KB 394ms
376ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Katy-Perry-American-Idoal-TV-Style-Fashion-Dolce-Gabbana-Alessandra-Rich-Tom-Lorenzo-Site-0.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e0289d8da8e63bded5d470a14c3fcb202657315442260033add1a6d00bd1bee

Request headers

:path: /wp-content/uploads/2021/04/Katy-Perry-American-Idoal-TV-Style-Fashion-Dolce-Gabbana-Alessandra-Rich-Tom-Lorenzo-Site-0.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 71235
cf-polished: origSize=294566
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280786
cf-request-id: 0996c9a593000016955b83b000000001
last-modified: Tue, 20 Apr 2021 14:46:03 GMT
server: cloudflare
etag: "607ee92b-47ea6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W3ROqwij2Bm%2Bn5vd3GeMCC5QkSLma%2FQP8POeELKkVSGQx157NeHtxeVgq1%2B9cMWPHfOs4xXI95e0XFYNp96XUg4Gv23Av%2Bw4AeKm6%2Fe9JUHsjw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 20:21:08 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8eaac1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Lorenzo-Shopping-Guide-Fashion-Sandals-Trends-Spring-Summer-2021-Tom-Lorenzo-Site-0.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 249 KB
249 KB 1271ms
1251ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Lorenzo-Shopping-Guide-Fashion-Sandals-Trends-Spring-Summer-2021-Tom-Lorenzo-Site-0.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6313740132d1eeafc3bf9f6ee5a4af08639843d768f7ca926a88c26732194405

Request headers

:path: /wp-content/uploads/2021/04/Lorenzo-Shopping-Guide-Fashion-Sandals-Trends-Spring-Summer-2021-Tom-Lorenzo-Site-0.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 74648
cf-polished: origSize=267045
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 254786
cf-request-id: 0996c9a599000016959929c000000001
last-modified: Tue, 20 Apr 2021 16:46:37 GMT
server: cloudflare
etag: "607f056d-41325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2FmkQgeKukzOWMv6AqBWrVuHEtrnXx6YeSoB41KWghd6HttjJficMa%2Fdm3HFhfkqiZrDhl2QRB146MQ0TXAMJ6wPsVxDxRC%2BHtPVQCwuJUuucA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 19:24:15 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8eab21695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Maria-Bakalova-WERQ-From-Home-Style-Fashion-Lisou-London-42021-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 136 KB
137 KB 1097ms
1077ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Maria-Bakalova-WERQ-From-Home-Style-Fashion-Lisou-London-42021-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0d0b7c575cdaa18d74a5232eddaf64f8a87a0bdcf2573605985e166ec5f4ee1

Request headers

:path: /wp-content/uploads/2021/04/Maria-Bakalova-WERQ-From-Home-Style-Fashion-Lisou-London-42021-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 79578
cf-polished: origSize=147922
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139292
cf-request-id: 0996c9a59500001695ae158000000001
last-modified: Tue, 20 Apr 2021 14:59:26 GMT
server: cloudflare
etag: "607eec4e-241d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uW56GBqkDVKdcJZCf7gUm8co%2B2tCUjEGumDekiTjNeQdnvIw00Bj6IzwECgiYI5svWE4QGR7KZdxKcVZ%2FPNIB94bSTGMIQDOcijKm87SSJ%2BYlQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 18:02:05 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8eab31695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Michael-Kors-Fall-2021-Collection-The-40th-Anniversary-Runway-Fashion-Tom-Lorenzo-Site-0.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 363 KB
364 KB 932ms
911ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Michael-Kors-Fall-2021-Collection-The-40th-Anniversary-Runway-Fashion-Tom-Lorenzo-Site-0.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3364299c906c3fd0de136335d4d2338c7076c093d92294f56109a6bf7b6aa60

Request headers

:path: /wp-content/uploads/2021/04/Michael-Kors-Fall-2021-Collection-The-40th-Anniversary-Runway-Fashion-Tom-Lorenzo-Site-0.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 83791
cf-polished: origSize=389908
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 372155
cf-request-id: 0996c9a5960000169568213000000001
last-modified: Tue, 20 Apr 2021 14:01:24 GMT
server: cloudflare
etag: "607edeb4-5f314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tPGu2j4O64Lh%2B37B6KIYBTuieGjGt%2FZTeAynciHXaJAuRjbaWosxZijOP7H71XY6YEciLT5ou7Nu8Kyci%2FjD94xG71qC93dB%2FOYe0V%2FUDIaxHA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 16:51:52 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8fabc1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Jurnee-Smolett-WERQ-From-Home-Style-Fashion-Valentino-42021-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 136 KB
137 KB 1033ms
1012ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Jurnee-Smolett-WERQ-From-Home-Style-Fashion-Valentino-42021-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef1e4d463af8260e81aff5e353b6e186ed307566b44497b3b26c466e053780a

Request headers

:path: /wp-content/uploads/2021/04/Jurnee-Smolett-WERQ-From-Home-Style-Fashion-Valentino-42021-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87716
cf-polished: origSize=145636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139687
cf-request-id: 0996c9a5970000169595aca000000001
last-modified: Tue, 20 Apr 2021 13:04:14 GMT
server: cloudflare
etag: "607ed14e-238e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ObJlqoB%2FywycaVGsTF2cUKJzU6%2FVNDXcn6%2FpzNMARtaU2arubOBg2NMBgq%2B5G%2Fmxng7GCjkGtDmYYThxfiCOFPw7Q7NFz5EEELA%2BCa53RQRw9Q%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 15:46:27 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8fac31695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Nick-Jonas-The-Voice-TV-Style-Fashion-Boss-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 80 KB
80 KB 1131ms
1110ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Nick-Jonas-The-Voice-TV-Style-Fashion-Boss-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c1021ce01e1c22d52e4dd7487764cb36c738834e7a9b38d567bb2a6fa2448ec

Request headers

:path: /wp-content/uploads/2021/04/Nick-Jonas-The-Voice-TV-Style-Fashion-Boss-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 92086
cf-polished: origSize=84673
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81619
cf-request-id: 0996c9a59800001695562c1000000001
last-modified: Tue, 20 Apr 2021 13:22:06 GMT
server: cloudflare
etag: "607ed57e-14ac1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jAwMBjdZcdeMTz0FIS%2BGIDJPYFGdb2U%2BtbZO2Pd2HG8xAGHyISwJVwHXCoDhFp8PFoOJnX%2Br0KjkMz3dmVMfWrsSl580BlLg8R2EVWUkrg9CdQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 14:33:37 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8fac61695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Bars-Restaurants-Cafes-Lounges-4-20-2021-Tom-Lorenzo-Site-TLO-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 233 KB
234 KB 1146ms
1124ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Bars-Restaurants-Cafes-Lounges-4-20-2021-Tom-Lorenzo-Site-TLO-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b66fc00ac38ce8ab09a197a9dddd36aa1ecf3a700aefd866220162b16ebbba

Request headers

:path: /wp-content/uploads/2021/04/Bars-Restaurants-Cafes-Lounges-4-20-2021-Tom-Lorenzo-Site-TLO-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 95630
cf-polished: origSize=254293
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 238867
cf-request-id: 0996c9a59c000016959929d000000001
last-modified: Tue, 20 Apr 2021 11:05:21 GMT
server: cloudflare
etag: "607eb571-3e155"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b3YS%2FJvE60GMLEntylYlaekiW3dR56OuKY4NQleqkAN7QbslGjS%2F%2Fy76rNcIr4hEZ4at7xk30MymuY8%2F4%2BoO9dvnZN1ApMvCde64jqGfdjIArA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 20 May 2021 13:34:33 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8facd1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Aquazzura-Tutti-Frutti-Sandals-Summer-Spring-Trends-Fashion-Style-Shoes-Accessories-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 251 KB
251 KB 1249ms
1228ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Aquazzura-Tutti-Frutti-Sandals-Summer-Spring-Trends-Fashion-Style-Shoes-Accessories-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39d8bcdad8f1393973c2851ccd762677ce649e4edf072a7145068802e0c539b

Request headers

:path: /wp-content/uploads/2021/04/Aquazzura-Tutti-Frutti-Sandals-Summer-Spring-Trends-Fashion-Style-Shoes-Accessories-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 153038
cf-polished: origSize=266845
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 256632
cf-request-id: 0996c9a59f00001695d23cb000000001
last-modified: Mon, 19 Apr 2021 16:58:23 GMT
server: cloudflare
etag: "607db6af-4125d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Wypsgn1UchP5b1XCx4Q1urwSeWuFRcaiDBf4%2FK%2FHFP5Bq%2FwPT2HUaTr4YwHSpryEuk2G7xJznt9FB29WF54brcIsGEZQdieh3yt9nZtuucRFw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 21:37:45 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8fadd1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Carrie-Underwood-Academuy-Country-Music-Awards-2021-Style-Fashion-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 186 KB
187 KB 1363ms
1343ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Carrie-Underwood-Academuy-Country-Music-Awards-2021-Style-Fashion-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbfdab41129bb46800b537a5cc87ca6592a3d0498d6214f7e7a9e561e414d246

Request headers

:path: /wp-content/uploads/2021/04/Carrie-Underwood-Academuy-Country-Music-Awards-2021-Style-Fashion-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 156977
cf-polished: origSize=204260
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 190543
cf-request-id: 0996c9a59d00001695969a9000000001
last-modified: Mon, 19 Apr 2021 15:04:54 GMT
server: cloudflare
etag: "607d9c16-31de4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A3WO0fUc%2BuxtoKTqCwb9GE5UUZ4GgVerSwIh3A0TDZF9HK5aMXYSkW1AFeJpLV7F3GFVNszYk6T3VxS6oe2BiWJULIF52dx842xO0Tz2M0L88g%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 20:32:06 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8fae11695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Maria-Bakalova-Santa-Barbara-International-Film-Festival-2021-Style-Fashion-Oscar-de-la-Renta-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 43 KB
44 KB 1399ms
1379ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Maria-Bakalova-Santa-Barbara-International-Film-Festival-2021-Style-Fashion-Oscar-de-la-Renta-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1226039da9d7952e67f425ba6c0613f4c56f70473c9bde60406bf64404cff15e

Request headers

:path: /wp-content/uploads/2021/04/Maria-Bakalova-Santa-Barbara-International-Film-Festival-2021-Style-Fashion-Oscar-de-la-Renta-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 160576
cf-polished: origSize=46510
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44130
cf-request-id: 0996c9a59d00001695572ee000000001
last-modified: Mon, 19 Apr 2021 16:12:26 GMT
server: cloudflare
etag: "607dabea-b5ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=smPaPuE8yJQtgXeWCegmPnkb2e0APRgo0FjEgeXM6d2RHq%2F4r6LVFtofcrLpYeIVi%2B0sAZSVVJO%2FStvYV5xuVXZDlkVg%2BajMHcacRr2u%2Fc0w6w%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 19:32:07 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8fae41695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Mickey-Guyton-Academuy-Country-Music-Awards-2021-Style-Fashion-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 189 KB
190 KB 1404ms
1383ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Mickey-Guyton-Academuy-Country-Music-Awards-2021-Style-Fashion-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42251572c4aed04e83cbc52b07df52aca3c32f5bdbf24186df77c21bd2b45e3b

Request headers

:path: /wp-content/uploads/2021/04/Mickey-Guyton-Academuy-Country-Music-Awards-2021-Style-Fashion-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 167777
cf-polished: origSize=208310
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193700
cf-request-id: 0996c9a59d0000169565080000000001
last-modified: Mon, 19 Apr 2021 14:22:48 GMT
server: cloudflare
etag: "607d9238-32db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3d5KPGhM%2B1qTVHkvdNfWrjuv2KZQiVGJGy3imN2YLg9lqoBGmUf0fLPpWnlnt%2FLXX36B6lQaJioqCkEFD%2BB8g0x0of0Vy8KZUQib%2BTpXjRdM7w%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 17:32:05 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8fae71695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Oscar-de-la-Renta-Spring-2022-Collection-Wedding-Gowns-Fashion-Tom-Lorenzo-Site-0.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 95 KB
95 KB 208ms
187ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Oscar-de-la-Renta-Spring-2022-Collection-Wedding-Gowns-Fashion-Tom-Lorenzo-Site-0.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 414bf3e547c1ce0656cd45d7338bb79eb14d332bab566f0e5e6ab103446fe415

Request headers

:path: /wp-content/uploads/2021/04/Oscar-de-la-Renta-Spring-2022-Collection-Wedding-Gowns-Fashion-Tom-Lorenzo-Site-0.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 163789
cf-polished: origSize=98907
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97048
cf-request-id: 0996c9a59e000016955791e000000001
last-modified: Mon, 19 Apr 2021 15:59:45 GMT
server: cloudflare
etag: "607da8f1-1825b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fDV%2FISHYP3jaLl%2F4YjDBE9v9f3NtA6D%2Bidh9%2FM7XXUtCGiGDHTTfV%2FqbGJ7%2F9S4nI2njNz9ljgqCzuboczYb1Ov1hTxbaTu%2F4Hl1dg1xgpGImQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 18:38:34 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee8faeb1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Shang-Chi-Legend-The-Ten-Rings-Movie-Poster-Trailer-Preview-Tom-Lorenzo-Site-17.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 203 KB
203 KB 1468ms
1447ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Shang-Chi-Legend-The-Ten-Rings-Movie-Poster-Trailer-Preview-Tom-Lorenzo-Site-17.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 027ba8b87dbb650f409bc274d1d54f89f7d911ddbe0e2889806a887a4a3222db

Request headers

:path: /wp-content/uploads/2021/04/Shang-Chi-Legend-The-Ten-Rings-Movie-Poster-Trailer-Preview-Tom-Lorenzo-Site-17.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 171654
cf-polished: origSize=230823
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 207587
cf-request-id: 0996c9a5a400001695969aa000000001
last-modified: Mon, 19 Apr 2021 15:32:25 GMT
server: cloudflare
etag: "607da289-385a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8yQUQmoX%2BiXj3ZaHRDJKlEmGi%2FbZ1ATBK4KxGnv6pfBxAyi0RWXaX7cbYWpXOHzkpSg4AKzFPU%2FixlmHWbWcIQZ4B%2FD4D6adqPicFG2QECge9w%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 16:27:29 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b0e1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Downton-Abbey-2-Movie-Previews-Announcements-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 266 KB
267 KB 1515ms
1494ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Downton-Abbey-2-Movie-Previews-Announcements-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b95600b9ed171149cf8a92f8b2a3323d55d1c9daed07d5ba166c63a93f4e6e

Request headers

:path: /wp-content/uploads/2021/04/Downton-Abbey-2-Movie-Previews-Announcements-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 175489
cf-polished: origSize=291429
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 272237
cf-request-id: 0996c9a5a40000169559b24000000001
last-modified: Mon, 19 Apr 2021 15:12:05 GMT
server: cloudflare
etag: "607d9dc5-47265"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7EWVYnCXPpkRjK%2B7VIRJaOEcMSrRHNiKfb4YgTzI3enCauTKhBQa3qZ6JSrnDTCPVxwkfDK4IhfAEjGQ59g754JvBpR1%2BWHsIYsO0KedYROC7A%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 15:23:34 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b121695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Mare-of-Easttown-Kate-Winslet-TV-Reviews-HBO-Tom-Lorenzo-Site.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 84 KB
84 KB 1566ms
1546ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Mare-of-Easttown-Kate-Winslet-TV-Reviews-HBO-Tom-Lorenzo-Site.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe347d26b846bc8bc4e9db8701a601c953505e533c009cbecb548488770fd504

Request headers

:path: /wp-content/uploads/2021/04/Mare-of-Easttown-Kate-Winslet-TV-Reviews-HBO-Tom-Lorenzo-Site.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 178856
cf-polished: origSize=87844
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85700
cf-request-id: 0996c9a5a500001695d516d000000001
last-modified: Mon, 19 Apr 2021 12:50:43 GMT
server: cloudflare
etag: "607d7ca3-15724"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0lTuOvbYVONwwkLYPHNVVO9hNid2lLipEe2sW0cPfk57uDwcPSzN0qjtD7CWS1FJ7f2BY4hVqfXhkJg%2FYZPG0KNUHf5D48n3PI%2BoINQqlDHIGA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 14:27:26 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b161695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Selma-Blair-Town-Country-Magazine-May-2021-Issue-Fashion-Style-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 230 KB
231 KB 1602ms
1581ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Selma-Blair-Town-Country-Magazine-May-2021-Issue-Fashion-Style-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 966533643854ed243e41552a05bde6bbea3fc6f39dff3c09c087bed0f955fe12

Request headers

:path: /wp-content/uploads/2021/04/Selma-Blair-Town-Country-Magazine-May-2021-Issue-Fashion-Style-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 172926
cf-polished: origSize=243573
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 235741
cf-request-id: 0996c9a5a60000169561899000000001
last-modified: Mon, 19 Apr 2021 14:44:43 GMT
server: cloudflare
etag: "607d975b-3b775"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LsZMLS8fzVB8D%2FiPQF3n9P3ivOPD4kR1WhpJvoiXLOxpqXPK5QefA1gpOWn5TX8cqNtx%2Bl5852SUqXSvfxHAzb7vwBMu6%2Bb80PoTN7sy8wRJhg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 16:06:16 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b1d1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Beyonce-WERQ-From-Home-Style-Fashion-Area-Aune-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 110 KB
111 KB 1645ms
1625ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Beyonce-WERQ-From-Home-Style-Fashion-Area-Aune-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7edb6077c380f452abcb3604480f5fa5bfca3287fb8a9d621a4a30589d81450b

Request headers

:path: /wp-content/uploads/2021/04/Beyonce-WERQ-From-Home-Style-Fashion-Area-Aune-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 176003
cf-polished: origSize=115803
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112711
cf-request-id: 0996c9a5a6000016959929f000000001
last-modified: Mon, 19 Apr 2021 13:45:46 GMT
server: cloudflare
etag: "607d898a-1c45b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xLfUCGnATQqgyUF5FrLb8st%2F83vwhZgS4oWqV3zWqP%2BvI1F6gcdAYzQ%2FHGjcbwpzyQbYIhV0RxKNSBQaozjtMe%2BDYB9im98Am19eO3smuw1g1w%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 15:15:00 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b211695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Bars-Restaurants-Cafes-Lounges-4-19-2021-Tom-Lorenzo-Site-TLO-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 586 KB
587 KB 1674ms
1654ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Bars-Restaurants-Cafes-Lounges-4-19-2021-Tom-Lorenzo-Site-TLO-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f0d332b5baeb68a108b6ed67bb860e7d83e8a754ae97a9c062c5993137c8bc

Request headers

:path: /wp-content/uploads/2021/04/Bars-Restaurants-Cafes-Lounges-4-19-2021-Tom-Lorenzo-Site-TLO-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 182176
cf-polished: origSize=668486
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 599820
cf-request-id: 0996c9a5a800001695960e4000000001
last-modified: Mon, 19 Apr 2021 11:36:32 GMT
server: cloudflare
etag: "607d6b40-a3346"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7I3VfqcB1zeW45CSoM6YttZ3sn2wjTl77ccKi6OIfypl72rNWFAdxy3BUEHTOZ97kHnIYvzv%2BWKkj07G%2B7OAZTQZRcctNslvs1ohFNw%2Bz%2By9WQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 19 May 2021 13:32:07 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b231695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Friday-Leftovers-Red-Carpet-Rundown-WERQ-From-Home-Style-Fashion-41621-Tom-Lorenzo-Site-Main.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 550 KB
551 KB 1774ms
1754ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Friday-Leftovers-Red-Carpet-Rundown-WERQ-From-Home-Style-Fashion-41621-Tom-Lorenzo-Site-Main.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d14ce2a32fb22a9a4ba78def66c24696b7308ab54963d9560504fef012d9ec3f

Request headers

:path: /wp-content/uploads/2021/04/Friday-Leftovers-Red-Carpet-Rundown-WERQ-From-Home-Style-Fashion-41621-Tom-Lorenzo-Site-Main.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 412578
cf-polished: origSize=594966
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 563543
cf-request-id: 0996c9a5a7000016959e032000000001
last-modified: Fri, 16 Apr 2021 15:17:31 GMT
server: cloudflare
etag: "6079aa8b-91416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RB2pfj2J3T2Adv%2BvS1IML0gcFy%2BeEjzVr7XVz5ZXoLDee1RfKIpBhDM78RGNh0JWOFQYs95Qtr7uspm9ngYv26PoAQjAXChZhI2IW9%2Fb6%2BphOw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 21:32:05 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b271695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Zuhair-Murad-Spring-2022-Bridal-Collection-Fashion-Wedding-Gowns-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 185 KB
186 KB 1888ms
1868ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Zuhair-Murad-Spring-2022-Bridal-Collection-Fashion-Wedding-Gowns-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cbe1c3d1373256c7cddccacc36b541fefedf17c853620f45e876cbc3fcfe52e

Request headers

:path: /wp-content/uploads/2021/04/Zuhair-Murad-Spring-2022-Bridal-Collection-Fashion-Wedding-Gowns-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 414134
cf-polished: origSize=198860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 189592
cf-request-id: 0996c9a5ac0000169597160000000001
last-modified: Fri, 16 Apr 2021 18:24:04 GMT
server: cloudflare
etag: "6079d644-308cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9N6LL47xz6K8w1P%2BsgHsIr18%2FRX%2FRJNy85RQOGvwHuV07Y8zyUzqZPdwJmfBIklCi0dBqhEv%2Bwb%2BQyFTyq9g5s7CdS1X9CKIj%2BKaJYc3ndz5Fw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 21:06:09 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b2a1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Alison-Brie-WERQ-From-Home-Style-Fashion-Versace-Aquazzura-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 270 KB
271 KB 315ms
295ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Alison-Brie-WERQ-From-Home-Style-Fashion-Versace-Aquazzura-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91c7e60a3431b119d4851aee4bd8126449c5f2ef9233b1371a844207517c637

Request headers

:path: /wp-content/uploads/2021/04/Alison-Brie-WERQ-From-Home-Style-Fashion-Versace-Aquazzura-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 419975
cf-polished: origSize=291680
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 276903
cf-request-id: 0996c9a5a7000016956f1e7000000001
last-modified: Fri, 16 Apr 2021 13:40:07 GMT
server: cloudflare
etag: "607993b7-47360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=owmgN%2FiGSt1sEq6x3swScmStLgrqCmbym7gmavhOIPQDncYKF68DHYD0Oi6UfzaryA5GYHneOIWhxfz8LLZTdcJsrr2NF9z9kAL5VDW%2BoAab6A%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 19:28:48 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b2b1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Pop-Style-Opinionfest-Podcast-Colton-Underwood-Valentino-Ad-Campaign-Controversy-The-Nevers-TV-Reviews-Tom-LOrenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 262 KB
263 KB 1948ms
1927ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Pop-Style-Opinionfest-Podcast-Colton-Underwood-Valentino-Ad-Campaign-Controversy-The-Nevers-TV-Reviews-Tom-LOrenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b8b3e72f37175c86e72f85f45780277492bdcd665487506b03ef3054ea64eea

Request headers

:path: /wp-content/uploads/2021/04/Pop-Style-Opinionfest-Podcast-Colton-Underwood-Valentino-Ad-Campaign-Controversy-The-Nevers-TV-Reviews-Tom-LOrenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423916
cf-polished: origSize=285118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 268738
cf-request-id: 0996c9a5a80000169557920000000001
last-modified: Fri, 16 Apr 2021 18:10:26 GMT
server: cloudflare
etag: "6079d312-459be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EIXpEwlO1%2BBxOu6b2UdUIF%2Bi733nCKxZSoUtozxn1scSN1JNKoVhsDWBN4p6lD%2Fck8s1hUxD3FO%2FUAF1QeOYkFqGvZTtyOdjtpPPVWEHAlcPVA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 18:23:07 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b2d1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Latin-American-Music-Awards-2021-Red-Carpet-Rundown-Fashion-Tom-Lorenzo-Site-Main.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 284 KB
284 KB 1995ms
1975ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Latin-American-Music-Awards-2021-Red-Carpet-Rundown-Fashion-Tom-Lorenzo-Site-Main.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97892f0fc488ed53dfdd3504562503967afca3a5d263ff9721919610430fa97

Request headers

:path: /wp-content/uploads/2021/04/Latin-American-Music-Awards-2021-Red-Carpet-Rundown-Fashion-Tom-Lorenzo-Site-Main.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 430022
cf-polished: origSize=298192
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 290405
cf-request-id: 0996c9a5a800001695969ab000000001
last-modified: Fri, 16 Apr 2021 15:37:59 GMT
server: cloudflare
etag: "6079af57-48cd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W5jvx3KC2sXRjQrAi5RmShWA6taGsuiw1ghKc0dZufYrQ1FfJsMhR4ykri8b1oOGTpAunH0fZTIsujk1IQdXC9aeBUcZHMpKTx3kF%2FOGhRtL7g%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 16:41:21 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b2f1695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Aquazzura-Frangolina-Sandal-Shoes-Accessories-Trends-Fashion-Tom-Lorenzo-Site-0.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 547 KB
547 KB 2031ms
2011ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Aquazzura-Frangolina-Sandal-Shoes-Accessories-Trends-Fashion-Tom-Lorenzo-Site-0.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0870491160da0757e295a43eb454c25b53471f579248cc06cdff97a11b22083

Request headers

:path: /wp-content/uploads/2021/04/Aquazzura-Frangolina-Sandal-Shoes-Accessories-Trends-Fashion-Tom-Lorenzo-Site-0.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426868
cf-polished: origSize=604862
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 559676
cf-request-id: 0996c9a5aa00001695d516e000000001
last-modified: Fri, 16 Apr 2021 13:57:40 GMT
server: cloudflare
etag: "607997d4-93abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oVepAunXOuxnZp8VCqqkb0R%2BfhwyDergWA3v0qE3wQPq5EJ%2FA14oYgtnVqI04bCuBnchIFhmSeRbVSo1aaBwIr8%2FvyL4aX%2BkQ1aewvQFSu9P2Q%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 17:33:55 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b311695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Emily-Blunt-A-Quiet-Place-Part-II-WERQ-From-Home-Style-Fashion-Miu-Miu-41621-Tom-Lorenzo-Site-1-scaled.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 370 KB
371 KB 2124ms
2105ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Emily-Blunt-A-Quiet-Place-Part-II-WERQ-From-Home-Style-Fashion-Miu-Miu-41621-Tom-Lorenzo-Site-1-scaled.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 905af0e6ed3b55ba54ebb221b10107b5bc465601d037e1faa75f9535c08f597c

Request headers

:path: /wp-content/uploads/2021/04/Emily-Blunt-A-Quiet-Place-Part-II-WERQ-From-Home-Style-Fashion-Miu-Miu-41621-Tom-Lorenzo-Site-1-scaled.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 433319
cf-polished: origSize=389623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 379187
cf-request-id: 0996c9a5a8000016959c03e000000001
last-modified: Fri, 16 Apr 2021 15:06:51 GMT
server: cloudflare
etag: "6079a80b-5f1f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EW2xi0K%2B%2FkDKsipFY0TKVjRUeydNmQnoQDx9DiF5LttmTtISAYf1UUFb0vWOxlFI4%2FupE%2BufcOqTcDrW8YWnirQl2bbyFTFWksLzsRfodjhT3g%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 15:46:24 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b331695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Carrie-Underwood-Latin-American-Music-Awards-2021-Red-Carpet-Fashion-Iris-Van-Herpen-Couture-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 164 KB
164 KB 2193ms
2173ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Carrie-Underwood-Latin-American-Music-Awards-2021-Red-Carpet-Fashion-Iris-Van-Herpen-Couture-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f82e668c3a55e6dc53f97a86368a6cfc6a7bc3a94c1f4153866e51b692673d

Request headers

:path: /wp-content/uploads/2021/04/Carrie-Underwood-Latin-American-Music-Awards-2021-Red-Carpet-Fashion-Iris-Van-Herpen-Couture-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 436807
cf-polished: origSize=180139
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 167757
cf-request-id: 0996c9a5a90000169593085000000001
last-modified: Fri, 16 Apr 2021 13:13:29 GMT
server: cloudflare
etag: "60798d79-2bfab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wop6Y0fp%2F6Bu5In2HiZ%2BKSp8FixRe5SPsw%2BO4qI6vfe5SHj14gqhfqJYaKnL5LJEl5gj3fEXZHJqqrhOAft02fF5EY7rIZzJeM6RAc0tKmQXuQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 14:48:16 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b371695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 Bars-Restaurants-Lounges-Cafes-4-16-2021-Tom-Lorenzo-Site-1.jpg
tomandlorenzo.com/wp-content/uploads/2021/04/ 731 KB
731 KB 241ms
221ms Image
image/jpeg 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/uploads/2021/04/Bars-Restaurants-Lounges-Cafes-4-16-2021-Tom-Lorenzo-Site-1.jpg
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39d34100bde47a55e06c932b563a36ea7b1262f49aa860e94467c2c5612e541b

Request headers

:path: /wp-content/uploads/2021/04/Bars-Restaurants-Lounges-Cafes-4-16-2021-Tom-Lorenzo-Site-1.jpg
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 441375
cf-polished: origSize=812851
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 748045
cf-request-id: 0996c9a5a900001695c8900000000001
last-modified: Fri, 16 Apr 2021 11:30:26 GMT
server: cloudflare
etag: "60797552-c6733"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1sRF3PHZ52UnIM4vpUKQJTWKPDiQ%2FtaK6oQ4259gdtzzfWEggQTllirxwsvxWfxNMAfHvKfKwzPafTP%2BBmhGDay2nKaEV7PIF0mJ2bmEHM0O4w%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 16 May 2021 13:32:08 GMT
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b391695-ARN
cf-bgj: imgq:100,h2pri

GET
H3-29 200 SocialMedia.woff
tomandlorenzo.com/wp-content/themes/drive/font/ 75 KB
76 KB 1591ms
1578ms Font
font/woff 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/font/SocialMedia.woff
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/wp-content/themes/drive/styles/social-media.css?ver=5.7.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a992dd0110e989ba26c80bf7002d9eaac0a6eeecf777599a5e8caffc90f888

Request headers

sec-fetch-mode: cors
origin: https://tomandlorenzo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
:path: /wp-content/themes/drive/font/SocialMedia.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/wp-content/themes/drive/styles/social-media.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tomandlorenzo.com
Referer: https://tomandlorenzo.com/wp-content/themes/drive/styles/social-media.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4893315
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77236
cf-request-id: 0996c9a5a50000169568862000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: "5a34bc54-12db4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=55brd%2FShBMFjKzKWy968HLEjTaqVkoZKsfcguID5%2FdqkHk786pqr4%2BGG0YRgMnldccL2xuiIpz2tV9Pag58zLhCrch7ihHIBWyzy0t1WWhiLOg%3D%3D"}],"max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee90b181695-ARN

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 24ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tomandlorenzo.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 154383
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:20 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 22ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tomandlorenzo.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:42:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 116741
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Wed, 20 Apr 2022 07:42:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tomandlorenzo.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 154354
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:49 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tomandlorenzo.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:50 GMT
server: sffe
age: 154375
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:28 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 149B 33 KB
13 KB 312ms
312ms Document
text/html 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Ftomandlorenzo&width=450&layout=standard&action=like&size=small&show_faces=true&share=false&height=80&appId=136301103114664

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d186981f1b614a7d05a71fdb429476d5139eda44d3d6df9f9484866a8a8fd64

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Ftomandlorenzo&width=450&layout=standard&action=like&size=small&show_faces=true&share=false&height=80&appId=136301103114664
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: sFzmLKAMa+wEFVukevgsDaEN7ZV4SSg3jATJPmvK4wDfXqI6yttfxLXqZHfdOvFpLWSGkIe2ki6iY8HbWjIIrw==
date: Wed, 21 Apr 2021 16:08:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 7094
date: Wed, 21 Apr 2021 14:10:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 16:10:09 GMT

GET
H3-29 200 line-h-l.png
tomandlorenzo.com/wp-content/themes/drive/images/ 71 B
659 B 2168ms
2165ms Image
image/png 172.67.70.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tomandlorenzo.com/wp-content/themes/drive/images/line-h-l.png
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a6192379a8a76f74103f84721ac825205a4214e6b674f60354b03fd80797964

Request headers

:path: /wp-content/themes/drive/images/line-h-l.png
pragma: no-cache
cookie: __cfduid=d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tomandlorenzo.com
referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tomandlorenzo.com/wp-content/themes/drive/style.css?ver=1593468730
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11304297
cf-polished: origSize=927
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71
cf-request-id: 0996c9a62200001695d9943000000001
last-modified: Sat, 16 Dec 2017 06:25:24 GMT
server: cloudflare
etag: "5a34bc54-39f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x7Oi5femTmxtrabIv5M7WZ61ADjrbIjoaiyKmGpHj9yQBxHlCj2YgNH5Qx5GEFG3fsE%2F9kXg9U3rjOWSmfBCN%2FA0%2F9iu%2BcOgod4sGSdyR39HhA%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6437dee9dd2f1695-ARN
cf-bgj: imgq:100,h2pri

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 363 KB
92 KB 37ms
35ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/tomandlorenzo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a3445bcecd64c7ea0301d97fd82a154c6b21409e543e68afc03148b7ebaa32b

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Apr 2021 21:46:13 GMT
server: cloudflare
age: 72915
etag: W/"607a05a5-5ad3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6437dee9ec922c3e-FRA
cf-request-id: 0996c9a63400002c3ea42e3000000001
expires: Wed, 21 Apr 2021 16:13:23 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 59ms
58ms Script
application/x-javascript 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 2826BFFDB82F2FB4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=59676
accept-ranges: bytes
content-length: 948
x-amz-id-2: IybdIbM8HZHFGeFfQHkL1xn6LjBypc4s9MoqJ602WDvJWcnRpeCMZ+8c+KpcPRX5ZzUeKGcBdlw=

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=941229519&t=pageview&_s=1&dl=https%3A%2F%2Ftomandlorenzo.com%2F&ul=en-us&de=UTF-8&dt=Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=323816247&gjid=626571292&cid=1668041672.1619021303&tid=UA-39533057-1&_gid=1020375034.1619021303&_r=1&_slc=1&z=2105738135

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tomandlorenzo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 34ms
6ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
etag: "9RlLmuIKdNbmR7Vwrq8Y0A=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Apr 2021 16:08:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 16ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-39533057-1&cid=1668041672.1619021303&jid=323816247&gjid=626571292&_gid=1020375034.1619021303&_u=IEBAAAAAAAAAAC~&z=1996656513

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Apr 2021 16:08:23 GMT
content-type: text/plain
access-control-allow-origin: https://tomandlorenzo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.29.0/ 287 KB
69 KB 65ms
59ms Script
application/javascript 104.109.90.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.29.0/core-en.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.90.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-90-77.deploy.static.akamaitechnologies.com
Software: nginx/1.19.1 /
Resource Hash: faac6b9031d79a3f00c6f066e1123f99cc6c9db4de3c7f5606c7009fdce481fa

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 08:41:55 GMT
server: nginx/1.19.1
etag: "607e93d3-1135f"
vary: Accept-Encoding
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
content-type: application/javascript
content-length: 70495
expires: Thu, 21 Apr 2022 16:08:23 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
346 B 46ms
12ms Script
application/x-javascript 2600:9000:2190:8200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 15:55:28 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
age: 778
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: IcoRpXSAWp0cRksrfk546DlvA8mSHy0Rys7jDTIDINi9YCqdZq4fOg==

GET
H2 200 impl.20210408-15-RELEASE.js Show response
cdn.taboola.com/libtrc/ 476 KB
109 KB 96ms
95ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210408-15-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tomandlorenzo-tomandlorenzo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6b6dd3a650dd7d4e281103063dda101b19b14e69c18f7dcd3d808f603a3304b7

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: K.IQkHHZKrnm1x8X2qdr5yB1BRd3_9al
content-encoding: br
etag: "764d1c3e2bd5b62e2c1bffa839b0cbe5"
age: 4951
x-cache: HIT
content-length: 111657
x-amz-id-2: ncXmtFt8TmcjPY5M+AgIChTbnckTIiRHB4CrG9B8lsLigFx9kjoIV9zstv02GGz0E6E0+iPlYw0=
x-served-by: cache-hhn11561-HHN
last-modified: Thu, 08 Apr 2021 12:22:39 GMT
server: AmazonS3-br
x-timer: S1619021304.638852,VS0,VE0
date: Wed, 21 Apr 2021 16:08:23 GMT
vary: Accept-Encoding
x-amz-request-id: DFEQA4E6Y45Y52NE
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 83
x-cache-hits: 497

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 209ms
68ms Script
application/javascript 13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tomandlorenzo-tomandlorenzo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-122.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 15:50:47 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: Zm2uUZ2xGAl2VPxFHntCIIpKgSWndSEdSLcNSEv0W3ME9X-zgBa7kA==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 96ms
95ms Image
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=stories-infra_ctrl2
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619021304.639023,VS0,VE0
x-served-by: cache-hhn11561-HHN
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 96ms
95ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

1bc0882677726f89aa067a62abae4233097858410c828339a4c8f04fb2792982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "848 / 598 of 1000 / last-modified: 1619003317"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21210
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:23 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D58ce2fb4-2312-4347-b67f-b27dcf0929f1%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D58ce2fb4-2312-4347-b67f-b27dcf0929f1%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&uid=241e9e32-75a3-4739-8dda-59564a24d5e3

183 B
387 B

677ms
216ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&uid=241e9e32-75a3-4739-8dda-59564a24d5e3
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-25-130.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: db5abf1b8fe5a03c8e6e4308c9c74dfa2609418dbc002688d75fd3fe5c2e5c3e

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Apr 2021 16:08:24 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&uid=241e9e32-75a3-4739-8dda-59564a24d5e3
date: Wed, 21 Apr 2021 16:08:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_097e7092_9be6b81d_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_097e7092_9be6b81d_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZoRCwvNE2uHrOiHHj8EXEgrsEvor1u5W~A

155 B
367 B

677ms
216ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZoRCwvNE2uHrOiHHj8EXEgrsEvor1u5W~A
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-25-130.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: b2a0180a98d54785b91221532325791b81bd40d0b89d1619a6f0b11df2f8cd90

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Apr 2021 16:08:24 GMT
server: nginx/1.18.0
content-length: 155
content-type: text/javascript

Redirect headers

Date: Wed, 21 Apr 2021 16:08:23 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZoRCwvNE2uHrOiHHj8EXEgrsEvor1u5W~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 186ms
57ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "2988-5b94848b276f9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Wed, 21 Apr 2021 16:23:23 GMT

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 210 B
532 B 251ms
65ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

85d8c90769f0f8113977a5a688f8d4923f63162b839d70429b7e225c7021c914

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://tomandlorenzo.com
Date: Wed, 21 Apr 2021 16:08:23 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 204 id Show response
id.sharedid.org/ 0
215 B 657ms
214ms XHR
text/plain 52.35.237.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.237.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-237-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tomandlorenzo.com
pragma: no-cache
date: Wed, 21 Apr 2021 16:08:24 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 910ms
223ms XHR
application/octet-stream 44.239.227.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.227.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Apr 2021 16:08:24 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 pixel;r=721576771;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Ftomandlorenzo.com%2F;uht=2;fpan=1;fpa=P0-786600728-1619021303688;pbcn=1;pbc=58ce2fb4-2312-4347-b67f-b27dcf0929f1;ns=0;ce=1;qjs=1;qv=b0f207...
pixel.quantserve.com/ 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=721576771;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Ftomandlorenzo.com%2F;uht=2;fpan=1;fpa=P0-786600728-1619021303688;pbcn=1;pbc=58ce2fb4-2312-4347-b67f-b27dcf0929f1;ns=0;ce=1;qjs=1;qv=b0f2076b-20210419173321;cm=;gdpr=0;ref=;d=tomandlorenzo.com;je=0;sr=1600x1200x24;dst=1;et=1619021303688;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated%2Cdescription.The%20fabulous%252C%20funny%20%26%20opinionated%20place%20for%20red%20carpet%252C%20runway%252C%20celebrity%252C%20telev%2Curl.https%3A%2F%2Ftomandlorenzo%252Ecom%2F%2Csite_name.Tom%20%2B%20Lorenzo

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 10058642.js Show response
www.iubenda.com/cookie-solution/confs/js/ 99 B
463 B 62ms
59ms Script
application/javascript 104.109.90.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iubenda.com/cookie-solution/confs/js/10058642.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.29.0/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.90.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-90-77.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 896babcc19f18135ee8831b98f22b877a37ac0c25f5376ea26b628902eb852fc

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
access-control-request-method: *
content-encoding: gzip
content-length: 97
last-modified: Fri, 26 Mar 2021 11:57:42 GMT
server: nginx
etag: "605dcc36-63"
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 22 Apr 2021 16:08:23 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 203ms
89ms XHR
text/plain 35.156.13.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=tegsaCWMcAcRduRLTEVAvA6K&bidId=tegsaCWMcAcRduRLTEVAvA6K&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&idluid=%5Bobject%20Object%5D&pubcid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.13.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tomandlorenzo.com
date: Wed, 21 Apr 2021 16:08:23 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 193ms
82ms XHR
text/plain 35.156.13.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=jRWFoySp6nCS4rytV3BLYsZC&bidId=jRWFoySp6nCS4rytV3BLYsZC&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&idluid=%5Bobject%20Object%5D&pubcid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.13.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tomandlorenzo.com
date: Wed, 21 Apr 2021 16:08:23 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 187ms
77ms XHR
text/plain 35.156.13.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=xZztjRf3XcaJNdEg13XA3zCF&bidId=xZztjRf3XcaJNdEg13XA3zCF&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&idluid=%5Bobject%20Object%5D&pubcid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.13.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tomandlorenzo.com
date: Wed, 21 Apr 2021 16:08:23 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 mvo Show response
tag.1rx.io/rmp/210395/0/ 0
173 B 177ms
59ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/210395/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tomandlorenzo.com
pragma: no-cache
date: Wed, 21 Apr 2021 16:08:23 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 115 B
778 B 324ms
196ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.25.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: e81d904e1a744628e5c9597a2e53dad4eb16c5945f2c6c91284250ab0135dfe2

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 21 Apr 2021 16:08:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://tomandlorenzo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 113

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 125 KB
33 KB 242ms
105ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: q7OHlIgREiMRAgWRSKTgyzqpw7nvQ8Sf
content-encoding: gzip
server: Server
age: 244
etag: 24ac8c0f0d59670e43bc0b1990070642
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Wed, 21 Apr 2021 16:04:29 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FpPiR7Nd3RN8UvM6Z_TwjHP5to-o0tGaydjhWo8ky0sx8eExpOyFnA==

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 508 B
694 B 45ms
12ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 12a98cda2eb01778f99a99bc049e3754f5fbc8da727ea24fd9598839a6778b91

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:23 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://tomandlorenzo.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 508
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 675 B
1 KB 170ms
55ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b62489037a015d4d4e6831d0dfed7db76049626b03d44794db8277554e4f98ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 21 Apr 2021 16:08:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.238:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 80286eaa-3acf-441d-8636-cc2f6d10ce9c
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tomandlorenzo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 466 B
4 KB 359ms
168ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=185330&zone_id=902566&size_id=15&alt_size_ids=2%2C10%2C57%3B2%2C10%3B&rp_floor=0.1%3B0.10000000000000002%3B0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=13003841-42c9-4d2f-8292-2138aa92b955%3B670dab5a-501c-44e7-869d-cad2bc99281a%3Be04c278d-b7c1-42db-a11d-b7a094b0f473&p_screen_res=1600x1200&tg_fl.eid=902566-1%3B902566-2%3B902566-3&rf=https%3A%2F%2Ftomandlorenzo.com%2F&x_source.pchain=proper.io%3Ae5961d07-eb92-11e9-a488-69e3386c7506&ppuid=58ce2fb4-2312-4347-b67f-b27dcf0929f1&eid_pubcid.org=58ce2fb4-2312-4347-b67f-b27dcf0929f1%5E1&rp_schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&slots=3&rand=0.31393863224326446
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a6019d9353f186d5abd8faba012be57a11be74cae96c47de4c55998eab5039e9

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://tomandlorenzo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 466
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
2 KB 500ms
365ms Script
text/javascript 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22276413273%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftomandlorenzo.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-OcJos%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-OcJos%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-QJ1ob%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-QJ1ob%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-gUthO%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-gUthO%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-sUzso%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-sUzso%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-3-aIIYV%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-aIIYV%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-1-b5FCU%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-b5FCU%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-2-ZozHP%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-ZozHP%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-1-26Q90%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-26Q90%22%2C%22siteID%22%3A384709%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22liveramp.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%7B%7D%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22idl%22%7D%7D%5D%7D%5D%7D%7D&t=300&fn=window.proper_dbbbe95b_8bae8ae1_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 754c7c177a56f1d732a6abbdcbc18a75a28acce1a4416c96f097cecdd87f8c87

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1462
Expires: Wed, 21 Apr 2021 16:08:24 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 173 B
560 B 142ms
65ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ftomandlorenzo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%7C728x90%7C970x250%7C300x250%7C300x250%2C300x600%7C300x250%2C300x600&auid=539925147%2C539925148%2C539925149%2C539925151%2C539925152%2C540901620&aumfs=100%2C100%2C100%2C100%2C100%2C100&dddid=f71355d9-15dd-4d09-bd89-6767ab6683f6%2C48f44995-546e-4078-a155-770fe2243b26%2C81a07e70-2863-4a8b-80ee-f9beabd048be%2Cc78cff16-455a-4bdc-868f-9bb60ad31341%2C037bec85-4722-4e40-ac59-afdcb7047ee1%2C7814c33b-d95d-4fee-8023-5571425cb83a&divIds=openx-ce292bc6-0b8f-43bb-abd3-cc48eae7b0fe%2Copenx-48e89d32-c61e-437f-b77c-a8748dfecccb%2Copenx-c637eb77-a450-4221-93eb-6d442edafb89%2Copenx-a17cb8a5-136c-4fa2-9f9d-1ca076507f95%2Copenx-015e4685-0ca1-43ff-b5ac-ecba677e8870%2Copenx-8dc499ba-3dc2-47c4-8899-d67fb5d0649b&be=1&bc=hb_pb_3.0.1&nocache=1619021303739&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&idl_env=%5Bobject%20Object%5D&_pubcid=58ce2fb4-2312-4347-b67f-b27dcf0929f1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: fd953108dcaa921f569d4e9ba6f7343fe5131219a501add60e019b8d16948457

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://tomandlorenzo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 198ms
82ms XHR
text/plain 18.194.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1619021303741
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tomandlorenzo.com
date: Wed, 21 Apr 2021 16:08:23 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
427 B 117ms
43ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://tomandlorenzo.com
access-control-allow-credentials: true
cf-ray: 6437deecf9dcf132-ARN
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0996c9a81c0000f1323e35a000000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 259ms
143ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tomandlorenzo.com
date: Wed, 21 Apr 2021 16:08:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 149B 400 B
449 B 32ms
32ms Image
image/png 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Ftomandlorenzo&width=450&layout=standard&action=like&size=small&show_faces=true&share=false&height=80&appId=136301103114664

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Ftomandlorenzo&width=450&layout=standard&action=like&size=small&show_faces=true&share=false&height=80&appId=136301103114664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: jZuHwV4o1z7zVmYl8oFLmozdFyciW43SjmwI0e38boNn1NVHQsq/su36PizLu1KQpsP1Pru1BZBblMCE7+aHdA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Sat, 10 Apr 2021 17:56:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Sun, 10 Apr 2022 17:56:05 GMT

GET
H3-29 200 qgld8yIc9vP.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yg/l/en_US/ Frame 149B 484 KB
125 KB 33ms
33ms Script
application/x-javascript 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yg/l/en_US/qgld8yIc9vP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d970f7baf73a23770447cc4dd08ebb4d7380006e524fb5e82b8ffc416e64a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Ftomandlorenzo&width=450&layout=standard&action=like&size=small&show_faces=true&share=false&height=80&appId=136301103114664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 00:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rM4/97/aW2gmEfJ2w2trwQ==
cross-origin-resource-policy: cross-origin
content-length: 127997
x-fb-rlafr: 0
x-fb-debug: vgN7zhtUXirga911B5cD+aGOYJhxkJFNy475ufP/Y2L5uDjuKBSpN9gNyuKZZAtmxVd+UBpooeFWZqFU1HLWSw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 21 Apr 2022 00:54:49 GMT

GET
H3-29 200 pubads_impl_2021041501.js Show response
securepubads.g.doubleclick.net/gpt/ 299 KB
105 KB 96ms
95ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 08:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107555
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:23 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619021303842&ns_c=UTF-8&cv=3.5&c8=Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated&c7=https%3A%2F%2Ftomandlorenzo.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619021303842&ns_c=UTF-8&cv=3.5&c8=Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated&c7=https%3A%2F%2Ftomandlorenzo.com%2F&c9=

64 B
330 B

78ms
78ms

Image
image/gif

13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619021303842&ns_c=UTF-8&cv=3.5&c8=Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated&c7=https%3A%2F%2Ftomandlorenzo.com%2F&c9=
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-122.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: KSY8LfdjWRemTitNhOWVaXpgbJaGdHXPXdC-xaE9zpB6SBxoite_GQ==

Redirect headers

date: Wed, 21 Apr 2021 16:08:23 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619021303842&ns_c=UTF-8&cv=3.5&c8=Tom%20%2B%20Lorenzo%20%7C%20Fabulous%20%26%20Opinionated&c7=https%3A%2F%2Ftomandlorenzo.com%2F&c9=
content-length: 219
x-amz-cf-id: szux9SHVnQiSsqJVhFrexaZVk4gg2w_jwsskrUVmb3crFopDq19qLA==

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 62ms
62ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "a253-5b94848b276f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Wed, 21 Apr 2021 16:23:23 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 423 B
631 B 38ms
11ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=616
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:23 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://tomandlorenzo.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 423
expires: Wed, 21 Apr 2021 16:38:23 GMT

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
401 B 65ms
64ms XHR
text/plain 46.101.132.18
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.29.0/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.132.18 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Apr 2021 16:08:24 GMT
server: nginx
x-influxdb-build: OSS
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://tomandlorenzo.com
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: ccb5625a-a2bb-11eb-90e9-0242ac110002
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version: 1.8.2
x-request-id: ccb5625a-a2bb-11eb-90e9-0242ac110002

OPTIONS
H2 204 write
hits-i.iubenda.com/ Frame 0
0 210ms
66ms Preflight
text/plain 46.101.132.18
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Server: 46.101.132.18 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://tomandlorenzo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 21 Apr 2021 16:08:24 GMT
access-control-allow-origin: https://tomandlorenzo.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 149B 67 B
97 B 92ms
90ms Image
image/png 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619021303789&t_start=1619021303789&t_domcontent=1619021303807&t_layout=1619021303977&t_onload=1619021303977&t_paint=1619021303977&t_creport=1619021303977&t_tti=1619021303807&lid=6953643549113632026-0

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Ftomandlorenzo&width=450&layout=standard&action=like&size=small&show_faces=true&share=false&height=80&appId=136301103114664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: io+LmLLzcpCVIxF/xPXMeCAR1oQ3kEQY0+epA5mecjgIWjN+W0sRfDqhEoFsY1dNEuqNGPxQCitjT4hUzin03A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Apr 2021 16:08:24 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 58 KB
19 KB 60ms
59ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b37e558d60e9643d77167ecf956b7f84dded6e5e96dbe6a7074f6f86b1f05e64

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:24 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 18:09:57 GMT
server: Apache
etag: "e6f4-5b944bf04d384-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 18766
expires: Wed, 21 Apr 2021 16:23:24 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 371 KB
115 KB 74ms
74ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0effb16ddb608a8749633fee2c47b3b0b92c72bb2bda397a0170982139f1aa0a

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:24 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 17:58:38 GMT
server: Apache
etag: "5cab6-5b958b46eaab9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 117552
expires: Wed, 21 Apr 2021 16:23:24 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 208ms
67ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:07:04 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 25281
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: JJ4p7dO9NWH-MolTRoLLmV2fFQnqxZhK6LYDKw9ugjPH9vrkKU8OdQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 124ms
122ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftomandlorenzo.com%2F&pid=872mrvMALmlsl&cb=0&ws=1600x1200&v=7.63.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%5D&cfgv=0&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:24 GMT
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://tomandlorenzo.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RTe2xFI9PfFkSTilVY82D88M1HQhHWqpiLuLdnbZafG3BGKp0wCNAQ==

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 68 KB
19 KB 127ms
42ms Script
application/javascript 2a04:4e42:1f::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:24 GMT
content-encoding: br
x-cdn: fastly
etag: "2424d1362506bd5cb853b5162df0158b"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=300
content-length: 18804
access-control-expose-headers: X-CDN

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-56c788366c9f508a/ 3 KB
985 B 85ms
83ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-56c788366c9f508a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e812bbe11def8c9c0880a8156cde16c74b098c31c723691980a7b4b6ab533d7e

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:24 GMT
content-encoding: gzip
etag: -1385770029--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=50, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 808

GET
H/1.1 200
OK widget_iframe.63899b173766ee6f8a729a72b542b0fb.html Show response
platform.twitter.com/widgets/ Frame 7DB7 319 KB
103 KB 56ms
41ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Ftomandlorenzo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F705) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tomandlorenzo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 490587
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Apr 2021 16:08:24 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Thu, 15 Apr 2021 22:44:33 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

POST
H2 200 s2s Show response
eb.proper.io/ 377 B
627 B 304ms
286ms XHR
application/json 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=58ce2fb4-2312-4347-b67f-b27dcf0929f1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb9e2d2a50ec9b124401c474e91e27401bd1d5c5a9e6873e2c78448877eaaad

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tomandlorenzo.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6437def2cb112c3e-FRA
cf-request-id: 0996c9abc100002c3e901e4000000001
expires: -1

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 69ms
63ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 21 Apr 2021 16:08:24 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7DB7 183 B
420 B 371ms
173ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=350d60426c0cf6b34ce0b78b4ada1d2e299aae25

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Ftomandlorenzo.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 16:08:25 GMT
server: tsa_devel
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d14b6c04bbd4d89284605736fb9fedec7e6ec09073c194f5841821d7566f8a03
content-length: 152

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
799 B 152ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=tomandlorenzo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tomandlorenzo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
41 KB 915ms
915ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1817890125560233&correlator=4112219842525052&output=ldjh&impl=fifs&eid=31060517%2C31060784%2C31060862%2C21064369%2C31060795&vrg=2021041501&ptt=17&us_privacy=1---&tfcd=0&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=5376056%2Ctomandlorenzo_leaderboard%2Ctomandlorenzo_side_1%2Ctomandlorenzo_side_2%2Ctomandlorenzo_side_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%7C728x90%2C1x1%7C300x250%7C336x280%2C1x1%7C300x250%7C300x600%7C336x280%2C1x1%7C300x250%7C300x600%7C336x280&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D4198%26proper_site%3Dtomandlorenzo%26proper_slot%3D2%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4198%26proper_site%3Dtomandlorenzo%26proper_slot%3D3%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4198%26proper_site%3Dtomandlorenzo%26proper_slot%3D4%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4198%26proper_site%3Dtomandlorenzo%26proper_slot%3D5%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1619021304&dt=1619021304975&dlt=1619021302893&idt=1134&frm=20&biw=1600&bih=1200&oid=3&adxs=210%2C1018%2C1018%2C1018&adys=70%2C316%2C505%2C649&adks=1673804112%2C846913267%2C2316433965%2C1772340581&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Ftomandlorenzo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1%7C371x-1%7C371x-1%7C371x-1&msz=728x-1%7C371x-1%7C371x-1%7C371x-1&ga_vid=1668041672.1619021303&ga_sid=1619021305&ga_hid=941229519&ga_fc=false&fws=0%2C4%2C4%2C4&ohw=0%2C372%2C372%2C372&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

fd5dd209404d0cb6e3742f272cf87a9e8873b9e71d0103bc1ae5d90630e45d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42287
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tomandlorenzo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 59ms
14ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 8ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 32ms
31ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F712) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 22:44:19 GMT
Server: ECS (ska/F712)
Age: 490588
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK follow_button.63899b173766ee6f8a729a72b542b0fb.en.html Show response
platform.twitter.com/widgets/ Frame 5A0A 36 KB
14 KB 35ms
34ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.63899b173766ee6f8a729a72b542b0fb.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F712) /
Resource Hash: 5909554a35a1e2ce0c8c4c4199b1833e9d3b8cef076f80bc35be8acfe2770270

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tomandlorenzo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 490588
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Apr 2021 16:08:25 GMT
Etag: "d9f4c037fc3bf2a13d8ef6367b419c3d+gzip"
Last-Modified: Thu, 15 Apr 2021 22:44:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13632

GET
H2 200 /
log.pinterest.com/ 0
333 B 283ms
165ms Image
text/plain 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=zTyK5x39XpAb&tv=2021040501&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Ftomandlorenzo.com%2F&viaSrc=canonical
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:25 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 1
x-cache-hits: 0
content-length: 0
x-served-by: cache-hhn4042-HHN
pragma: no-cache
server: envoy
x-timer: S1619021306.547032,VS0,VE92
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 7894778089213708
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5A0A 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
122 B 35ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=tomandlorenzo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tomandlorenzo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 556ms
555ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1817890125560233&correlator=1080982131793532&output=ldjh&impl=fifs&eid=31060517%2C31060784%2C31060862%2C21064369%2C31060795&vrg=2021041501&ptt=17&us_privacy=1---&tfcd=0&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=5376056%2Ctomandlorenzo_sticky_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D4198%26proper_site%3Dtomandlorenzo%26proper_slot%3D1%26proper_sticky%3Dtrue%26proper_floor%3D1.00%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1619021305&dt=1619021305641&dlt=1619021302893&idt=1134&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=6024&adks=3685382935&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Ftomandlorenzo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1x-1&ga_vid=1668041672.1619021303&ga_sid=1619021305&ga_hid=941229519&ga_fc=false&fws=512&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ef5f7da0952547e68946d938b9caa26ac0f19de23b44945d15949d1f2ce7ee27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4350
x-xss-protection: 0
google-lineitem-id: 2151307336
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138203125721
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tomandlorenzo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
352 B 167ms
167ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftomandlorenzo.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1619021305644%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22ff2e7cf%3A1618526400629%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 21 Apr 2021 16:08:25 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d14b6c04bbd4d89284605736fb9fedec7e6ec09073c194f5841821d7566f8a03
x-transaction: 8f19e8fdd1c9b1f9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 container.html Show response
d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B51F 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 21 Apr 2021 16:08:25 GMT
expires: Thu, 21 Apr 2022 16:08:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:25 GMT

GET
H3-29 200 container.html Show response
d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E21A 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 21 Apr 2021 16:08:25 GMT
expires: Thu, 21 Apr 2022 16:08:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A667 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 21 Apr 2021 16:08:25 GMT
expires: Thu, 21 Apr 2022 16:08:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A8E2 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 21 Apr 2021 16:08:25 GMT
expires: Thu, 21 Apr 2022 16:08:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de13e5ed0484e4d9c8d5f93330b02a28e19c6ae0d6a2d27f4f2dfd9bfad589cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6524
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FAC1 624 B
590 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGJS6uqABMAE&v=APEucNVTeHmYB0sKZ9-pv9x0TfUbUKmbxOUaRKEl5ffbwfymQ4i95WBjsa8Y0eobO-ymhRzhRnQfglKQY7D37SL67bS_kKMaY78TjcSVoRO-_rCXw_WlshgUKl-BADep16SFqDjNcFH7ReKoSGWpcub48e4VJknKSEdtHc3L5zLp-gpGunE2wRWzVxJUM_q4gXvzX2NBFnfo-uV7mcLVz1NbfkS5q4hVhw

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN8DEPHb-r4CGJS6uqABMAE&v=APEucNVTeHmYB0sKZ9-pv9x0TfUbUKmbxOUaRKEl5ffbwfymQ4i95WBjsa8Y0eobO-ymhRzhRnQfglKQY7D37SL67bS_kKMaY78TjcSVoRO-_rCXw_WlshgUKl-BADep16SFqDjNcFH7ReKoSGWpcub48e4VJknKSEdtHc3L5zLp-gpGunE2wRWzVxJUM_q4gXvzX2NBFnfo-uV7mcLVz1NbfkS5q4hVhw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 21 Apr 2021 16:08:26 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUl5Yt0GWas7NbRihI9Jrj_Q1jdd1F2kibtMfelrysd_rjeH1xOZeXKigpJ2; expires=Mon, 16-May-2022 16:08:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B51F 57 KB
23 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DY7xSxaJq3Ze3W_4yI5MA0GPg-CCNZRcpzhpAQ9A5iOmUezeZ2sgpKcIUD5aL04GtK-uTjmzoebWwebbwa_cdJVs7jaoDJHrmziXJDOLx-Sg8hFHndsRLXpc12dZjnXYyFrjKs2UZ9WTmLdJi2USeUyU9AqQ&dbm_d=AKAmf-BYpSzOYgPYYXJwIBRSHX3NnsPju9nncjGFHxRLax-lJr-A6o8CRARy66IiGxWoh0YPvVP_vETWoikLZ01s4-eyMRQg9ZN4mia1XXmv8ERuC10n8kcH5hNmODHAE3yuUikMLgd7t4gtv0Xn6TigJre7uaybmqHT-0A6HkhYIpSj3voaCqy5mQI1XBsPDaF6ptC_LaXMIksGwyL83-uvI_E4DsIc_ZX9YDA7BAJikDgQcNrQQn0iN6h46HDyglMnYyAOaL-a2Zs2AoL5LvTnVRA0Jwv3WAHa-U9npDCqmftWfFSlPC6jkh2wrfP_MutHNc6c2oTiLQk_DBFWsKl7IS8Ef7C9y-Pub55AVfXwRG_BQVOP8uf8-Pb4e-Sa4sfULYUI89K6dt21bZiWSYAfLmBYTgzTaEz8FJUj78q29tdOigwp9uW8aDi7u8e6sm-KGTxec15N0U3j-dSmur5MNW1p09rIGZygGzZdJqRAKECTnrzWPZCi7K3iAUxOTfiDfVp-uQGPZQRAmA8y81OvrZT9kax7f_Gst1V9EfD981pwrFs17oZNo0FkkEkf0uCfUISUT154PmapQbUyf04Y5u7q7ZYJ57DV3qTm8D4DdSHXa6OGaMY6_VqtT0HS59fO5J-kYXtxRAikvM2G6ougjEkhqrGNX_R11y06RkhEdCv74DeI7Z7OfweDL2CZihZE7BJjMEUyOUnYImEzYCjLh5Sh6S6K-t9jpTwSt76qvkmQXHwPmLDw7aU6cneM44FhJfTF8QAiSXq2MyCw5bo6fFctpqs5MFoDBQMURnq2QLHHHy5N_sjitsEEYueereYSFOA3QSJ9KhVPXwDUSFZQVfhhGuj2UtT6VWnCX8BgTmlJHkXEnr7-vcvSztCrwN2x0yuEj8a3FmNO9nnv2dcatfxDu88dRYX2MgqK81k0PbQ6t2b4VSR0gVKSlpIHRfi-twirPTKh54GNtFuuJPsJ8-oy8R46k_MWEgwuHVMnZYiaeAWsHhmELQMIge2P6akRaFscMSc6K2k3m2c1CS0kIUBuD0qG89xDemQ1Seq4bU8ungd8Ys8qMjHrwjefTIqlQuI3yWxyzRStYxvC8NAa_ZincS9SjNRO69Za-gLwSEraRYl-InhXEJLLvhEht-8PIJNcygQJN-LQkRHkKDWApBQtBCDGuDLEc_O1vRg2eY2zDzF6OgqNRa98qg5iayH66-dkCHOH54W3yZQt2UPjiAso4qzX0hj-CdrqMzEhyAOwj_bKxuCzBABQ8EAb7tdBqyoC8MKz2vKTO_Iq3g7GNPxH_GmBJioRndKmS8g9uKYJWvy2T8brHTV06JIGgHshbhtL0X4wqmeOhYpLyEFNiR0V7JlmWmoodKrfklnPOcuY_i3IvRW1R3JuN7DxHz6LTj4UyNFjpShvCA3AffsIn6OreAH7EJgfMEwF4RSzPKGHTYYg4lZrCA45pW6IaH3KHGxdpz9pQAKHqOusc1zFf1mX5V0u9dEx1cPGOJS-TZVKFspjmze1fnXk4_GbbzqyEwWAey4DroLLqmRrOsc6QkpbJPir4xTjTU4IrCGyD0rZmPXsBZWeou515UAHb7lmVI0G44vT4TSIySNw8YQeP5gyfi3313xr25VbxgIA4RMiiZvbFtz742cK04vGJhcXFQ7DCBzOQDXpJlyB1ARFCMqwNuB20p_2DfmI_VLEYJ8KRygNxIN1t5hcud4ArPCGaiVbLY4lI6PUApHySz36ZxPrqYNfFHBZ448SeuyhCU-WUtca5iyDn3ndzFYo7O6sQO_tpvyIrk-y_KKLUmHwOnpCDt9Qveo1yE0R6yAUjeZ53YmTxTBdUu-cdJVdz68TkEC0u3N16pNEf5oyW65lB7qPnt3lvkDpRnX4FOnJA9XW_4hvU77Hxs7bGSj7dJDodJqDe1aC1qmN_Wn1PqX7HK7CH46d3U9TsgLHQVS7WX5T69kq5KhdP7KLVV5WbDNHASPKo18CkMwRKgav6TpKNg4kkiYoQeMEEuJVU95SjmbqxJ9foYcO2oK7n6dGr7sxiOSQXqctdUWOwNXh7z0Cj5Bio_BS5M_Q3J_38zEDsOr4uW8KnyAUD8baMMEK5lOKaK0DWzvschF8I_p1J6xhBtk4dJA7oraYuw0C26dbE-7f7pW37ZPCfMfwIgWUZLLEskuisk7bEs35gGbv-Vnavi1dc2jmDEROmZxE6iQgUbONe5mhat_XwIuJlz8aXn52PggkbPHR1zZEPqgbbqX3GzM8Z6vm_cm0qUKBJVT8gE3wAaqBCivG_P7sGSDNl3KSUGXiTb6k0Dr5zzLzxtv1trNm1XWe0D1BahX7SXFRitfibNslQ2NFCSzB9u_E3_O84yeLfqCttcerh5nUsMa1IELzs01t9XbJEL_QuLxK6FedHeVWNHVFKtNviTV2vQTQ8iEKqCSAqKykIPbrGzDCw4v8l_3C1yhSKGXpzB5vJkgRFsWL8uL-nTJWAi3GP1-h74A11UQ0axNvnV18F1UbqvqukGo2aON8oa7ngFoRw_EeVek_rP-tvY2aCZQr-MSN7-VlsFMaNvkJJ-3qKPqWMAgss_U1j_SFlA2XZ--tUiWClf8c2lEhrKQTDaQ7nR8hnSJ4qnzDzNzMiWxcm5Bb9z1BTcvKhzsSRS84w6ZMjM7-hTBUuH7D9D4agJrsQtBD0sLzDcKxMVUh2G3fDjE15wXGpasbml7-aWu7JkLLkGJyeus33DEAfRUNO1zf0hNTJaTyoXLkC8-br6QNVAdrjjZKk6rSok7b27OvhOXR7qjR91d_iG3VX5hJYyDEGOMjJFdZFoMDSYORJ4LbK_cbDYjq9Yxz5NbPNGHN5wGcY1w0KC2cwCc9N0OcizKZSyf-oxU-auKPECjTLyNPXFg4_lPwC-AD-D4tSGrpsffVjcYxqezJmFhcEwXFS3jGUn7APz94gyhVQ9Vyik6d3n62qT0_Xa5rublm5PWdQLzcF7dhDEcCpXcaETlT1USymiBUDxu-7KEFpMXFLz88F-12ESiYWUPAF33sx2zDdD5n6xOldh3N21p_VnsgWmCbhKYNq4jiJAwJ&cid=CAASPeRoD0TaZD4L8CPbMdto30yx6p9pWxTa3zMh5EPdi8vG1inWHB7i8lCX7Hjhb8IzU6byNzDLHLxLFfSsVWk&rfl=1%2Chttps%253A%252F%252Ftomandlorenzo.com%252F%240

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

188229e06712280bef3385e3fb86ef8ffc7409ebece1363f3cb5ce85482df7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B51F 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2dWMA2e_Qf5AEd8kIMfCGs8ej9sMKhfUf3xoVBh2sU5yhj5MsIQ9lQg6Rru97Zhxa9P1rJyJCyuW48M3VoA_ZP5IA6HUsNT7JiUQegUcaaT0Jhyc

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B51F 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:06:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B51F 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B51F 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:05:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B51F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRij6oBP36Fe3Xbwa9OV8AGURvienuUK3ZOdg6J3bBZ1C1_Dxoo2OUfY8HYor9HENjNxmOu
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A42D 624 B
560 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQrM_sAhiDpcqeATAB&v=APEucNWE1io1v_h8dhsINNON2aGQmiAgW0F9X2Xi3ear-hOoGbbqV3m3foioSVdsQL80IxiK_wLOSz1ZAqfRXd_s5NAHqCPZNjHEgWEYa0hkk4_lNVN1SWemkGkJucSS3K03kK68YxWAV8BMjDMTm73Uesr7xOpVm-sBLEr50mECsLP_8iIYtcq6HQ1WeX3HgTYbcyn7uQsm_7HWcseYgOUyoplUWsKEyA

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJKm1AIQrM_sAhiDpcqeATAB&v=APEucNWE1io1v_h8dhsINNON2aGQmiAgW0F9X2Xi3ear-hOoGbbqV3m3foioSVdsQL80IxiK_wLOSz1ZAqfRXd_s5NAHqCPZNjHEgWEYa0hkk4_lNVN1SWemkGkJucSS3K03kK68YxWAV8BMjDMTm73Uesr7xOpVm-sBLEr50mECsLP_8iIYtcq6HQ1WeX3HgTYbcyn7uQsm_7HWcseYgOUyoplUWsKEyA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 21 Apr 2021 16:08:26 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUmxGwacwA_jUnT6NrGg3G5mOq8pFkAaThk9pXh5M-MBNgUfEHEAI0QjGN5x; expires=Mon, 16-May-2022 16:08:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame E21A 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:00:58 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame E21A 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 15:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 15:54:13 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E21A 0
107 B 107ms
103ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFcyMDinCLKVTFbzoCOHllrb8Pauow-KKsz1VTCX_Yzli9-D-mbMtr4kcUqgyNvc2bJVfBJVUYh3sLuLTMqVvP_hmT-1bub9QHDQfKA_VPiQlAAhzVSDgOgthXm8xX5lLAGDFHhT8T10cmJ0t8IqRcaRcrwWzDMquXk2Vj2KV8MwkaBN0mAHNcG-5thJ3jk5Aq-Pqi3DT03f-rkyslr0t2U7C7dcJDKmmKPEeVvknYux7_VsUfOCi3DJvXehcFjMc4cVHlW__eXgIeSCBKff-79Pb0VybvFJFzf35uCeyamLY5_GipqwhckDnVXDd0Befq8pc0ToTLUPKV1teqJAZKybJWlzHYflrXsi6S4V0GjFXLJkSVHNfmCFKjcubFs6igxwyKnAPUyDIRrSTXRhisYWKUMwnouZlYOie1_jz0yUTHtPC-6RqgsNiAft6JP4rkAD_um8mzfvBAzRpNOPViXHxpWaaSLyd6s9vcX58aIaEILnwsbfRkmQhb4qGDOM7ZdgbFAONpcjavEHYiN-XYeFv33lLjnP6rj354yajglnG2cqo8m8tpSsSb5qDZjKqb5MiUBiYqV19GoI-gp9nY3KvCm0PvkV0PU2LegmnI_TqcpnXqfQRAjpHw3qTDqJF9z4SthxSO8tkTbI_HoNkRhifSGZ6RJpUvXUdDbU7CsGQ1LvxJA52wlKLHmfRRZrRo0U5qVmZk1Osu7sVuKhcEQH13fh_SgkuGlzBYGELWmf2RpLnZa7RCgTJWghY58pOdb4KfKA-VNhZzNtBNjmMP2VdfVwB4g0MaGg__3L2R7moKE7Nb5fHwgNTSUaxNYvnmbO5BaHCtFTq3qQJCY3YKLAlyimrc3SVu8aCBFa4V93iGZlViergmUaRXVVodH5Pe6aXj7lpj-_A2BTgPsSuQ_46Vxo3ocfs31z33a119LC3pY0IdFjlnk2SHQ-xjOm6HzAeBahYcHK5I8FbvrXvqs--3t2SSL8pLvAmvj0xJk0UCLLsae0b_sU2NBMRO8pdd2mwP1BnNVBe67z13OTxvFeqQSGTN3yZSwb-75IriTJ8IWxAKt8yLokN6QIGx6HtAgtfccmEw6BEzogzBqUubLBtIdiMuvwiiIumoHU2fs9Jm1b8u3DLlVgSfNV5JewnVsj8Xsw5saI5WQZ5kh1_0zojP5aH2_st4wFC6DEZCXezLKXtejw&sai=AMfl-YTrnB_AnjzPW5hrdqDN5gGkUA449E-DhDYU3ZlpQ1Ny_hbTmAKz_yQDiOFSqiTHeGY8b5cwsI4AuYePUYMPGxoSm3zPxlwvOHGvxRWchY1bP2E_1Jx89CudvYN0zjaGkyg1vZz_fEKn_heyK64CTxNoOC1brZzzGPeunoW-7wWhJxi1U5dFMvCz-0n4XE7MdDMFbLmiOhQP3WfaNEv5pTd4pz1NHMo9FaPGfBBRWv0vdjGfX8aCQdOUuOiEmWwsSNdqTvCWvX2JnadeNbr31dotdgvmIGQTNlPnNP_nH8u67LkXrdFj04JapxWwHDzH47WtufdW_oYAxW_daDW6E1xpaI5JJF4y5mQKOW0WfmsUBbL89cGMXtHcY4fg5yD88A&sig=Cg0ArKJSzGqgziBrxNL8EAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210415.57097&adurl=

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 21 Apr 2021 16:08:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E21A 41 KB
15 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36121
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 06:06:25 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E21A 42 B
63 B 45ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPoK3l24zGU7hugxnrAm3KkQeokhKkGR0IsJoqCJbqAsxY8neZEagdEYqRb65IpZt1ZcSYhF-YBj5tsAGLfgR_Y8M9zUs30ouDvxbhPsERiR_P8Hk

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame E21A 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:06:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E21A 118 KB
36 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame E21A 13 KB
6 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:05:33 GMT

GET
H2 200 436073465572503138
s0.2mdn.net/simgad/ Frame E21A 86 KB
86 KB 16ms
5ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/436073465572503138

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30a38bdd3b917c2a665a50515e333fdfbb12c357016f437b8962c5eebf81f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:27:43 GMT
x-content-type-options: nosniff
age: 117643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88253
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 12:20:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 07:27:43 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D2B9 640 B
316 B 34ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNU1yKLzaScT4KDYvDF9O-dm91F2k2Czqr3Nir2J4YWXzS9Qz48-JnpZHVIi4Z127jGCY3c11XqKHnSNWOJuCE7EAkBxw_lcdd4gA1FO3UeKrmShxgxXVxvv3flW8Yt_ILzDg22M9ZBpzEchUJvIh_syXvyCzwI7APdIqjVCrSjIaBOXllIsw1wAjKkVBk30XK5X6YUoHimy-HRQBjYoeWyML5CSEQ

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNU1yKLzaScT4KDYvDF9O-dm91F2k2Czqr3Nir2J4YWXzS9Qz48-JnpZHVIi4Z127jGCY3c11XqKHnSNWOJuCE7EAkBxw_lcdd4gA1FO3UeKrmShxgxXVxvv3flW8Yt_ILzDg22M9ZBpzEchUJvIh_syXvyCzwI7APdIqjVCrSjIaBOXllIsw1wAjKkVBk30XK5X6YUoHimy-HRQBjYoeWyML5CSEQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl5Yt0GWas7NbRihI9Jrj_Q1jdd1F2kibtMfelrysd_rjeH1xOZeXKigpJ2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 21 Apr 2021 16:08:26 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A667 9 KB
7 KB 69ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsuxnRwOtGIaGOspb_uAGSfIDlcJYWHoMgd_BoB1e1XFFliGPkcAiz00tk-ZAhkerDl9MP006iqCEsGQZ_-CaiVtFCb4TI_SuGy86PJQKzhqfucl5FDAiAIPkJnYvg_w-EvjrIXJadorOVsJXa4cwuB4m7DQ&dbm_d=AKAmf-DufmzBeSc47SOmJOESVsD0ipFbCRk7TitCCeJngsqT1cLLQElqpqsSQwk_f6da4E2EqH82v6nA41dK5uroyZcpiVtIlpPhc_iv5VbP-nL55m_0etfWPJwTHtfK442_Uef7PMJ-3Qzm5AinFNa5BWOuN9Vn5C4n8KvvxhAaLWP3xgGBYhvA-_T40J8DmQlgwtqvwwqyexDfDIqR8zOtEfX4wJGBh9n7OjXS74c-UzNVwkDMSoGm6nERq1gXd_hdSVJVLB3NnYQTAyqcvh5_5J-1Lp2Q80YzCkK-qUupt8b1LLJc4ykSUTQgacyM5i_YPAwxe7kCRlQKzS_GvCxAGlv-wbS1YD2H_gufRw0rUNfLzd2dDuPAc7AujrGx-HW22TdwMDp4In4ChBw7AWYcY1fP6m9szY7ddksi53yrJ7G8GjMpQAlpTvmVVA2jBrEh-XaIwv9LhPU8i2JsgCCgJAO4v9YaDxBXRZL2Glk_Ci1Olbb4fy0aibIyDwbYIn-IshkVpYLf1s_67hcq0Guj7PyWFexM9FWN1VH3M9lEa4KrO4cseBQXUHwf0g7fjtw15oo25W5JBuHSAnHbX-FJMbZQlS4v-mNLy9YnRANI2jjqVcIyraI0VUvcArE9Bn473V1elMTXSaZmQl7B2q8R0SqTPgVTF8-PhEHAJLZ7AWDP_HhczoHUtPRr8gf5OAqsS_L_GRa_10btpDGrLWpSfKFMA7P3fdgb1Du13doIRnf9cdl6PD1xVOaFMrvCIoRbPlVNUNU-uwWXts363dRXJ9uac3Bvy-1wudxZKfPTFkhWpaTQXE49rwHRtGmt8uAEKcnzeEWjm6p7LmNWWt9ZT7bqCE_RKIldFlioP7adXbmJIifhg8CwzPMGEe3d0V5ocMinL2hCTRKwgRZjBJVzuFywk3yiv5gEnD-2c-3up3eX3NXPABUHCjCVnOwQwuNYkygSCWGtUwKI_rQMtuRaZAzHVHet6E1oZYJm-SoeRrP8LVhdol7G3oW5g9s9nNRdbqktJNQYKXPxiqHJEpC2r7K1WdPlq4T7s5YGswaq0bunjciKJhqUo4FHnlCKrEcM33HLRwqrpDsBihiFgEWBZEcqPXnnzCRSN9PRTY3Y3XWsORfmTTzN3giL13iFcOzwXFpngWSB4PWugkl50muM7DPJ9XhOks3CygTZb0yqEofToqz3YUCzvCnSwEzSH-V50YIg7NZocbAtxB7CWA8nSEZ4fEjPavdeHoyYz2PpDcLnhDIBUn0iBXAMUAyL79QVZ8_M1kITCWD54uDFj-m_cGxp3Eu883piVqlVK_EWOZdZLpES8hlaWWlm2rAeSdnAkX3Zvurn_oXdBebzOZC7rTz9ixvJ_bHCkbJ13NoZc9vfG1YrtY3eSTZgy8rwg7BRFSmfJDao-hAMBL-CJgZnvbyGf6EHKqPjZY7Wozza4AVWDAbDiDiad7wPiPhsWUZZqane514CfcwtDqCyYiAzNy5RagDfrpyNNL8lCFNZkcmXU1EnFb03Fm0gcvYV76tgQyCYMeGInqhvHvXEKESzrxMcRYB_UgMGf4bSyP0ke2bQdhk7KoSfLgNRIlDFXp6D3KJoV_MYx7ganopuUHsB0rQfQclY0kuvx8p9LO1ckybMjuMYP81C7kY0EoKkzrOPulYfnpqIl1WoU5PdzKKv6kUUP5PJRn_s01frIwclOXPdQFTFD1pr2oO782kiLQBuU1O6289Rcq2ipA1VDxjB20A4pzHEI1QalRZYGTj-F0xbiw2yuf-QmAxfthPs2dlbvMD4pzO9RwS456kacBTugUE4oJY5quuW2_6Z22ysVa83B51IHfdZxlvecVhfbHBeZl-GJBXzMcuiBQNpAz5-VZfr0j0hpxA9oJPhN48o03DD_O3MuiYnTWzNQAlT14S9FlHvD7K55pYu1r7zr5ltU1n-vyYVKkUh8DIxoPyMqMVyH066dv6tc7FQev_i9kaTpKGABHrmOrUThFOBd0U2R10QayJFpkAQFpM83gY5Khk1Cw57_K8q89IiPD4V7eN5o3vojsI19xquHWQoFzsb9zuU9JfziDWs30hvaO3SxC9RtCFCcqEvilh2EY-FQdN6FaGLke1IsqDOuXSvXban-Ygu7LrstjteB9mQx2-VPuSbRXCVvuF8RlL2U4IIHsBOjyynni2_BIAzjZVX5N7NXj_oMX3FLjosCQ0AvCyMbV0yQYTHmz-CUyeqdTti-bqxDO1GyuEMej9OM62TE1LpcRYFWKUVBzhftcWnXQI94bUR02ufB7Dk-j7bBlRiz4AqRix72Z3fFQW71e8EADpgBuroE9agWq-sAgvdMCqaASLjW4ABFKDh6NEaIB4qeASRkDX2l2ND1N4adXDUz9TpMAepyKsamL3nLTQlKOgT40DGotpz4Nh9TaLer5KlxsNifdtDoXjqpO1kZcQ51J3ESTxdhS_UMj5F3FjnQPIYJ10a0Bz-Ar5GcWnjE2Re55LAziqOG2h1zvrqW-ONgeHe_U2NAT1KoyEku1sOJ5aqWwLVNYZcd4EQh7pNdQxqjynQgd-NWqCG2i-LIAAIRMPqEBXksNIx8hWQQ8_24VU46BzIWRQFrTjr1EIY3BhaCDz2kaNJShnNA_T_v31o7UQdnsYo0ehD2hvTIoQozN2W3iDkPns4nKGdcdA0C_JJgMuq77qmIi1oLMNhi5y3KaHOGLcHtP1jGtHxnZ-8jbgSP0yhpoC0wyDHAtyEWjjjr8q6vRUmxOBo&cid=CAASPeRotwUTslNHduh4OcJzGMX5I2UzmMISUpGRnZWIsLhQ3rjfXrHbQHKEqpm6pAIPGrbljfCuaRfFOI1qHb8&rfl=1%2Chttps%253A%252F%252Ftomandlorenzo.com%252F%240

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d3abe7b43a4559f1ba08a5c3c92613b62d6b406491f5571d7cb351c61b247b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7165
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A667 42 B
63 B 45ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJm29KZYdbZaC9nIPhfmxhP10sbZLpdbQrTMRP6Gm3B0AxtQf7gJ_WEI980SHpq6rQXlKkwVtB2WlRTIeeoXXOSTfbxFoLWv2aNGOMcL1A3SI40uk

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A667 2 KB
2 KB 35ms
9ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=25341591&plc=295304470&sid=5612840&dvregion=0&unit=300x600
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 66dbba38ff27fdcaf18fdde445c73e67e78561d98d688b41c4c61417f1716040

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 14:51:59 GMT
Server: Microsoft-IIS/10.0
ETag: "72f3bfe1bd36d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame A667 2 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:06:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A667 118 KB
36 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame A667 13 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:05:33 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A667 0
0 25ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRA-_UEFOI58luAZ1RfY1lcFL9ZF-2ybllgZFdkOedVfjvS_sTeaoc-fjlTUNRmJzvEmsH3
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 99FA 640 B
316 B 30ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNULEFpHEM8_wTX1xlIWgtjte-xC_FzzWNgfjrmN3liKAH0a1fcGNu6B9hpIJXV6ZlRxNPEIxyq-tKSlmvnZB0jkH9iHM9ERTT26dOYEvtTNfxKFjQBLhxnpCnnD00NU8nAUC9WpkzNLfDKeP8RsMwvrg5JEy8UEeEkD1YanYnN0LuE_VKfqqQYYY4i1mVm3yW9QN8fdA50tWmDAMTc4B4uiBPMX_Q

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNULEFpHEM8_wTX1xlIWgtjte-xC_FzzWNgfjrmN3liKAH0a1fcGNu6B9hpIJXV6ZlRxNPEIxyq-tKSlmvnZB0jkH9iHM9ERTT26dOYEvtTNfxKFjQBLhxnpCnnD00NU8nAUC9WpkzNLfDKeP8RsMwvrg5JEy8UEeEkD1YanYnN0LuE_VKfqqQYYY4i1mVm3yW9QN8fdA50tWmDAMTc4B4uiBPMX_Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmxGwacwA_jUnT6NrGg3G5mOq8pFkAaThk9pXh5M-MBNgUfEHEAI0QjGN5x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 21 Apr 2021 16:08:26 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A8E2 10 KB
7 KB 49ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APquci8LOjaymKHU-hOUGYuMI5JWhnSSCIyV4JygLeTjuRvOTDxprKfLo42xpf9QRRvZMYWLQ3zpfkokgAigMdzBnB22pxK4rD5lEh0gUNLppo-cFnDCEjCGvAoLRyy98nG1Y8OzieD4ujQiOOMPpvP54r8g&dbm_d=AKAmf-D8-vIz3-5OaiimNW5i0ri3jmcRa9mkd9dhJJp6YXjJQ2s7ev9lHmqy8NNBCo_FytKsKsnSwWYnREdqwMDfgPREqmd5HVDtz8kp-20YDXHnIBq1SbLwkrKN8aaJWGDaI5v06l25H1G6WhpqE7jGsI0xjCpR1SfeAyWKdQSIT1wMRii7kfBg9MVFnfrFQJ9hbyupK9DAOWwxQoqkLzLf3MuDyrMnKTSRoE0QoavEXC6MzAOVun-krTxRZqsQrcZp5gGtczh5TeH1Z4iCULhmDBXekHE5NN_3abQ4u6uXsAtR_4DZvN79PQ77jJO_tDcs6bEbJWFWUw6wrcIe7SZEMQbW6Jlq9Gs-WDKdibNkD87mVk20THetvToIrdA94eCBVcgZKTlYiWg-rcOE53o3nMc_A1X0flaTH_KV-dO_6YmPlE3ghPe1bBomjgjWbn9UrR7HPCkozeUtffkjfxoEMXIgZFiO3hYG6Ep1aXKvhYP0tRiMnWg163HbSO6opgjsKbVrweTmYem4UdVe90ctOgYiaI6uUulhJGrIGmhmrvtl9rKgno-VsufMoNt9GRkbzJ_bfZSXhfP0hjbhd9H67fuMm6ZPRiMDAQ-qxfwxgsNvoAFkXG1SH7_8NwMwG2H2GZN0DsDdfSAFqGN25NxSKc-38QWbinTJYzCczVtiSE6CjmVEXN8GoqMWw5oNitRDtPbXLeQWJqyxteiEacs5qJ_h3W1O7BCt2Ud8j6QAZyBcH5C0UZaYxf6UuUsXWQ88wKYPmyyW-9EQTWENpcg3463bZWrcS3--IQora9gCU3cdGlvxO2h3p-7uTl_jkW88lV13vUswILw4OYxNA6ST7rgAxunXzhEFvqHdcEjMD5-jqUNI4KduHoQwoD7jE4FnLWVe2CIADH461Kls3xI-hh7_Khkl-BK1WqlfzifGYzxXCUlrtFKcsqr9tYRO4zjwNb4ZIniEclwAxG6gvRYUvdb3k96huUhSVr2PmOP9BTBvWl7uNNk_UlDLAgp_-Q6b_JdsbdC9v0_1RjZDI_X0gZaaSjjboYJ4gRa9nVeFcpzAhtVolqHhLNwKekw2GU3SZJ7S0UatEEhkL5yI-pjAgyvIGEqT5WFrLV68nFxEi_BGz7tBKnBOjkN3LD0gdB75Nfms2Yd84XW69xUDELSA8cTsjjNZh_HD-qSVl0F-tQbfJ5zdM7ww-kanHDtm7jgTDnuRccBzU9NSEsnp-7CcFcjYatxOOu0-lOzXlOwA0QTgUNWBxNr44yDrMQy95D5PulGfCvuR5JPITOF0rC8rrP_wQ4ucxngx3KTk0eMNnVxCjEuMlLTxW3zq-7yrtrDuwhsbjTxiWBTt6Vilj7VQ82JJnFIfqCMU7qSyO4lQLZWi5PDVDhTuBtdukG8ye-vi3e6kKLyIprpAitvtID5bJFH-H1nYZqESHwY4BCthfoKMUjTEKVhUSdfzEzELwS3YtCX8rpmy11dUC6y0Thpe68szpX_D4YhlMNQFn9LUNiVDV_p90q2omIPzqc6svfa9s1LYyH6TQTiQTDuYXVjQGP3j2jCyxeGkKycjShvvafTJl8VA0NdNdDg0goMfcg37WDoTVeFL2VMIykUABKoatM_LDOXMWDyjIzNrrF3lAL077nthoqxCvdQMdqmxGyxiJesRuoyvnWFjKNKQ0xu71AMmW4fevdDWI6uVa1I0Iq2K3FRaKIlV9d2nwhnKbJRb2CzbfetxsL0PFQN-pXgPyRI4tq1QaxZKLzYtYJ7BVBLiQPyzrTrkwkMj9TmLZVOcLx_L7Zp8NnlYwuqnpBWkTtsR75wYmPtf36bLQjE_nTenXGfHF7BgbnY7oTyx2z0ms2NcCmWdnJimjF_HG1aZTKUUoRi8q86u-85hHm3QzRjcUm9Ef8YhJHQwAtVp48izZGTqhq6DxdaaEJqjkRXi0zU6M6ng1HVHO-8A_N1-i3NAtVpfYE23IaLsgnvPpQFoakqzAALxAfscNJAE2tO2D5V1wdNZo2-X5G2ZC-i8HV2VnYMMG0cXNsSgOueGxTElfaH4_SDIjwxfooGynaFm8XRg6SZ_w6QaGlC_uT0JtH2Nr8jlzV5WSrhBATtL6ACIhXgl_9weZU01RT8VwM0AT9upEZQ8rocTG4W09wr7J68eoEqq0V7dtzFLjneA2xjJ6stshg9D2Xz_KAjkjLuUw6I5eRPls9eEh-kAFqSGL4o-UXp_68N5-zhr4_3A7bHR5v-ODzM3YLwmmRhd-5FS6M5ZjSGCWooGiZo4Ac30EpiKZcvZaW4qKdvLZHlVZDFtcQvaiDB-6mXLCm2t6x86GPg63JBNUBdqCiAEZ4ZdJouF3T93RaocfHuEvzlwA3Xqt6f24chYSsqTtlpdLD26u0oMBGTjbdWSmW4rdQTm-umDFnZ_jiVdY5zIBoEqDoUAw1EtB0rsk64qQsn-jFYA3IoozqWQ3x1hJA4EnpV6jvbLv_NDhFlFRSN6IArZtKylKaSsJolJof1HENR1NrUUWjgjfXaqXUdv0xthgIiao2wPYV0PIy-b2EKnFZVZ1r57EG4BqZIUVGswbWk87yArojXF08wtnaGTEj7QZHzqFYezLVBI5rCaVv2W8UsJGnMhX9KhhedyfreJ9Cr_xTdLeSV2RwVkwcKn9Z2JfWbJRR3Hx9yEN2j_QlmhVNwZMXMaEt4Bqu6t3KAZFaVr0qHuxwZ30TajtNZEZkmHuQgEytFjNuBikB2do1oy0_DDdGCUPwm0aR1E&cid=CAASPeRodF5XuFnaNlORvd-F9H9etQoYJEXDRRAEN27BxAjZnTMG7vVzQp0XEGt0gKMkuXXi-W3hn9EugnzJMcg&rfl=1%2Chttps%253A%252F%252Ftomandlorenzo.com%252F%240

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75cb30279256b76c576adc30c0d7c332c9355f2ede93965de72ce80e50f9efe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8E2 42 B
63 B 47ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COB4nuGrke0sDo7SMCjpEzFQjIJZ6zKbc-m5VBahPo7R5ny8RUHhf_w3ZTFD4rfEatooWmZ1EZn5kbhnCzv3eDSjfcyQrZjNohgVI_PeEuxWPk6Uw

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A8E2 2 KB
2 KB 29ms
9ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=25341591&plc=295304470&sid=5612840&dvregion=0&unit=300x600
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 66dbba38ff27fdcaf18fdde445c73e67e78561d98d688b41c4c61417f1716040

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 14:51:59 GMT
Server: Microsoft-IIS/10.0
ETag: "72f3bfe1bd36d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame A8E2 2 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:06:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8E2 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame A8E2 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:05:33 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A8E2 0
0 21ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaShWaTzwSv8_ri8hruTodxwdB5Ie-i4XFM4bWatyWpAeGFbGuU2IH-vBrOlLMIUSnYMvjiq
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FD19 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 21 Apr 2021 15:11:57 GMT
expires: Thu, 21 Apr 2022 15:11:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3389
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FAC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1

43 B
1012 B

92ms
92ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGJS6uqABMAE&v=APEucNVTeHmYB0sKZ9-pv9x0TfUbUKmbxOUaRKEl5ffbwfymQ4i95WBjsa8Y0eobO-ymhRzhRnQfglKQY7D37SL67bS_kKMaY78TjcSVoRO-_rCXw_WlshgUKl-BADep16SFqDjNcFH7ReKoSGWpcub48e4VJknKSEdtHc3L5zLp-gpGunE2wRWzVxJUM_q4gXvzX2NBFnfo-uV7mcLVz1NbfkS5q4hVhw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 21 Apr 2021 16:08:26 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FAC1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIBN.t8oLq0aZZiadMH-nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2

43 B
892 B

100ms
100ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGJS6uqABMAE&v=APEucNVTeHmYB0sKZ9-pv9x0TfUbUKmbxOUaRKEl5ffbwfymQ4i95WBjsa8Y0eobO-ymhRzhRnQfglKQY7D37SL67bS_kKMaY78TjcSVoRO-_rCXw_WlshgUKl-BADep16SFqDjNcFH7ReKoSGWpcub48e4VJknKSEdtHc3L5zLp-gpGunE2wRWzVxJUM_q4gXvzX2NBFnfo-uV7mcLVz1NbfkS5q4hVhw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 21 Apr 2021 16:08:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FAC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1

43 B
1018 B

57ms
57ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGJS6uqABMAE&v=APEucNVTeHmYB0sKZ9-pv9x0TfUbUKmbxOUaRKEl5ffbwfymQ4i95WBjsa8Y0eobO-ymhRzhRnQfglKQY7D37SL67bS_kKMaY78TjcSVoRO-_rCXw_WlshgUKl-BADep16SFqDjNcFH7ReKoSGWpcub48e4VJknKSEdtHc3L5zLp-gpGunE2wRWzVxJUM_q4gXvzX2NBFnfo-uV7mcLVz1NbfkS5q4hVhw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.233:80
AN-X-Request-Uuid: 47e54813-47dc-408c-b8e2-e9f05ee62c72
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAC1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D

170 B
188 B

138ms
70ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.241:80
AN-X-Request-Uuid: 97f2db3a-bd36-4244-a507-905353e6f6e8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C3D 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 21 Apr 2021 12:37:26 GMT
expires: Thu, 21 Apr 2022 12:37:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12660
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A42D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1

43 B
1012 B

103ms
102ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQrM_sAhiDpcqeATAB&v=APEucNWE1io1v_h8dhsINNON2aGQmiAgW0F9X2Xi3ear-hOoGbbqV3m3foioSVdsQL80IxiK_wLOSz1ZAqfRXd_s5NAHqCPZNjHEgWEYa0hkk4_lNVN1SWemkGkJucSS3K03kK68YxWAV8BMjDMTm73Uesr7xOpVm-sBLEr50mECsLP_8iIYtcq6HQ1WeX3HgTYbcyn7uQsm_7HWcseYgOUyoplUWsKEyA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 21 Apr 2021 16:08:26 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyHxCL-XXJ9eJUJ1ZU9HEQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A42D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIBN.t8oLq0aZZiadMH-nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2

43 B
892 B

104ms
104ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQrM_sAhiDpcqeATAB&v=APEucNWE1io1v_h8dhsINNON2aGQmiAgW0F9X2Xi3ear-hOoGbbqV3m3foioSVdsQL80IxiK_wLOSz1ZAqfRXd_s5NAHqCPZNjHEgWEYa0hkk4_lNVN1SWemkGkJucSS3K03kK68YxWAV8BMjDMTm73Uesr7xOpVm-sBLEr50mECsLP_8iIYtcq6HQ1WeX3HgTYbcyn7uQsm_7HWcseYgOUyoplUWsKEyA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 21 Apr 2021 16:08:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSkm5GVP9X9jxLn6SjSU54&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A42D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1

43 B
1018 B

58ms
57ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQrM_sAhiDpcqeATAB&v=APEucNWE1io1v_h8dhsINNON2aGQmiAgW0F9X2Xi3ear-hOoGbbqV3m3foioSVdsQL80IxiK_wLOSz1ZAqfRXd_s5NAHqCPZNjHEgWEYa0hkk4_lNVN1SWemkGkJucSS3K03kK68YxWAV8BMjDMTm73Uesr7xOpVm-sBLEr50mECsLP_8iIYtcq6HQ1WeX3HgTYbcyn7uQsm_7HWcseYgOUyoplUWsKEyA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.153:80
AN-X-Request-Uuid: 27ff9dd0-f7b7-4441-ac28-b77afdb6b411
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJIpmLWk72aFoAJD4j5PGpE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A42D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNDU3MjAxMTA1NzM0ODYzNQ%3D%3D

170 B
188 B

69ms
68ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNDU3MjAxMTA1NzM0ODYzNQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.8:80
AN-X-Request-Uuid: 862bad69-1470-4a4b-9549-1eaa792872f5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNDU3MjAxMTA1NzM0ODYzNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E21A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adfada585afe4064e79ca4ff91a0edcd8274efa944c7767c38e685a59be06d54

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame E21A 0
23 B 97ms
97ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame B51F 111 KB
39 KB 24ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5574
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Apr 2021 14:35:32 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame B51F 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DY7xSxaJq3Ze3W_4yI5MA0GPg-CCNZRcpzhpAQ9A5iOmUezeZ2sgpKcIUD5aL04GtK-uTjmzoebWwebbwa_cdJVs7jaoDJHrmziXJDOLx-Sg8hFHndsRLXpc12dZjnXYyFrjKs2UZ9WTmLdJi2USeUyU9AqQ&dbm_d=AKAmf-BYpSzOYgPYYXJwIBRSHX3NnsPju9nncjGFHxRLax-lJr-A6o8CRARy66IiGxWoh0YPvVP_vETWoikLZ01s4-eyMRQg9ZN4mia1XXmv8ERuC10n8kcH5hNmODHAE3yuUikMLgd7t4gtv0Xn6TigJre7uaybmqHT-0A6HkhYIpSj3voaCqy5mQI1XBsPDaF6ptC_LaXMIksGwyL83-uvI_E4DsIc_ZX9YDA7BAJikDgQcNrQQn0iN6h46HDyglMnYyAOaL-a2Zs2AoL5LvTnVRA0Jwv3WAHa-U9npDCqmftWfFSlPC6jkh2wrfP_MutHNc6c2oTiLQk_DBFWsKl7IS8Ef7C9y-Pub55AVfXwRG_BQVOP8uf8-Pb4e-Sa4sfULYUI89K6dt21bZiWSYAfLmBYTgzTaEz8FJUj78q29tdOigwp9uW8aDi7u8e6sm-KGTxec15N0U3j-dSmur5MNW1p09rIGZygGzZdJqRAKECTnrzWPZCi7K3iAUxOTfiDfVp-uQGPZQRAmA8y81OvrZT9kax7f_Gst1V9EfD981pwrFs17oZNo0FkkEkf0uCfUISUT154PmapQbUyf04Y5u7q7ZYJ57DV3qTm8D4DdSHXa6OGaMY6_VqtT0HS59fO5J-kYXtxRAikvM2G6ougjEkhqrGNX_R11y06RkhEdCv74DeI7Z7OfweDL2CZihZE7BJjMEUyOUnYImEzYCjLh5Sh6S6K-t9jpTwSt76qvkmQXHwPmLDw7aU6cneM44FhJfTF8QAiSXq2MyCw5bo6fFctpqs5MFoDBQMURnq2QLHHHy5N_sjitsEEYueereYSFOA3QSJ9KhVPXwDUSFZQVfhhGuj2UtT6VWnCX8BgTmlJHkXEnr7-vcvSztCrwN2x0yuEj8a3FmNO9nnv2dcatfxDu88dRYX2MgqK81k0PbQ6t2b4VSR0gVKSlpIHRfi-twirPTKh54GNtFuuJPsJ8-oy8R46k_MWEgwuHVMnZYiaeAWsHhmELQMIge2P6akRaFscMSc6K2k3m2c1CS0kIUBuD0qG89xDemQ1Seq4bU8ungd8Ys8qMjHrwjefTIqlQuI3yWxyzRStYxvC8NAa_ZincS9SjNRO69Za-gLwSEraRYl-InhXEJLLvhEht-8PIJNcygQJN-LQkRHkKDWApBQtBCDGuDLEc_O1vRg2eY2zDzF6OgqNRa98qg5iayH66-dkCHOH54W3yZQt2UPjiAso4qzX0hj-CdrqMzEhyAOwj_bKxuCzBABQ8EAb7tdBqyoC8MKz2vKTO_Iq3g7GNPxH_GmBJioRndKmS8g9uKYJWvy2T8brHTV06JIGgHshbhtL0X4wqmeOhYpLyEFNiR0V7JlmWmoodKrfklnPOcuY_i3IvRW1R3JuN7DxHz6LTj4UyNFjpShvCA3AffsIn6OreAH7EJgfMEwF4RSzPKGHTYYg4lZrCA45pW6IaH3KHGxdpz9pQAKHqOusc1zFf1mX5V0u9dEx1cPGOJS-TZVKFspjmze1fnXk4_GbbzqyEwWAey4DroLLqmRrOsc6QkpbJPir4xTjTU4IrCGyD0rZmPXsBZWeou515UAHb7lmVI0G44vT4TSIySNw8YQeP5gyfi3313xr25VbxgIA4RMiiZvbFtz742cK04vGJhcXFQ7DCBzOQDXpJlyB1ARFCMqwNuB20p_2DfmI_VLEYJ8KRygNxIN1t5hcud4ArPCGaiVbLY4lI6PUApHySz36ZxPrqYNfFHBZ448SeuyhCU-WUtca5iyDn3ndzFYo7O6sQO_tpvyIrk-y_KKLUmHwOnpCDt9Qveo1yE0R6yAUjeZ53YmTxTBdUu-cdJVdz68TkEC0u3N16pNEf5oyW65lB7qPnt3lvkDpRnX4FOnJA9XW_4hvU77Hxs7bGSj7dJDodJqDe1aC1qmN_Wn1PqX7HK7CH46d3U9TsgLHQVS7WX5T69kq5KhdP7KLVV5WbDNHASPKo18CkMwRKgav6TpKNg4kkiYoQeMEEuJVU95SjmbqxJ9foYcO2oK7n6dGr7sxiOSQXqctdUWOwNXh7z0Cj5Bio_BS5M_Q3J_38zEDsOr4uW8KnyAUD8baMMEK5lOKaK0DWzvschF8I_p1J6xhBtk4dJA7oraYuw0C26dbE-7f7pW37ZPCfMfwIgWUZLLEskuisk7bEs35gGbv-Vnavi1dc2jmDEROmZxE6iQgUbONe5mhat_XwIuJlz8aXn52PggkbPHR1zZEPqgbbqX3GzM8Z6vm_cm0qUKBJVT8gE3wAaqBCivG_P7sGSDNl3KSUGXiTb6k0Dr5zzLzxtv1trNm1XWe0D1BahX7SXFRitfibNslQ2NFCSzB9u_E3_O84yeLfqCttcerh5nUsMa1IELzs01t9XbJEL_QuLxK6FedHeVWNHVFKtNviTV2vQTQ8iEKqCSAqKykIPbrGzDCw4v8l_3C1yhSKGXpzB5vJkgRFsWL8uL-nTJWAi3GP1-h74A11UQ0axNvnV18F1UbqvqukGo2aON8oa7ngFoRw_EeVek_rP-tvY2aCZQr-MSN7-VlsFMaNvkJJ-3qKPqWMAgss_U1j_SFlA2XZ--tUiWClf8c2lEhrKQTDaQ7nR8hnSJ4qnzDzNzMiWxcm5Bb9z1BTcvKhzsSRS84w6ZMjM7-hTBUuH7D9D4agJrsQtBD0sLzDcKxMVUh2G3fDjE15wXGpasbml7-aWu7JkLLkGJyeus33DEAfRUNO1zf0hNTJaTyoXLkC8-br6QNVAdrjjZKk6rSok7b27OvhOXR7qjR91d_iG3VX5hJYyDEGOMjJFdZFoMDSYORJ4LbK_cbDYjq9Yxz5NbPNGHN5wGcY1w0KC2cwCc9N0OcizKZSyf-oxU-auKPECjTLyNPXFg4_lPwC-AD-D4tSGrpsffVjcYxqezJmFhcEwXFS3jGUn7APz94gyhVQ9Vyik6d3n62qT0_Xa5rublm5PWdQLzcF7dhDEcCpXcaETlT1USymiBUDxu-7KEFpMXFLz88F-12ESiYWUPAF33sx2zDdD5n6xOldh3N21p_VnsgWmCbhKYNq4jiJAwJ&cid=CAASPeRoD0TaZD4L8CPbMdto30yx6p9pWxTa3zMh5EPdi8vG1inWHB7i8lCX7Hjhb8IzU6byNzDLHLxLFfSsVWk&rfl=1%2Chttps%253A%252F%252Ftomandlorenzo.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:06:09 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame B51F 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8469
x-xss-protection: 0
server: cafe
etag: 15267579076523134137
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 May 2021 16:07:22 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A8E2 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APquci8LOjaymKHU-hOUGYuMI5JWhnSSCIyV4JygLeTjuRvOTDxprKfLo42xpf9QRRvZMYWLQ3zpfkokgAigMdzBnB22pxK4rD5lEh0gUNLppo-cFnDCEjCGvAoLRyy98nG1Y8OzieD4ujQiOOMPpvP54r8g&dbm_d=AKAmf-D8-vIz3-5OaiimNW5i0ri3jmcRa9mkd9dhJJp6YXjJQ2s7ev9lHmqy8NNBCo_FytKsKsnSwWYnREdqwMDfgPREqmd5HVDtz8kp-20YDXHnIBq1SbLwkrKN8aaJWGDaI5v06l25H1G6WhpqE7jGsI0xjCpR1SfeAyWKdQSIT1wMRii7kfBg9MVFnfrFQJ9hbyupK9DAOWwxQoqkLzLf3MuDyrMnKTSRoE0QoavEXC6MzAOVun-krTxRZqsQrcZp5gGtczh5TeH1Z4iCULhmDBXekHE5NN_3abQ4u6uXsAtR_4DZvN79PQ77jJO_tDcs6bEbJWFWUw6wrcIe7SZEMQbW6Jlq9Gs-WDKdibNkD87mVk20THetvToIrdA94eCBVcgZKTlYiWg-rcOE53o3nMc_A1X0flaTH_KV-dO_6YmPlE3ghPe1bBomjgjWbn9UrR7HPCkozeUtffkjfxoEMXIgZFiO3hYG6Ep1aXKvhYP0tRiMnWg163HbSO6opgjsKbVrweTmYem4UdVe90ctOgYiaI6uUulhJGrIGmhmrvtl9rKgno-VsufMoNt9GRkbzJ_bfZSXhfP0hjbhd9H67fuMm6ZPRiMDAQ-qxfwxgsNvoAFkXG1SH7_8NwMwG2H2GZN0DsDdfSAFqGN25NxSKc-38QWbinTJYzCczVtiSE6CjmVEXN8GoqMWw5oNitRDtPbXLeQWJqyxteiEacs5qJ_h3W1O7BCt2Ud8j6QAZyBcH5C0UZaYxf6UuUsXWQ88wKYPmyyW-9EQTWENpcg3463bZWrcS3--IQora9gCU3cdGlvxO2h3p-7uTl_jkW88lV13vUswILw4OYxNA6ST7rgAxunXzhEFvqHdcEjMD5-jqUNI4KduHoQwoD7jE4FnLWVe2CIADH461Kls3xI-hh7_Khkl-BK1WqlfzifGYzxXCUlrtFKcsqr9tYRO4zjwNb4ZIniEclwAxG6gvRYUvdb3k96huUhSVr2PmOP9BTBvWl7uNNk_UlDLAgp_-Q6b_JdsbdC9v0_1RjZDI_X0gZaaSjjboYJ4gRa9nVeFcpzAhtVolqHhLNwKekw2GU3SZJ7S0UatEEhkL5yI-pjAgyvIGEqT5WFrLV68nFxEi_BGz7tBKnBOjkN3LD0gdB75Nfms2Yd84XW69xUDELSA8cTsjjNZh_HD-qSVl0F-tQbfJ5zdM7ww-kanHDtm7jgTDnuRccBzU9NSEsnp-7CcFcjYatxOOu0-lOzXlOwA0QTgUNWBxNr44yDrMQy95D5PulGfCvuR5JPITOF0rC8rrP_wQ4ucxngx3KTk0eMNnVxCjEuMlLTxW3zq-7yrtrDuwhsbjTxiWBTt6Vilj7VQ82JJnFIfqCMU7qSyO4lQLZWi5PDVDhTuBtdukG8ye-vi3e6kKLyIprpAitvtID5bJFH-H1nYZqESHwY4BCthfoKMUjTEKVhUSdfzEzELwS3YtCX8rpmy11dUC6y0Thpe68szpX_D4YhlMNQFn9LUNiVDV_p90q2omIPzqc6svfa9s1LYyH6TQTiQTDuYXVjQGP3j2jCyxeGkKycjShvvafTJl8VA0NdNdDg0goMfcg37WDoTVeFL2VMIykUABKoatM_LDOXMWDyjIzNrrF3lAL077nthoqxCvdQMdqmxGyxiJesRuoyvnWFjKNKQ0xu71AMmW4fevdDWI6uVa1I0Iq2K3FRaKIlV9d2nwhnKbJRb2CzbfetxsL0PFQN-pXgPyRI4tq1QaxZKLzYtYJ7BVBLiQPyzrTrkwkMj9TmLZVOcLx_L7Zp8NnlYwuqnpBWkTtsR75wYmPtf36bLQjE_nTenXGfHF7BgbnY7oTyx2z0ms2NcCmWdnJimjF_HG1aZTKUUoRi8q86u-85hHm3QzRjcUm9Ef8YhJHQwAtVp48izZGTqhq6DxdaaEJqjkRXi0zU6M6ng1HVHO-8A_N1-i3NAtVpfYE23IaLsgnvPpQFoakqzAALxAfscNJAE2tO2D5V1wdNZo2-X5G2ZC-i8HV2VnYMMG0cXNsSgOueGxTElfaH4_SDIjwxfooGynaFm8XRg6SZ_w6QaGlC_uT0JtH2Nr8jlzV5WSrhBATtL6ACIhXgl_9weZU01RT8VwM0AT9upEZQ8rocTG4W09wr7J68eoEqq0V7dtzFLjneA2xjJ6stshg9D2Xz_KAjkjLuUw6I5eRPls9eEh-kAFqSGL4o-UXp_68N5-zhr4_3A7bHR5v-ODzM3YLwmmRhd-5FS6M5ZjSGCWooGiZo4Ac30EpiKZcvZaW4qKdvLZHlVZDFtcQvaiDB-6mXLCm2t6x86GPg63JBNUBdqCiAEZ4ZdJouF3T93RaocfHuEvzlwA3Xqt6f24chYSsqTtlpdLD26u0oMBGTjbdWSmW4rdQTm-umDFnZ_jiVdY5zIBoEqDoUAw1EtB0rsk64qQsn-jFYA3IoozqWQ3x1hJA4EnpV6jvbLv_NDhFlFRSN6IArZtKylKaSsJolJof1HENR1NrUUWjgjfXaqXUdv0xthgIiao2wPYV0PIy-b2EKnFZVZ1r57EG4BqZIUVGswbWk87yArojXF08wtnaGTEj7QZHzqFYezLVBI5rCaVv2W8UsJGnMhX9KhhedyfreJ9Cr_xTdLeSV2RwVkwcKn9Z2JfWbJRR3Hx9yEN2j_QlmhVNwZMXMaEt4Bqu6t3KAZFaVr0qHuxwZ30TajtNZEZkmHuQgEytFjNuBikB2do1oy0_DDdGCUPwm0aR1E&cid=CAASPeRodF5XuFnaNlORvd-F9H9etQoYJEXDRRAEN27BxAjZnTMG7vVzQp0XEGt0gKMkuXXi-W3hn9EugnzJMcg&rfl=1%2Chttps%253A%252F%252Ftomandlorenzo.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36121
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 06:06:25 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A667 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsuxnRwOtGIaGOspb_uAGSfIDlcJYWHoMgd_BoB1e1XFFliGPkcAiz00tk-ZAhkerDl9MP006iqCEsGQZ_-CaiVtFCb4TI_SuGy86PJQKzhqfucl5FDAiAIPkJnYvg_w-EvjrIXJadorOVsJXa4cwuB4m7DQ&dbm_d=AKAmf-DufmzBeSc47SOmJOESVsD0ipFbCRk7TitCCeJngsqT1cLLQElqpqsSQwk_f6da4E2EqH82v6nA41dK5uroyZcpiVtIlpPhc_iv5VbP-nL55m_0etfWPJwTHtfK442_Uef7PMJ-3Qzm5AinFNa5BWOuN9Vn5C4n8KvvxhAaLWP3xgGBYhvA-_T40J8DmQlgwtqvwwqyexDfDIqR8zOtEfX4wJGBh9n7OjXS74c-UzNVwkDMSoGm6nERq1gXd_hdSVJVLB3NnYQTAyqcvh5_5J-1Lp2Q80YzCkK-qUupt8b1LLJc4ykSUTQgacyM5i_YPAwxe7kCRlQKzS_GvCxAGlv-wbS1YD2H_gufRw0rUNfLzd2dDuPAc7AujrGx-HW22TdwMDp4In4ChBw7AWYcY1fP6m9szY7ddksi53yrJ7G8GjMpQAlpTvmVVA2jBrEh-XaIwv9LhPU8i2JsgCCgJAO4v9YaDxBXRZL2Glk_Ci1Olbb4fy0aibIyDwbYIn-IshkVpYLf1s_67hcq0Guj7PyWFexM9FWN1VH3M9lEa4KrO4cseBQXUHwf0g7fjtw15oo25W5JBuHSAnHbX-FJMbZQlS4v-mNLy9YnRANI2jjqVcIyraI0VUvcArE9Bn473V1elMTXSaZmQl7B2q8R0SqTPgVTF8-PhEHAJLZ7AWDP_HhczoHUtPRr8gf5OAqsS_L_GRa_10btpDGrLWpSfKFMA7P3fdgb1Du13doIRnf9cdl6PD1xVOaFMrvCIoRbPlVNUNU-uwWXts363dRXJ9uac3Bvy-1wudxZKfPTFkhWpaTQXE49rwHRtGmt8uAEKcnzeEWjm6p7LmNWWt9ZT7bqCE_RKIldFlioP7adXbmJIifhg8CwzPMGEe3d0V5ocMinL2hCTRKwgRZjBJVzuFywk3yiv5gEnD-2c-3up3eX3NXPABUHCjCVnOwQwuNYkygSCWGtUwKI_rQMtuRaZAzHVHet6E1oZYJm-SoeRrP8LVhdol7G3oW5g9s9nNRdbqktJNQYKXPxiqHJEpC2r7K1WdPlq4T7s5YGswaq0bunjciKJhqUo4FHnlCKrEcM33HLRwqrpDsBihiFgEWBZEcqPXnnzCRSN9PRTY3Y3XWsORfmTTzN3giL13iFcOzwXFpngWSB4PWugkl50muM7DPJ9XhOks3CygTZb0yqEofToqz3YUCzvCnSwEzSH-V50YIg7NZocbAtxB7CWA8nSEZ4fEjPavdeHoyYz2PpDcLnhDIBUn0iBXAMUAyL79QVZ8_M1kITCWD54uDFj-m_cGxp3Eu883piVqlVK_EWOZdZLpES8hlaWWlm2rAeSdnAkX3Zvurn_oXdBebzOZC7rTz9ixvJ_bHCkbJ13NoZc9vfG1YrtY3eSTZgy8rwg7BRFSmfJDao-hAMBL-CJgZnvbyGf6EHKqPjZY7Wozza4AVWDAbDiDiad7wPiPhsWUZZqane514CfcwtDqCyYiAzNy5RagDfrpyNNL8lCFNZkcmXU1EnFb03Fm0gcvYV76tgQyCYMeGInqhvHvXEKESzrxMcRYB_UgMGf4bSyP0ke2bQdhk7KoSfLgNRIlDFXp6D3KJoV_MYx7ganopuUHsB0rQfQclY0kuvx8p9LO1ckybMjuMYP81C7kY0EoKkzrOPulYfnpqIl1WoU5PdzKKv6kUUP5PJRn_s01frIwclOXPdQFTFD1pr2oO782kiLQBuU1O6289Rcq2ipA1VDxjB20A4pzHEI1QalRZYGTj-F0xbiw2yuf-QmAxfthPs2dlbvMD4pzO9RwS456kacBTugUE4oJY5quuW2_6Z22ysVa83B51IHfdZxlvecVhfbHBeZl-GJBXzMcuiBQNpAz5-VZfr0j0hpxA9oJPhN48o03DD_O3MuiYnTWzNQAlT14S9FlHvD7K55pYu1r7zr5ltU1n-vyYVKkUh8DIxoPyMqMVyH066dv6tc7FQev_i9kaTpKGABHrmOrUThFOBd0U2R10QayJFpkAQFpM83gY5Khk1Cw57_K8q89IiPD4V7eN5o3vojsI19xquHWQoFzsb9zuU9JfziDWs30hvaO3SxC9RtCFCcqEvilh2EY-FQdN6FaGLke1IsqDOuXSvXban-Ygu7LrstjteB9mQx2-VPuSbRXCVvuF8RlL2U4IIHsBOjyynni2_BIAzjZVX5N7NXj_oMX3FLjosCQ0AvCyMbV0yQYTHmz-CUyeqdTti-bqxDO1GyuEMej9OM62TE1LpcRYFWKUVBzhftcWnXQI94bUR02ufB7Dk-j7bBlRiz4AqRix72Z3fFQW71e8EADpgBuroE9agWq-sAgvdMCqaASLjW4ABFKDh6NEaIB4qeASRkDX2l2ND1N4adXDUz9TpMAepyKsamL3nLTQlKOgT40DGotpz4Nh9TaLer5KlxsNifdtDoXjqpO1kZcQ51J3ESTxdhS_UMj5F3FjnQPIYJ10a0Bz-Ar5GcWnjE2Re55LAziqOG2h1zvrqW-ONgeHe_U2NAT1KoyEku1sOJ5aqWwLVNYZcd4EQh7pNdQxqjynQgd-NWqCG2i-LIAAIRMPqEBXksNIx8hWQQ8_24VU46BzIWRQFrTjr1EIY3BhaCDz2kaNJShnNA_T_v31o7UQdnsYo0ehD2hvTIoQozN2W3iDkPns4nKGdcdA0C_JJgMuq77qmIi1oLMNhi5y3KaHOGLcHtP1jGtHxnZ-8jbgSP0yhpoC0wyDHAtyEWjjjr8q6vRUmxOBo&cid=CAASPeRotwUTslNHduh4OcJzGMX5I2UzmMISUpGRnZWIsLhQ3rjfXrHbQHKEqpm6pAIPGrbljfCuaRfFOI1qHb8&rfl=1%2Chttps%253A%252F%252Ftomandlorenzo.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36121
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 06:06:25 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E58E 0
0 68ms
68ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1h6JsNT6XuE0QONE-F8RXWpXbzVX1lN0YkCcerwy8_xbV_qH1TgPZ8HYq4plZPcWFPUBAQk3r3il5ibvrphzYUi5bMuKDrbFj6Ud6mdO-HsiExoUz3V-N0qXXc9b_VqtQBmnD03krevsg4-ITI6LJE-QWAn3LjJwXL8uKiWmMU_WDFtAdp0sNM8d8D_dzqOqN38FfuCIkNxCymUhHxlTARXaNTcqKBrOqE3z-qFBRK6Hv1EHyUDOJW_PA1iX5lWqlQAOynDmixJBMQvwK2bqX2pUQDWQx3PdmF9XoBT5Ev2p9NQGUmf5WrdS_RklS&sai=AMfl-YQrEJScB96S6qPc8_oKd0f5k6ikMOTHLBcLRliqvml9u1UCStNV_s14u2N80gvBtfEcp4Dh5mk6M6iZrqCG8XftsY5UQJ5-pAbKkObTjkKPRAs2WLw-uwn3y7wSCbc&sig=Cg0ArKJSzIP18hmQPK_jEAE&urlfix=1&adurl=

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E58E 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D2B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBO2jQNRBfNnxT-JGwE_VF4&google_cver=1

43 B
114 B

59ms
59ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBO2jQNRBfNnxT-JGwE_VF4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNU1yKLzaScT4KDYvDF9O-dm91F2k2Czqr3Nir2J4YWXzS9Qz48-JnpZHVIi4Z127jGCY3c11XqKHnSNWOJuCE7EAkBxw_lcdd4gA1FO3UeKrmShxgxXVxvv3flW8Yt_ILzDg22M9ZBpzEchUJvIh_syXvyCzwI7APdIqjVCrSjIaBOXllIsw1wAjKkVBk30XK5X6YUoHimy-HRQBjYoeWyML5CSEQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBO2jQNRBfNnxT-JGwE_VF4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D2B9
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj

170 B
188 B

68ms
67ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNU1yKLzaScT4KDYvDF9O-dm91F2k2Czqr3Nir2J4YWXzS9Qz48-JnpZHVIi4Z127jGCY3c11XqKHnSNWOJuCE7EAkBxw_lcdd4gA1FO3UeKrmShxgxXVxvv3flW8Yt_ILzDg22M9ZBpzEchUJvIh_syXvyCzwI7APdIqjVCrSjIaBOXllIsw1wAjKkVBk30XK5X6YUoHimy-HRQBjYoeWyML5CSEQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame D2B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJ8DHehXGVt4wMC5unZyjfs&google_cver=1

23 B
172 B

90ms
89ms

Image
image/gif

184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJ8DHehXGVt4wMC5unZyjfs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNU1yKLzaScT4KDYvDF9O-dm91F2k2Czqr3Nir2J4YWXzS9Qz48-JnpZHVIi4Z127jGCY3c11XqKHnSNWOJuCE7EAkBxw_lcdd4gA1FO3UeKrmShxgxXVxvv3flW8Yt_ILzDg22M9ZBpzEchUJvIh_syXvyCzwI7APdIqjVCrSjIaBOXllIsw1wAjKkVBk30XK5X6YUoHimy-HRQBjYoeWyML5CSEQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 21 Apr 2021 16:08:26 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEJ8DHehXGVt4wMC5unZyjfs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D2B9
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjlkZDJjOTEtNzRjYS00YjRiLTg4N2EtZWQwZmZkY2NmMzZk

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjlkZDJjOTEtNzRjYS00YjRiLTg4N2EtZWQwZmZkY2NmMzZk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjlkZDJjOTEtNzRjYS00YjRiLTg4N2EtZWQwZmZkY2NmMzZk
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 99FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcNtJJxr2qo-yZe8St2DNg&google_cver=1

43 B
106 B

59ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcNtJJxr2qo-yZe8St2DNg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNULEFpHEM8_wTX1xlIWgtjte-xC_FzzWNgfjrmN3liKAH0a1fcGNu6B9hpIJXV6ZlRxNPEIxyq-tKSlmvnZB0jkH9iHM9ERTT26dOYEvtTNfxKFjQBLhxnpCnnD00NU8nAUC9WpkzNLfDKeP8RsMwvrg5JEy8UEeEkD1YanYnN0LuE_VKfqqQYYY4i1mVm3yW9QN8fdA50tWmDAMTc4B4uiBPMX_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcNtJJxr2qo-yZe8St2DNg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99FA
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNULEFpHEM8_wTX1xlIWgtjte-xC_FzzWNgfjrmN3liKAH0a1fcGNu6B9hpIJXV6ZlRxNPEIxyq-tKSlmvnZB0jkH9iHM9ERTT26dOYEvtTNfxKFjQBLhxnpCnnD00NU8nAUC9WpkzNLfDKeP8RsMwvrg5JEy8UEeEkD1YanYnN0LuE_VKfqqQYYY4i1mVm3yW9QN8fdA50tWmDAMTc4B4uiBPMX_Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzkxOGM0ZDgtMDFhZi0yZjRiLWY0YWUtM2Y0NGM1ZWMwY2Rj
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 99FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMD39qw3GFMz0CSNKLPRGUw&google_cver=1

23 B
172 B

88ms
87ms

Image
image/gif

184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMD39qw3GFMz0CSNKLPRGUw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGPve65wBMAE&v=APEucNULEFpHEM8_wTX1xlIWgtjte-xC_FzzWNgfjrmN3liKAH0a1fcGNu6B9hpIJXV6ZlRxNPEIxyq-tKSlmvnZB0jkH9iHM9ERTT26dOYEvtTNfxKFjQBLhxnpCnnD00NU8nAUC9WpkzNLfDKeP8RsMwvrg5JEy8UEeEkD1YanYnN0LuE_VKfqqQYYY4i1mVm3yW9QN8fdA50tWmDAMTc4B4uiBPMX_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 21 Apr 2021 16:08:26 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEMD39qw3GFMz0CSNKLPRGUw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99FA
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzEyMWI4MmUtZGY4Ny00Y2E2LWFmYjEtNjE3MzYzODZiMjRl

170 B
188 B

69ms
68ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzEyMWI4MmUtZGY4Ny00Y2E2LWFmYjEtNjE3MzYzODZiMjRl

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:26 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzEyMWI4MmUtZGY4Ny00Y2E2LWFmYjEtNjE3MzYzODZiMjRl
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H/1.1 200
OK dvbs_src_internal84.js Show response
cdn.doubleverify.com/ Frame A8E2 57 KB
18 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal84.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=25341591&plc=295304470&sid=5612840&dvregion=0&unit=300x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 223aa04a22bf8ca5dadebfd12c9074ea8c4687bc3f6a4831e450db0e92f8217b

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 14:52:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0318df1bd36d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17899

GET
H/1.1 200
OK dvbs_src_internal84.js Show response
cdn.doubleverify.com/ Frame A667 57 KB
18 KB 11ms
11ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal84.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=25341591&plc=295304470&sid=5612840&dvregion=0&unit=300x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 223aa04a22bf8ca5dadebfd12c9074ea8c4687bc3f6a4831e450db0e92f8217b

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 14:52:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0318df1bd36d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17899

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B51F 7 KB
3 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=21544354&cmp=25428490&sid=4115836&plc=298804945&num=&adid=&advid=10679125&adsrv=1&btreg=491565386&btadsrv=doubleclick&crt=148402170&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 07:21:30 GMT
Server: Microsoft-IIS/10.0
ETag: "0f96cafe30d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H3-29 200 index.html Show response
s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/ Frame 21FD 6 KB
2 KB 19ms
6ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b365b3f1530efeac3b69c1bde779a50c0a9cff458a309ab029b7f49995cdb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10679125/1616794511512/FSLY_LH_728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2023
date: Wed, 21 Apr 2021 11:56:55 GMT
expires: Thu, 22 Apr 2021 11:56:55 GMT
last-modified: Fri, 26 Mar 2021 21:35:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 15091
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B51F 0
24 B 104ms
104ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQCQbHQE-nvPCfrmNvRits_CD2hjHwIOMHeuIB5Ino2QI9ZbObNmDS5GsTdZcGnXC2J3F2yo4tj7t5-AFhCpYOGt50LjDAXcl57AqEAcmZwz4tB6QOe7Bvt9jB8dNrhIBDQu9-mNZwE8PgYXIAUiOzia478cDTulQdvQGdGGtfWjXUtO_oAzs6yf2OkXgVx5PhD5yyLDv6Qj2G6XHr0s4Rjsiydx37pzx9jMSvET6yUj37DMIZAMTyU2tZ0cObyMS5dNqib1N7LJFlb90MQzevm8lZOReol0hgOD7LNBehHwW7EBwcMb9LB44P0fniHZ60FIpt0gvMg6P7jKi7gLmhUX_kvyHbmdTIETx9fW_Vdj-yo_NlCZxrLmy7LPRvdW-qLNM12eb0Rik2hjL9KdBKZjuk9Y4Z-XIlR2LgKGZ-9JzUj9hf4Kdv8bP08rCCNgMW_xdUYKj85a8O3CpxourvDNXK0sdrUoJ2UAov1Y3YFYYMZ1oSbUJ2p24bcWhR2zO2MppTR_TcQjLiU0zGNe_I5FMlVt9HQoiFwJCBw4VNMPk2B19iSj0PBfko6qKC-PIeF2IXeZAH9VO2rXAfMU2A0EoeuQEp0vQHbAmm2Nfvsg3S_48jr3LSOGkXeFKKUHu-AshDuNvoaIvi2gUsqD807B9U-UIYG0jgXcWY680dJ1To4dOvqseMfQD4ghRJOAXtkZBNO4iXxI4cWS2L5VEDbnohgKThFpO5urKqfD3i2Tz6fBbJOfYqYGHGd4vTP-8BtK6IBqeqDN08D2NGuLyu9d-maI9NCl_O58OftgNUmAd3wmp3D5X5YPQGCOJfN-7K-TfaBDoXXkVxUQIxOq67yVC8cobRA9k5XWhUVeHr5y_c34YDyqeZ5p45VDIKEi3EVNu1syNCj5zSm9gdzT9rlrIUnc6wJ6fbAycpFtjw27ea66lA1qcXvw9WzgZiLTimW6hTjpnVtd7fSpu-1x8Px7sXGXxstcF22VCC4v9lAy5V4omYs_qRR9CGXW_NAsYSTcB9Ei2sSjuGWBvXn-1lvzVMXksagknxrDMPJqNpxbCqn-FJpAGdw-7rH5iBzbe9Xh4XjjrlBNwwt_FYrsgPeiWNrd-WT1cIwojSj0ZKG7kIMhAXffHMy9IzXXry87GWkUM3buieKzxpNw7L_pI6NcjMXuaQk8HezWsKTURX-zyN27jFT9uVs7SSEkn0LRXlzA&sai=AMfl-YTgogLUfR4RLP2aFkuKlknV_xbKP0qRbdoPO-ZuLVjChGsyb6Y67opubHxt7s8ZqbmYSpN2Cvx2Zn6VTwR-yhAorxNVLhtL8RIAhcUUmDWqJXGv4_ubsr1lWXRa56AwrMJ1jln84S4AWDQ5wAq_O5JRZgwrqtEDzeSYsOx0Wgf1Pmim2MyEc018VsEM0AvkDOCqAovQsuENLglt2OQgC9SCTnu5Wk3xhsd-C6KA5w&sig=Cg0ArKJSzPyB9rn1Tm11EAE&urlfix=1&omid=0&rm=1&ctpt=80&cbvp=1&cstd=77&cisv=r20210415.54328&adurl=

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 21 Apr 2021 16:08:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B51F 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36121
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 06:06:25 GMT

GET
DATA 200
OK truncated
/ Frame B51F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af8b28b0a81f15c03baa45804a67022e3ab1d01c19c7d68c85fb9c33e9007b9f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8C74 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 21 Apr 2021 12:37:26 GMT
expires: Thu, 21 Apr 2022 12:37:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12660
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C3DD 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 21 Apr 2021 12:37:26 GMT
expires: Thu, 21 Apr 2022 12:37:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12660
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C3D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:09:22 GMT

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 30A5 1 KB
1 KB 31ms
11ms Document
text/html 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal84.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=30081
Date: Wed, 21 Apr 2021 16:08:26 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A8E2 1 KB
1001 B 195ms
72ms Script
text/javascript 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_518916649853&jsTagObjCallback=__tagObject_callback_518916649853&num=6&ctx=3758893&cmp=25341591&plc=295304470&sid=5612840&advid=&adsrv=&unit=300x600&isdvvid=&uid=518916649853&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=&m1=13&noc=16&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=133&eparams=DC4FC%3Dl9EEADTbpTauTauE%40%3E2%3F5%3D%40C6%3FK%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauE%40%3E2%3F5%3D%40C6%3FK%40%5D4%40%3ETar9EEADTbpTauTau5_afe7_e4g36ae23h7h3_5c%60b_a22gb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal84.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f20709f5911663236587fbf68546aec95e633db6afe7b4e9584b226d33d7d09e

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Wed, 21 Apr 2021 16:08:26 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 4/20/2021 4:08:26 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 9CE9 4 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=68610
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame AC30 1 KB
1 KB 25ms
9ms Document
text/html 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal84.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=30081
Date: Wed, 21 Apr 2021 16:08:26 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A667 1 KB
1002 B 187ms
65ms Script
text/javascript 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_495234347580&jsTagObjCallback=__tagObject_callback_495234347580&num=6&ctx=3758893&cmp=25341591&plc=295304470&sid=5612840&advid=&adsrv=&unit=300x600&isdvvid=&uid=495234347580&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=&m1=13&noc=16&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=133&eparams=DC4FC%3Dl9EEADTbpTauTauE%40%3E2%3F5%3D%40C6%3FK%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauE%40%3E2%3F5%3D%40C6%3FK%40%5D4%40%3ETar9EEADTbpTauTau5_afe7_e4g36ae23h7h3_5c%60b_a22gb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal84.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: eeef97e787ec5790de1948a94bb0358e652f0e8025ceedef99cfcaed9c414a50

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Wed, 21 Apr 2021 16:08:25 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 4/20/2021 4:08:26 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 0749 4 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=68610
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E58E 0
0 72ms
71ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttGHJEFfHpLkM1dSSzFxd7wkN3nIg3zxMyouz76puap4t82UXxuwafMXhj_flJgCyEMvnut9rAIa4BByTZrWacxiaXIZyKWrUvdJS-5vg67Kx6CFJD5pf-dV9d26X8WI9xNPDKWPYFmUma0DiplFryqsfwbPRVEd1AYaoTH-Gvwm-A9-tucXu1GhNCdp6lFlLBBv9ekV4VNM4gJQLvZvUjV5oy7_wzslW1nQalNrTKsx0D0eq6rPBDhbFGucda4NYpysBtH2tCQcaor3KT9PD9K32mGpjVsVlqu1b1vcTUMnP1T2ip7_WU5nvITcPwZgU&sai=AMfl-YQ6bAlIN6kBXeDY6IXm6KBuyCmvAu3FB-S64vV2m__qKrWLv3VwVITAXwh3cObPmodS8SWLstAyxDQOVzFb0c0e5Cagi8sFnoa-GolvNAMeK2nSwItT6RC0TY-Py_o&sig=Cg0ArKJSzAjciMeP1bbcEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame FD19 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:09:22 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5F89 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 21 Apr 2021 12:37:26 GMT
expires: Thu, 21 Apr 2022 12:37:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12660
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dv-measurements1165.js Show response
cdn.doubleverify.com/ Frame 3D57 476 KB
86 KB 11ms
11ms Script
application/javascript 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1165.js
Requested by: Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 12:00:54 GMT
Server: Microsoft-IIS/10.0
ETag: "01ff4555c25d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946083600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87677

GET
H3-29 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 21FD 186 KB
48 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Apr 2021 16:08:26 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame 21FD 186 KB
48 KB 44ms
15ms Script
text/javascript 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:26 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Wed, 21 Apr 2021 16:23:26 GMT

GET
H3-29 200 FSLY_LH_728x90.js Show response
s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/ Frame 21FD 70 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/FSLY_LH_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

726cb964722184a90fd124325be480e33c1b9db2a38904ca6e03ed298363060e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794511512/FSLY_LH_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 06:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32926
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15443
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 21:35:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Apr 2021 06:59:40 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 220ms
219ms XHR
application/octet-stream 44.239.227.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.227.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Apr 2021 16:08:26 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C74 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:09:22 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B51F 0
23 B 97ms
97ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tomandlorenzo.com
URL: https://tomandlorenzo.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 21 Apr 2021 16:08:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK t2tv7.html Show response
cdn.doubleverify.com/ Frame 39CE 12 KB
4 KB 9ms
9ms Document
text/html 2a02:26f0:10c:486::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:486::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host: cdn.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3880
Date: Wed, 21 Apr 2021 16:08:26 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 3D57 1 KB
1 KB 192ms
66ms Script
text/javascript 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&bridua=3&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauE%40%3E2%3F5%3D%40C6%3FK%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauE%40%3E2%3F5%3D%40C6%3FK%40%5D4%40%3ETar9EEADTbpTauTau5_afe7_e4g36ae23h7h3_5c%60b_a22gb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=321&ddur=10&uid=1619021306606612&jsCallback=dvCallback_1619021306606618&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1165&tgjsver=1165&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fd0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=241&noc=16&ctx=21544354&cmp=25428490&sid=4115836&plc=298804945&crt=148402170&btreg=491565386&btadsrv=doubleclick&adsrv=1&advid=10679125&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=41514335717.07792&dvp_tukv=14827293337.185614&dvp_uuid=323301810243.1012&dvp_strhd=0.6899982690811157&dvpx_strhd=0.6899982690811157&dvp_tuid=275580922433&dvp_vcms=43&dvp_slmsd=176&dvp_vcmsd=219
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5466ad2d392e58d0324d5c929b396d40faf27a59cf112babafb9ca8938537000

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 4/20/2021 4:08:26 PM

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame C3DD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:09:22 GMT

GET
H/1.1 200
OK bsevent.gif
tps20516.doubleverify.com/ Frame A8E2 807 B
1 KB 183ms
60ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20516.doubleverify.com/bsevent.gif?impid=6dbb4f5371ba4bacb2d5f8bcb3163e30&dvp_or2=1&cbust=1619021306667442
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/20/2021 4:08:26 PM

GET
H/1.1 200
OK bsevent.gif
tps20516.doubleverify.com/ Frame A8E2 807 B
1 KB 185ms
62ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20516.doubleverify.com/bsevent.gif?impid=6dbb4f5371ba4bacb2d5f8bcb3163e30&vfdur=196&cbust=1619021306667602
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:26 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/20/2021 4:08:26 PM

GET
H2 200 globalpassback_300x600.gif
cdn.besafe.global/ Frame A8E2 29 KB
29 KB 37ms
6ms Image
image/gif 2600:9000:211e:e00:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_300x600.gif
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b800480d316ed85eff59c97a2ee655fe94d2ea0b2da600274d8f74f108fda4d

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 08:02:20 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe505.cloudfront.net (CloudFront)
last-modified: Mon, 28 Oct 2019 18:58:12 GMT
server: AmazonS3
age: 29199
etag: "f806da961cac4656a36edfec864bc777"
x-amz-meta-sha256: 4b800480d316ed85eff59c97a2ee655fe94d2ea0b2da600274d8f74f108fda4d
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 29286
x-amz-cf-id: WoABcouz3zy4r3Ht27l7-KcX-fOMYBa8njOI_6WKnPXxOOu5P2Vf3A==
x-amz-meta-s3b-last-modified: 20190925T124242Z

GET
DATA 200
OK truncated
/ Frame A8E2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca343169650887c7676904cce6e840c8d6c88ccad1cb3b12e052a2af9f50b58f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 globalpassback_300x600.gif
cdn.besafe.global/ Frame A667 29 KB
29 KB 16ms
11ms Image
image/gif 2600:9000:211e:e00:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_300x600.gif
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b800480d316ed85eff59c97a2ee655fe94d2ea0b2da600274d8f74f108fda4d

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 08:02:20 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe505.cloudfront.net (CloudFront)
last-modified: Mon, 28 Oct 2019 18:58:12 GMT
server: AmazonS3
age: 29199
etag: "f806da961cac4656a36edfec864bc777"
x-amz-meta-sha256: 4b800480d316ed85eff59c97a2ee655fe94d2ea0b2da600274d8f74f108fda4d
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 29286
x-amz-cf-id: yor_E9K8LimJ8avS_0U86uMk1-8AV6yrs32BBYdNeX2J_SNXxDjkgA==
x-amz-meta-s3b-last-modified: 20190925T124242Z

GET
H/1.1 200
OK bsevent.gif
tps20520.doubleverify.com/ Frame A667 807 B
1 KB 184ms
61ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20520.doubleverify.com/bsevent.gif?impid=55f8553e21b841dca9e6a7223ceb57c7&dvp_or2=1&cbust=1619021306693869
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/20/2021 4:08:26 PM

GET
H/1.1 200
OK bsevent.gif
tps20520.doubleverify.com/ Frame A667 807 B
1 KB 184ms
61ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20520.doubleverify.com/bsevent.gif?impid=55f8553e21b841dca9e6a7223ceb57c7&vfdur=188&cbust=1619021306694969
Requested by: Host: d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
URL: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/20/2021 4:08:26 PM

GET
DATA 200
OK truncated
/ Frame A667 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01be5f6071a66df4d84e4c7042a6c3db2a93318b340acfdb74427bed73e9fbf0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F89 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 21 Apr 2022 07:09:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C3D 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFhR2-U2AYKm-BOXC7_UP0amMuAwAAAAAOAHgBAI&bg=!NDelN3PNAAZUuIlwVLg7ACkAdvg8WviI1xCsZDMRG__BpQ59E4lXLYTe5TSbHk6w2_yUXHcLzNmfhQIAAAJkUgAAADxoAQeZAmcutxhTsrest44LYlWR3_CCHOfxyp1Ep6496hOBWeHvp03Ie06Fw9cF5Ybd11N7pQ1Gv3xV3V7LS9sXwaDAjpzW4xUcDiS4uE12xMEm5cMO6rB8JAVFbZfnlLlKPBwRWj2r9Q-J-mDmt_MkgHQtZ9npppebCuBOGftftx8nZo496c1ec6ILYg6kGu5MgvfwmpA_szVU_rajQDAtL3wiziYT8QRY1iipqyDhtykpGqcz6m9NUdXOrm3VKBw6qK92aFAcJlUfRPZAJG2mzfOxGX28LfegsYGrE2P5Z3dCm_gRguPGG4zbe3VEO-DMR_L9k1zUJF2En4AODFh2DXVJlCF6BPe-DY1ez1GIGq8ZApVI1ucgX5Cvt7QawBSXoZhjdEcV2LNsgri0CokpPpzo8Yrv-D49KSrP-x-19huGd6Ox_x2hw_PoXrlPYv-DmmGcWw5eF7A0um8SmhWSlLoY3x02C0Klb5QaQDF7MLwaiQ3xvm3f0JhAVD5bNeZ8dZiGik-D1RTl-d6ufXCE_rshvTL8Ns7zf2n7J97mljb4WMqS08t-bDUuzNX8NLqywPVSAqhyvlSdmUoA2X9cLRhc3BCq8k9eXALy-RkIlGZqJXO9T089c72CIRIkxtlc3-YfPIZASoIpX48gKcCpnBrD7-I-iyEIwpuEFyZsYkxuXuK8yoSc0Xq8qqSUAd2oQa422M8WK-bSxP5M3M15W-SeeZGi2Etk7iMXLMo4qITqesXfKIBGbIlrp36YLrdLIWe7C8HqFsXcYFo7wI1c2aTxXmqG9KaVsJuz1ttSMy-RQ3S1gIZOX1p26aM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E21A 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulngLo1mze6KaN9armQrG7j43M_HvKgA-wCgmKs6yQvBhh1CjsI8Fg7nHTuDQixNokCMdX6maNVdpJUg45oFA-_5HwDy4yyCEEszgsQwNwhsrdq-Yx1C0OVNDSbQ&sai=AMfl-YT2pOEaHrqZdnY4SJLyDN2LaQaBiXjyuR51gthFKXcnLMDKE6MKMmWSKneRahY5N__WUtjshUX2Zoj1Z8jFQnXMyl2ccS8CSqbZq3rr8JCC1CnOAymoMDGrz8fIjV0&sig=Cg0ArKJSzI9T_N2bcDIHEAE&cid=CAASPeRoiPK5nVnSi7KWW9x7lT1gXT9LxZLhHjuxAPq8QGXe0xtMwY0JquRKuYDUOq2ChoVUzdaWv8WfLat4Ri4&id=lidar2&mcvt=1033&p=316,1054,570,1354&mtos=0,1033,1033,1033,1033&tos=0,1033,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=846913267&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619021305962&dlt=10&rpt=214&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=1817890125560233&bg=!2Nul25_NAAZUuIlwVLg7ACkAdvg8WoShSCa5BqPCh2RuLZLz6huCWoATtP26LVBTQ42YPJz1xGyHPQIAAAJ6UgAAAD5oAQcKAUhIyEKr4YUrYpGl-81TioNK80Xk3tCVPj11v3A7hQVa9QSMgGGNrFD1lSMp8ZqCqACSIwp83BjfaMCYeg5U2nvWNDnuU7O0LGecIUxidi4nwWtgCjq2-k4DNDIQvWQbnBc5JMOKDvE_ZrPDvF0vkcbYEVazFYiXNiq2fHBubTJMHvJPUZcZtstKkGgbpVuEII4xS1pAFcvb0sHnAXS705W3X66Ku773WVY_0h5Sj_ALRBGE8OHwicHatnSwGdK1gn_m0uokiDc6wLsd_Y9AqKOr1haN62dXaxXheYaSVe7oppq2Ic6CHWna9Y9RrOu-SWoCC1f3J8Ct8APIIj0lF5ClJMXkzbPUm71QNqEFOJGO1qwlWAFEYxDmqDgP-4UGPXsism4bjr-YLhrEDjTAzgeacRgDA6Guy4VuhafSq2KrkpKmdtJ2fbf2mQHk0s8YRMQiW18wzf-KJGzIlUcjuEqcw6xE9zhtom3ul795LudXdBnuLjb_jFdEtNOaqLpB0Uj5Qp7gOII2cxacMPpEx1LiZ-8hp9HwkcLhNs7rn2DDpl3sAH7pAKDXB6F1GzK_sLtCtBwhxJNISmt2c2ZP2OEpWJgQmxqDQMU9Vy5WvhuphxzTx2uWzU0s_L3I9a0VGDlZvTqnkFXjGvYN7g_4ho7mnQseOkYDun317e0UToQZx1GBZqnRyHuORANSD6L7QII7Hc9vAAOUzgm_Dz19EqUsQhz9PJ5aZzn4pwhZ5KEIVmTDSPa756RwJw_mKZ2Rcf6MI_HSwRdui-ZrSYTcJdwkTHWtPrCgfpDI2JysK17xQ8ETFG_lp6h7c8p8HXQkYQrio2rnbMStWO3F8dD7FLTZ1WLB3U9w14iINZdjLbheTs0jw9zjehAu5RZiDrC_x5jtA5kjsLvI_F6q2dUoUstU-0kVFolTsvlowFLaNWVk_hDugxWH-8WJgII62gCGDWqxxcDr11BWQFsHFTenAetxb4ZoQxrNDFY3Evc5MSQcu6-lJjJXHEjz3twyuhP3hbd6T9jSd3q-k_jXQzJVjpt0m_tFdPyoz0elpXT8O2VZmcQl0IaZyQ_HZblTq3oAAw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tomandlorenzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B51F 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul4P-D08-UhRWwLtUHDqmvo14jUVILVF1N_K-pzpYf1pltRnzqzQ6B7wFEwWlEbobN1z1m5TliWvOs3_4KXID636T0sFL_9JYwyUR0W756u-5JQTGp1V_2sNVnXg&sai=AMfl-YTEmYYZ5DT9qMEEiZXELmuhPkZGHV3WQWy5cAl0Rp_hiE0acv0poym-3x2qIK3cwG_r4ps9H1VpHKEkcyY91rgl7mc7nwKaNdPNhpmu_QWUqP1XYuXWTlI22rGMJi8&sig=Cg0ArKJSzO-Ik1kY8aFAEAE&cid=CAASPeRoD0TaZD4L8CPbMdto30yx6p9pWxTa3zMh5EPdi8vG1inWHB7i8lCX7Hjhb8IzU6byNzDLHLxLFfSsVWk&id=lidar2&mcvt=1495&p=70,210,160,938&mtos=1495,1495,1495,1495,1495&tos=1495,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1673804112&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619021305925&dlt=42&rpt=354&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C74 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2F4F-k2AYK7SBMOIrASJjJSIAwAAAAA4AeAEAg&bg=!6eql6q7NAAZUuIlwVLg7ACkAdvg8WjrVWIrzDxee9kFL3C_k-Yx6QgoMYpiAOGj1T1m9TCH6o0i9rgIAAAG8UgAAAh5oAQcKAC0p9hxvnLIXvtVuzVIpxXsv7Iubz2kGdePOKjE7lFDKf5xiTnt9c896i6xYAwiZAnqae4zcPKYyakkLyOLseZLTXFxFEri059bGmOeHosgNOvy3DQ63QuNqIPn0Kbf9lBdpnDTZBZnWKzI4AEm4DguacHavdpLO6JXInKHmaNU8F2sWg1Y2Aiii6KYtMv8cObh_IIjF0WT73VLFVBqzi7C6JNJIh1i6kqN42wVzzLs-MCNCTtpRiaU88d8zmCk2hIMIt7ud1-1-6iuZ55G6NpiAh1hPMId4zRfSz7nlqlJVEfvqwJhYHudIBN5ve6lWpMLmqTa5fFauLGmVWS8zZZZV_aI25VD194rRxTLCFufFmdHF6_id4NBs5ng69A8vXsEX6c-0LdDn62K4hrRICTX6duFA8aAU29bP4TOW_ns99a-0ke4kvph46VsI9YCCk1URslULgVPTdVqhBkxy3mWnsNdL5ig782llJiAX95guTbu7h5PrHA31sy5pWDLrjmn1X81rNCtP1Wa8bjytB-mgSgPoSvJCmGndI9HtqUnhw6Gjv8M7GBkDbyDHsrKpsiCFIAbn6koUPcMnSX7HHKbLbRyIyoms0twOsz8DLLT00oxThQ2LsViOTzaRgHodFl31fnDB9dqzJ-BUETdJR0F0ViyO3j9OGgCVyxeCXxxoZpTcgSjaVAgtkfUHhK6n69IKdqBNhQrdoEbVYHoJWmGinEVef_ulAIobIokMESY1-WeGxrehf5tPA41IQQCdf1ih2R-Wu-Hol8pJ2mk9Bh1QtTubrLafVY5JuKkUVwZmzQtMSUQ6g_OCMXxvdvRsIMSWlhiudI6T6d41iPkc0qDrTG6G5b-nDT0FtrPB97c7IQE0hVWHw7rNIsb9sJ_sfRb4u7oTYq0bCo5M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3DD 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1hYH-k2AYJnXBImv3wPHjoOQAwAAAAA4AeAEAg&bg=!enmleT3NAAZUuIlwVLg7ACkAdvg8WsdqqZcRY-MZWxAit7z6tYYBBO_MVl39kLlLl-QeONDQ833HPgIAAAPBUgAAAA5oAQcKAAwirAyHdoNFhavfGbiZAm37QU1HzKTSszglcV83ChjFBcIcQNaFcBF_WIUDJDuL2dV2gwfozxzlJQAPR2NK1Y1bANvCKrhnBqld2kKrml8jt_z5hBINkIb14heDVICrWahgAJkMmiGr92Qs7eQWVdQcdDdtP2CBjoHAvwTheHy_CX4rFIQBpKKTHQNvhFaNRF15xpXDjKmlLHifYN19T0N_i23EhYKqRrEOPvTosP4SvsrTzOhdn3Z4BHmrLwXK8xVxsg0kCsV3rlBS-Mj-lRNHOzbyI0rX3PSyzhL3SW5QwW6ErLMk8D73jsOUCHkf1vxDTAY1Cr3yqcZCRExQVDU_ff1mTMerRCVtEHFl9RQKzMi3FpbgMbWccg1m7r8U-xwCWNv2Jx4fciHvR5EGYXsnGb5gJpiGle28DBLLaUY2bYb_muSbyUaR1sTSE5oavYmxQQjJTKrz8IWrwBu_g2m_0ISqY14mrpx_FlCApASkg3bIE7760tRUCnEZctRZk1g_CRsbzON0fCTzljRH9iiERVmpY8LmImoW0ek9tVWwDX2SAKeBzrQCnjT6t0CPVl0tVDO0zGmSaBwx_eowyT6nPf-_XQZMKX6pT9kMnONoTY6WOJowBqMLEPuaCOmAERCQxQ7_MERecG5OHA9z000Ey17FqZ1tG00X8RtX6YeZvE4gDJ4uefS7G0K-djqHF79r0Z3jekIx6JfSEjXPayLh0vldfUzuruHHK4qsgqGh6aaqvWIyVKkkj25rAXtnL99B68CWCTGqcqANMt4BDjZ1YEM50scK7C6RxUY34zrr9HwMmH7pGfZ9gwi5ZfbMKShGlQDz4IqvJFhPLsg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F89 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtBgd-k2AYISfAuOhlQeCpqdQAAAAADgB4AQC&bg=!w8ClwITNAAZUuIlwVLg7ACkAdvg8WoORwGeUKiTiOciFdhkSV3LXRXgwwnKXLx4303elQ_DCZX2NkQIAAAOAUgAAAA5oAQeZAmUq7mKC1Fpeuy06_D6f2wsevRF_bI7rRso2IhjQvUsEa2uYf7YDBX1x6BiPorkKguPVfXNKd_ADDPc0x7dmdWueqv5eIgrGwBVU5ZEzqKsbfVBrN-XD-fo4btCwFcxTAbzSM5XW0y3vza6uncJS0ro5ZoQaq2qCJh0D1-GmxbGmUOCdj-Tux-_gIYEBzy5X30kiJzRMOVEioLfL924N8AB5kvfkWwr7b8W6twDajjbKx15EAkM9kU1T6q-fwMT4bTCe9mLkx_aC7pk1KovneBPWhnm84cgneKPmeRCiXaZDG-TCFRSlNlVyq96UEvr4vlN3vscJmkc3Y2bdybKNV9hgYjd5iTYew7ii62OwvQehxxkm9KQrDlM-dVcKLuLQpXJdFj_wYT9lR5QLavr3nYFZbgxrrWFifs0F_-OT5-CnktjXqZLCRiPhBUeqHd7QwD_k__atf-a97ZB73_t3eITNnwEq6Yj8vyMQzJSeP-hP2gFHJFo6ZpSAhLEW2Py9AIVkUWQHpP4OLERd8fOo5izDmYanHRdxVFkZxk1dWEhKsoDh2a9_dloXBNmH5pm7QGnlQaxmy0ov3K7xtbglz_2ydPKd1qnmUhsN8RAJ_hsA8vSlfME1t1dRfBVwi6OWwtfjUr97dRAGW83uGtTdT6GAawsZIpAIXFicfqGi2K13WPM5AcRlIM6iYK32ju5cWJu_DY92mZS9_8AQl3w3dJZInP8ry127_J99RRx5PoIGp91DIiBKKtzMKrcxZDBKNhX-UyDb8IaCE7_ULx1nR0VcK2YraCosXOZooqWKIOdIsAU7tJyo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A667 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMEP9yQnhrbu7ypahSZaUAdQEBOuv9y3kvijEJOHdwnmDz61-sDWZ9JhzgXbR2rKxmBeKMth9Xh0JhzHU2FQZqFXqauUc6_nC38dts_iHHYhbjbmytqFzvXVlJww&sai=AMfl-YRWeUIlLR8eYBu0U2iY9azNj1erwM5_NjdmhUN15PFrnvjehiOrD-LGw7bSyaQzl9jJ1qgO7fBMOflzHQTw4YEUx_xvXv2PQmKi8CgZMvJaHv37wUZN2Ly74x-WS-g&sig=Cg0ArKJSzHHSn6pwNk6KEAE&cid=CAASPeRotwUTslNHduh4OcJzGMX5I2UzmMISUpGRnZWIsLhQ3rjfXrHbQHKEqpm6pAIPGrbljfCuaRfFOI1qHb8&id=lidar2&mcvt=1001&p=754,1054,1358,1354&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=0.74&if=1&app=0&itpl=20&adk=2316433965&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619021305963&dlt=12&rpt=796&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20516.doubleverify.com/ Frame A8E2 807 B
1 KB 62ms
61ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20516.doubleverify.com/bsevent.gif?impid=6dbb4f5371ba4bacb2d5f8bcb3163e30&pltfrm=Linux%20x86_64&cbust=1619021308667125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/20/2021 4:08:28 PM

GET
H/1.1 200
OK bsevent.gif
tps20520.doubleverify.com/ Frame A667 807 B
1 KB 63ms
62ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20520.doubleverify.com/bsevent.gif?impid=55f8553e21b841dca9e6a7223ceb57c7&pltfrm=Linux%20x86_64&cbust=1619021308694372
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:27 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/20/2021 4:08:28 PM

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame F6E8 995 B
1 KB 177ms
57ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tomandlorenzo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 21 Apr 2021 16:08:29 GMT
Age: 30278646
X-Served-By: cache-lga21943-LGA, cache-hhn4068-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 503850, 998017
X-Timer: S1619021309.082798,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 03D9 0
0 53ms
48ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

date: Wed, 21 Apr 2021 16:08:28 GMT
set-cookie: __cfduid=d7d8d4f8b592a3720463aac33366e2e511619021308; expires=Fri, 21-May-21 16:08:28 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0996c9bc1c0000f132199cb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6437df0cfdb4f132-ARN

GET
H/1.1 200
OK Cookie set check.html Show response
biddr.brealtime.com/ Frame E6C2 926 B
1 KB 110ms
39ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tomandlorenzo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dcfae6bf933412bf6438927191a14e8df1619021309; expires=Fri, 21-May-21 16:08:29 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: PDpVQFMB7Plni1kdUv8bHleeuXAB94tJrPSqFWb9VzAF/wb6yvagp7GHM3Pa6xMOqZ7TP6znRjI=
x-amz-request-id: 6A24845899282E4B
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 155
Expires: Wed, 21 Apr 2021 16:09:29 GMT
Cache-Control: public, max-age=60
cf-request-id: 0996c9bc5f0000cae43ba0c000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6437df0d6c76cae4-ARN
Content-Encoding: gzip

GET
H2 200 sync Show response
pre.ads.justpremium.com/v/1.0/t/ Frame 40DA 4 KB
4 KB 178ms
61ms Document
text/html 3.124.9.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=akomur1619021303611
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.9.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d36bbb1bb6ce3e647ff0391b396d05a1fd58b83e220ee52789e59af978a98fc0

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?_c=akomur1619021303611
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

date: Wed, 21 Apr 2021 16:08:29 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B34E 38 KB
14 KB 224ms
75ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tomandlorenzo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=165493
Expires: Fri, 23 Apr 2021 14:06:42 GMT
Date: Wed, 21 Apr 2021 16:08:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame 3D57 67 B
492 B 186ms
64ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=a51f23a31949478b894e269360343aa6&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=193&eoid=5&msrjs=1165&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1619021308962859
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 4/20/2021 4:08:29 PM

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame F6E8
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
817 B

87ms
86ms

Script
text/html

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:29 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.232:80
AN-X-Request-Uuid: fb495fe7-bb7d-454a-a904-20cd333c1e7d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:29 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.146:80
AN-X-Request-Uuid: 2a7d7010-1b85-4bbe-b7c8-9f1d31982d7f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B34E 3 KB
4 KB 232ms
58ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=34502225&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ab115c528d1391a507196500d1093a2a6b08bc58d9b476917a9e8a74528d6c81

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:27 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 6314 43 B
304 B 207ms
68ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=34502225&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Wed, 21 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1657
date: Wed, 21 Apr 2021 16:08:28 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame BD76
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4776947433013387682

42 B
769 B

231ms
62ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4776947433013387682
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=34502225&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09; chkChromeAb67Sec=1; DPSync3=1620172800%3A201_227_226_221; SyncRTB3=1619827200%3A63%7C1619568000%3A223%7C1620259200%3A35%7C1620172800%3A54_7_161_3_71_220_21_13_56
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Wed, 21 Apr 2021 16:08:29 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-4776947433013387682; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 16:08:29 GMT; path=/ PugT=1619021309; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-May-2021 16:08:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Jul-2021 16:08:29 GMT; path=/
X-lat: lhrpug013:0:415
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4776947433013387682
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B34E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cWctiqfUSHej5KO6PPvrCQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cWctiqfUSHej5KO6PPvrCQ%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

68ms
67ms

Image
text/html

104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=75823
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Thu, 22 Apr 2021 13:12:12 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame B34E 95 B
595 B 48ms
30ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6437df101d4416f2-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0996c9be12000016f2271b3000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame B34E
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

53ms
52ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:27 GMT
frontend-id: 12
location: /pubmatic/1/info2?sType=sync&sExtCookieId=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&addseg=22

7 B
147 B

183ms
57ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&addseg=22
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Wed, 21 Apr 2021 16:08:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&addseg=22
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzE2NzJEOEEtQTdENC00ODc3LUEzRTQtQTNCQTNDRkJFQjA5&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzE2NzJEOEEtQTdENC00ODc3LUEzRTQtQTNCQTNDRkJFQjA5&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

250ms
62ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
X-lat: lhrpug014:0:399
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGsjRTn8arWCiHaFXZjGYIc&google_cver=1

42 B
855 B

250ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGsjRTn8arWCiHaFXZjGYIc&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
X-lat: lhrpug008:0:768
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGsjRTn8arWCiHaFXZjGYIc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame B34E 43 B
607 B 161ms
52ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 20 Apr 2021 16:08:29 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a89d0053-306e-47b7-88aa-e83631fe94ff

42 B
882 B

183ms
62ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a89d0053-306e-47b7-88aa-e83631fe94ff
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
X-lat: lhrpug002:0:514
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a89d0053-306e-47b7-88aa-e83631fe94ff
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8743766757847171548

42 B
801 B

250ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8743766757847171548
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
X-lat: lhrpug010:0:547
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:29 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8743766757847171548
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd5a6080-4dfd-4c00-bb1f-f41824b0db26&gdpr=0&gdpr_consent=

42 B
946 B

249ms
62ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd5a6080-4dfd-4c00-bb1f-f41824b0db26&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
X-lat: lhrpug010:0:431
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Wed, 21 Apr 2021 16:09:35 GMT
Server: MT3 3660 495c301 master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd5a6080-4dfd-4c00-bb1f-f41824b0db26&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 21 Apr 2021 16:09:34 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5833518869471164362&gdpr=0&gdpr_consent=

42 B
769 B

269ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5833518869471164362&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
X-lat: lhrpug014:0:464
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:29 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.48:80
AN-X-Request-Uuid: 7a0afed7-71a4-462e-88b4-6c2e73c90f59
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5833518869471164362&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=5c97d800-c2cb-4b09-9cce-a5be5db13e4c
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=5c97d800-c2cb-4b09-9cce-a5be5db13e4c
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=42184b8b-4fd7-414e-9cca-bc9981ff3a67&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c97d800-c2cb-4b09-9cce-a5be5db13e4c&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

63ms
63ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c97d800-c2cb-4b09-9cce-a5be5db13e4c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:30 GMT
X-lat: lhrpug010:0:722
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5c97d800-c2cb-4b09-9cce-a5be5db13e4c&gdpr=&gdpr_consent=&gdpr_pd=
date: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B34E 43 B
837 B 220ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame B34E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=71672D8A-A7D4-4877-A3E4-A3BA3CFBEB09&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-90J7BjlE2uWLoNc.1pKhm9rN0OJzVoc-~A&gdpr=0&gdpr_consent=

0
418 B

233ms
57ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-90J7BjlE2uWLoNc.1pKhm9rN0OJzVoc-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:28 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 21 Apr 2021 16:08:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-90J7BjlE2uWLoNc.1pKhm9rN0OJzVoc-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame 3D57 67 B
492 B 61ms
61ms Ping
image/png 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=a51f23a31949478b894e269360343aa6&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=7&ismms=57&isumms=56&isvelg=1&nvr=6&isbxdms=2456&b0=100&b11=2513&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2613&sftb=2613&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1203&isuiabvms=1203&ispmxpms=1203&engalms=54&dvp_dpr=1&cbust=1619021309961346
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 4/20/2021 4:08:29 PM

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CD8D 281 B
554 B 238ms
59ms Document
text/html 184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tomandlorenzo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Apr 2021 16:08:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 iframe Show response
sync.teads.tv/ Frame CA0C 153 B
1 KB 84ms
83ms Document
text/html 184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?gdprIab=%7B%22status%22%3A0%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.2.3
content-length: 153
expires: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
set-cookie: tt_bluekai=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Thu, 22 Apr 2021 16:08:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2

200

sync Show response
eb2.3lift.com/ Frame C4FD
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

55ms
54ms

Document
text/html

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 234b2739c7dd48e57b7547d44b3ec254095fa6e05f4a46deb96a172bf3f71721

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=12989366327481485783
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

date: Wed, 21 Apr 2021 16:08:30 GMT
content-type: text/html; charset=utf-8
content-length: 479
set-cookie: sync=CgoIgQIQ5dXCqY8vCgoIkQIQ5dXCqY8vCgoI4gEQ5dXCqY8vCgoIkgIQ5dXCqY8vCgoI5gEQ5dXCqY8vCgoIhwIQ5dXCqY8vCgkIOhDl1cKpjy8KCQgLEOXVwqmPLwoJCF8Q5dXCqY8vCgkIHxDl1cKpjy8=; Max-Age=7776000; Expires=Tue, 20 Jul 2021 16:08:30 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12989366327481485783; Max-Age=7776000; Expires=Tue, 20 Jul 2021 16:08:30 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Wed, 21 Apr 2021 16:08:30 GMT
content-length: 0
set-cookie: tluid=12989366327481485783; Max-Age=7776000; Expires=Tue, 20 Jul 2021 16:08:30 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 82D9
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

1007 B
863 B

60ms
59ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 7ad8b2bc9bc82062d11d2e384b636b5d96d013282e558be85a876dc4939a60a5

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tomandlorenzo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=192336f4-9679-0696-0971-36e463ee3c97|1619021310
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tomandlorenzo.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=192336f4-9679-0696-0971-36e463ee3c97|1619021310; Version=1; Expires=Thu, 21-Apr-2022 16:08:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619021310|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 06-May-2021 16:08:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 21 Apr 2021 16:08:30 GMT
content-type: text/html
content-length: 546
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=192336f4-9679-0696-0971-36e463ee3c97|1619021310; Version=1; Expires=Thu, 21-Apr-2022 16:08:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
date: Wed, 21 Apr 2021 16:08:30 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 5e486fe9-af52-ab28-6270-e8f9f89ec223
pr-bh.ybp.yahoo.com/sync/openx/ Frame 82D9 43 B
702 B 35ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/5e486fe9-af52-ab28-6270-e8f9f89ec223?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 82D9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=BZ7QD4qe1LzfoW5

43 B
106 B

60ms
60ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=BZ7QD4qe1LzfoW5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:30 GMT
Server: PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=BZ7QD4qe1LzfoW5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 82D9
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=4660e9a1-e0fd-47c1-9462-91da57a10b64&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=5c97d800-c2cb-4b09-9cce-a5be5db13e4c

43 B
106 B

59ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=5c97d800-c2cb-4b09-9cce-a5be5db13e4c
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:31 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=5c97d800-c2cb-4b09-9cce-a5be5db13e4c
date: Wed, 21 Apr 2021 16:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 82D9
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIdXhFN0JBSndBQUNyLUxmTGNKdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

74ms
73ms

Image
image/gif

52.51.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:31 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 82D9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bd5a6080-4dfd-4c00-bb1f-f41824b0db26

43 B
106 B

59ms
59ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bd5a6080-4dfd-4c00-bb1f-f41824b0db26
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 21 Apr 2021 16:09:36 GMT
Server: MT3 3660 495c301 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bd5a6080-4dfd-4c00-bb1f-f41824b0db26
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 21 Apr 2021 16:09:35 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 82D9
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=e8b5b3mSpzpgl_dve87sOy7H9Wlgx6NuecAgoAo4

43 B
106 B

59ms
59ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=e8b5b3mSpzpgl_dve87sOy7H9Wlgx6NuecAgoAo4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=e8b5b3mSpzpgl_dve87sOy7H9Wlgx6NuecAgoAo4
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 82D9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8743766757847171548

43 B
106 B

60ms
60ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8743766757847171548
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8743766757847171548
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 82D9 70 B
264 B 74ms
71ms Image
image/gif 52.19.21.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=ca8f09ad-3ffe-3961-53a7-fe0c07c90f6a&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 82D9 170 B
188 B 73ms
71ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTZlMGRhNjctZjY4OS02N2M1LTQ2NDctYTRiNWNkMmJjMTBh

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 82D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPIIosCxkJR4Td4FyjFGMk&google_cver=1

43 B
106 B

59ms
59ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPIIosCxkJR4Td4FyjFGMk&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPIIosCxkJR4Td4FyjFGMk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CD8D 31 KB
9 KB 72ms
70ms Script
text/html 184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1c1e298c19bf83ab21ac9f37d27a20d6068e98c648c306c11ef18f9f7eb1da49

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:33:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75699
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Thu, 22 Apr 2021 13:10:09 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C4FD 70 B
264 B 73ms
72ms Image
image/gif 52.19.21.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame C4FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECzgqv4aD4Oz9GkedKl_mXk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

57ms
57ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECzgqv4aD4Oz9GkedKl_mXk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECzgqv4aD4Oz9GkedKl_mXk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C4FD
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI5ODkzNjYzMjc0ODE0ODU3ODM%3D

170 B
188 B

70ms
69ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI5ODkzNjYzMjc0ODE0ODU3ODM%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI5ODkzNjYzMjc0ODE0ODU3ODM%3D
date: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame C4FD 42 B
444 B 53ms
28ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=12989366327481485783&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:30 GMT
etag: "506f5bd17ad71:0"
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref: Ref A: 40FA1EA6E118419A93585CC5462304D0 Ref B: FRAEDGE1310 Ref C: 2021-04-21T16:08:30Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame C4FD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/12989366327481485783?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-x9BsKZVE2oTxJBYq.JJwVZA8JREEec7dAZx50Jjbkg--~A&dongle=0883

37 B
353 B

56ms
56ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-x9BsKZVE2oTxJBYq.JJwVZA8JREEec7dAZx50Jjbkg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 21 Apr 2021 16:08:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-x9BsKZVE2oTxJBYq.JJwVZA8JREEec7dAZx50Jjbkg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame C4FD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=5833518869471164362&dongle=4d58&gdpr=1&gdpr_consent=

37 B
353 B

59ms
57ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=5833518869471164362&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:30 GMT
X-Proxy-Origin: 86.106.103.100; 86.106.103.100; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.15:80
AN-X-Request-Uuid: 47295ef6-f61c-4a1d-8e74-a579bbaedd79
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=5833518869471164362&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame C4FD
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12989366327481485783
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12989366327481485783&dcc=t

0
0

137ms
136ms

Image
text/html

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12989366327481485783&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:31 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12989366327481485783&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame C4FD
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

54ms
53ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 16:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Wed, 21 Apr 2021 16:08:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame C4FD 0
0 59ms
55ms Image
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=12989366327481485783
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame C4FD 0
0 58ms
54ms Image
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=12989366327481485783
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame CD8D 284 B
536 B 232ms
57ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame B34E 0
418 B 252ms
63ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:08:31 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 dc_oe=ChMIhITSrtyP8AIV41DlCh0C0wkKEAAYACD63-FGQhMI6J6XrtyP8AIVZeG7CB3RFAPH;met=1;&timestamp=1619021317017;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B51F 42 B
498 B 217ms
91ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhITSrtyP8AIV41DlCh0C0wkKEAAYACD63-FGQhMI6J6XrtyP8AIVZeG7CB3RFAPH;met=1;&timestamp=1619021317017;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 16:08:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=72

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tomandlorenzo.com/	1970-01-20 02:29:17	Name: proper_tracker_cookie Value: eyJwaWQiOiIiLCJiaWRkZXJzIjp7Im1lZGlhZ3JpZCI6MSwidmVyaXpvbl9tZWRpYSI6MSwiX19jZl9ibSI6MX0sInByb3Blcl91aWQiOiI1OGNlMmZiNC0yMzEyLTQzNDctYjY3Zi1iMjdkY2YwOTI5ZjEifQ==
.tomandlorenzo.com/	1970-01-20 02:29:17	Name: __cf_bm_cookie Value: d04aa90243b370eb7ebac6caa6ebf243476fc6dc-1619021303-1800-AW2x1R/O9fGV0S73PWf5S2eCOo+MhiLVPGUystka/nPwY5nSWZHG+5JTxmK39BRE0wQClFs1MmNcjV969PQOWnGXDFxGL2urBjZiexFlpw4A
.tomandlorenzo.com/	1970-01-20 02:29:17	Name: verizon_media_cookie Value: y-ZoRCwvNE2uHrOiHHj8EXEgrsEvor1u5W~A
.tomandlorenzo.com/	1970-01-20 02:29:17	Name: mediagrid_cookie Value: 241e9e32-75a3-4739-8dda-59564a24d5e3
tomandlorenzo.com/	1970-01-20 03:12:29	Name: __atuvc Value: 1%7C16
tomandlorenzo.com/	1970-01-19 17:43:43	Name: __atuvs Value: 60804df7e4ba13db000
tomandlorenzo.com/	1970-01-19 18:26:53	Name: sharedid_last Value: Wed%2C%2021%20Apr%202021%2016%3A08%3A24%20GMT
tomandlorenzo.com/	1970-01-19 18:26:53	Name: sharedid Value: %7B%22id%22%3A%2201F3TK14G9KH08PKGHDFW1312Z%22%2C%22ts%22%3A1619021304329%2C%22ns%22%3Atrue%7D
tomandlorenzo.com/	1970-01-19 18:26:53	Name: _lr_env_src_ats Value: false
tomandlorenzo.com/	1969-12-31 23:59:59	Name: loglevel Value: WARN
.tomandlorenzo.com/	1970-01-20 02:29:17	Name: _pubcid Value: 58ce2fb4-2312-4347-b67f-b27dcf0929f1
.tomandlorenzo.com/	1970-01-19 17:43:43	Name: properSessionData Value: eyJ1dWlkIjoiYjRjZmU2NGUtZjdiZS00MmFjLTg1ZTAtYWZjMjNmNmUwNjAxIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MCwiYmlkX2F2ZyI6e319
.tomandlorenzo.com/	1970-01-19 17:45:07	Name: _gid Value: GA1.2.1020375034.1619021303
tomandlorenzo.com/	1970-01-19 17:43:44	Name: _lr_retry_request Value: true
.tomandlorenzo.com/	1970-01-19 18:26:53	Name: __cfduid Value: d9c930a3bbcc8b6e2b481c2cd0ba72b551619021302
.tomandlorenzo.com/	1970-01-19 17:43:41	Name: _gat Value: 1
tomandlorenzo.com/	1970-01-20 02:29:17	Name: _pubcid Value: 58ce2fb4-2312-4347-b67f-b27dcf0929f1
.tomandlorenzo.com/	1970-01-20 03:08:10	Name: __qca Value: P0-786600728-1619021303688
.tomandlorenzo.com/	1970-01-20 11:14:53	Name: _ga Value: GA1.2.1668041672.1619021303

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: CMP workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ade.googlesyndication.com
ads.programattik.com
ads.pubmatic.com
adservice.google.com
adservice.google.se
ajax.googleapis.com
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
assets.pinterest.com
aud.pubmatic.com
b1sync.zemanta.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.besafe.global
cdn.districtm.io
cdn.doubleverify.com
cdn.iubenda.com
cdn.taboola.com
cdn3.doubleverify.com
cm.g.doubleclick.net
code.createjs.com
d0276f06c8be26ab9f9b0d41302aa83d.safeframe.googlesyndication.com
d5p.de17a.com
dis.criteo.com
dmx.districtm.io
dsum-sec.casalemedia.com
eb.proper.io
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
hits-i.iubenda.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
log.pinterest.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel.quantserve.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
proc.ad.cpe.dotomi.com
propermedia-d.openx.net
rtb.mfadsrvr.com
rtb0.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
syndication.twitter.com
tag.1rx.io
token.rubiconproject.com
tomandlorenzo.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20240.doubleverify.com
tps20516.doubleverify.com
tps20520.doubleverify.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usync.proper.io
v1.addthisedge.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.iubenda.com
x.bidswitch.net
z.moatads.com
api.rlcdn.com
104.108.144.214
104.108.145.8
104.109.90.77
104.111.219.144
104.16.68.69
104.17.120.107
104.244.42.72
13.224.102.122
13.224.103.105
142.250.185.98
142.250.186.66
151.101.112.84
151.101.113.108
169.50.137.190
172.217.16.130
172.217.18.98
172.67.70.205
178.250.0.163
18.156.0.31
18.158.22.14
18.194.69.169
184.30.212.16
184.30.24.107
184.30.25.161
184.31.88.106
185.29.135.227
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
199.232.137.44
213.155.156.169
213.19.147.42
213.254.244.13
216.52.2.39
2600:9000:211e:e00:8:455e:4a00:93a1
2600:9000:2190:8200:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700::6811:4f22
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:400c:c06::9d
2a02:26f0:10c:486::4469
2a02:26f0:6c00::210:ba08
2a02:fa8:8806:12::1460
2a02:fa8:8806:13::1460
2a03:2880:f113:81:face:b00c:0:25de
2a04:4e42:1f::84
3.124.79.200
3.124.9.99
3.125.99.7
35.156.13.167
35.164.25.130
35.201.96.126
35.210.215.44
35.244.159.8
37.157.3.29
37.252.173.62
44.239.227.210
46.101.132.18
51.89.21.10
52.19.21.254
52.29.176.117
52.35.237.254
52.51.154.44
52.94.232.32
64.202.112.127
69.173.144.139
69.173.144.141
77.243.60.138
93.184.220.66
00d502ab326980186fbb01b9b269e3d1fe3e6796b4ddd6255c1b824db4e3bb28
01be5f6071a66df4d84e4c7042a6c3db2a93318b340acfdb74427bed73e9fbf0
01f82e668c3a55e6dc53f97a86368a6cfc6a7bc3a94c1f4153866e51b692673d
027ba8b87dbb650f409bc274d1d54f89f7d911ddbe0e2889806a887a4a3222db
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
093e3b5627e69033d46d82fc24393f538a5aea53fd7f03871b58c702e143812e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0e50d8b31c60e43dc1f1b5c0adedcc4e6e78f3a9fae738d40490d414964ae0c2
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0effb16ddb608a8749633fee2c47b3b0b92c72bb2bda397a0170982139f1aa0a
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
11f4af66c5a7c312cb258336e99e102e6f48345073d2a1c0b950a2bc78e6441c
1226039da9d7952e67f425ba6c0613f4c56f70473c9bde60406bf64404cff15e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a98cda2eb01778f99a99bc049e3754f5fbc8da727ea24fd9598839a6778b91
1316b94d2a6d417986c3e28bba43da25d091ddef3ebd0cf7542fafa0060ce569
14cd65f2258cf8e922e3a051cff195b7cbe5d80cbcf5d2719a4d52a813f3cd9a
15a992dd0110e989ba26c80bf7002d9eaac0a6eeecf777599a5e8caffc90f888
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188229e06712280bef3385e3fb86ef8ffc7409ebece1363f3cb5ce85482df7e3
18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f
1bc0882677726f89aa067a62abae4233097858410c828339a4c8f04fb2792982
1c1e298c19bf83ab21ac9f37d27a20d6068e98c648c306c11ef18f9f7eb1da49
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
223aa04a22bf8ca5dadebfd12c9074ea8c4687bc3f6a4831e450db0e92f8217b
224b7c59c0ad56aa59a1e5b869784834453f850a8d255301ccbb5ea7e5845fc0
22ecd242420185533156bc42c58a6b7f20594213bae75f24188cb1cfe8d70c73
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
234b2739c7dd48e57b7547d44b3ec254095fa6e05f4a46deb96a172bf3f71721
2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991
2a6192379a8a76f74103f84721ac825205a4214e6b674f60354b03fd80797964
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cbe1c3d1373256c7cddccacc36b541fefedf17c853620f45e876cbc3fcfe52e
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d186981f1b614a7d05a71fdb429476d5139eda44d3d6df9f9484866a8a8fd64
2d970f7baf73a23770447cc4dd08ebb4d7380006e524fb5e82b8ffc416e64a6e
2fb9e2d2a50ec9b124401c474e91e27401bd1d5c5a9e6873e2c78448877eaaad
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
34ae160a876664b53c91c561dd6b26c26e4ac131830b43eae0fe2d3cafcf572e
372bdc6e35d6e422946a6df279b69c22d14718103e56a9d831a387ecf0610fb7
39d34100bde47a55e06c932b563a36ea7b1262f49aa860e94467c2c5612e541b
3e0289d8da8e63bded5d470a14c3fcb202657315442260033add1a6d00bd1bee
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
414bf3e547c1ce0656cd45d7338bb79eb14d332bab566f0e5e6ab103446fe415
42251572c4aed04e83cbc52b07df52aca3c32f5bdbf24186df77c21bd2b45e3b
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
46f55a528726b81fccd758ec20a258c0e843ba848366c2e2f7c2d2c6f89c9b6b
46f95703f2eb7dac37cd0b925d73efd4bf9d9c96eea9937f93fa60c274b99daf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a3445bcecd64c7ea0301d97fd82a154c6b21409e543e68afc03148b7ebaa32b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b800480d316ed85eff59c97a2ee655fe94d2ea0b2da600274d8f74f108fda4d
4c1021ce01e1c22d52e4dd7487764cb36c738834e7a9b38d567bb2a6fa2448ec
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5466ad2d392e58d0324d5c929b396d40faf27a59cf112babafb9ca8938537000
554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b
556d8b390b11e2e4f9e6f02e5d0815dbeac562b01bc705d5b4194c186a62dd78
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5909554a35a1e2ce0c8c4c4199b1833e9d3b8cef076f80bc35be8acfe2770270
5b326d41c5c1746af8c1b35ad8f74e69ff8edfb92e40e66f80f7ce999dde61f8
5b8b3e72f37175c86e72f85f45780277492bdcd665487506b03ef3054ea64eea
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d923b462f11ba29664d81bc084817b29efdbe5f6214be4a7c6097a027cafbbc
5f4ac18ca30dc56af37910e34f126893f07228e4e7cbc801aecdd5bafba7cb54
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6313740132d1eeafc3bf9f6ee5a4af08639843d768f7ca926a88c26732194405
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
66dbba38ff27fdcaf18fdde445c73e67e78561d98d688b41c4c61417f1716040
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6b6dd3a650dd7d4e281103063dda101b19b14e69c18f7dcd3d808f603a3304b7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
726cb964722184a90fd124325be480e33c1b9db2a38904ca6e03ed298363060e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7380021ebe196401b5a22b49db246ef5cfb4590f578fb7eaa08fc2217a18e244
73f8681ad6fb5d5b0694fb863dd7b6db5560f624e36f5016845f8e382f8f078c
7432231e77e2ccd2013abc9c0bca13a6132871ed93de1fc53a4f98f1bfd10b18
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
754c7c177a56f1d732a6abbdcbc18a75a28acce1a4416c96f097cecdd87f8c87
75b95600b9ed171149cf8a92f8b2a3323d55d1c9daed07d5ba166c63a93f4e6e
75cb30279256b76c576adc30c0d7c332c9355f2ede93965de72ce80e50f9efe4
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7ad8b2bc9bc82062d11d2e384b636b5d96d013282e558be85a876dc4939a60a5
7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca
7edb6077c380f452abcb3604480f5fa5bfca3287fb8a9d621a4a30589d81450b
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
85d8c90769f0f8113977a5a688f8d4923f63162b839d70429b7e225c7021c914
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88f0d332b5baeb68a108b6ed67bb860e7d83e8a754ae97a9c062c5993137c8bc
896babcc19f18135ee8831b98f22b877a37ac0c25f5376ea26b628902eb852fc
8b32ef0a8d9a4492c1af52575057aa70ede44ac23a2d58ff6bbd5d1c61ac6bc2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
905af0e6ed3b55ba54ebb221b10107b5bc465601d037e1faa75f9535c08f597c
92057c590cd33e9c7fdbbf725566bf6432be3dbca79e041e91f1cc326795b9cb
93b365b3f1530efeac3b69c1bde779a50c0a9cff458a309ab029b7f49995cdb5
966533643854ed243e41552a05bde6bbea3fc6f39dff3c09c087bed0f955fe12
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c88fcd6d202cb8258ad01c1f770c0fa8dd1eaa71eb857759707dff65ecfde3e
9d7b147bd96ffd8dd8ed44e183e0af56f0c5edea29696a0a4bc2011f0188d26d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0870491160da0757e295a43eb454c25b53471f579248cc06cdff97a11b22083
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ad566d7f54eab5cd7297f037b58a3ca301415d8d495553dce1e1528a566f36
a2d469d2375c3c336aa99657bae309f8a5124ddadfa4c98c9dd442fd1ced5f26
a38085445fadd82bb764fd51b0aae8269a2eb6495e2013c1630a87af435255e7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6019d9353f186d5abd8faba012be57a11be74cae96c47de4c55998eab5039e9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a97892f0fc488ed53dfdd3504562503967afca3a5d263ff9721919610430fa97
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab115c528d1391a507196500d1093a2a6b08bc58d9b476917a9e8a74528d6c81
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adfada585afe4064e79ca4ff91a0edcd8274efa944c7767c38e685a59be06d54
adfe82deca9b631ba0cadd8e307a6ada8d8dbeb48b01b3ae9cfadd5339535488
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8b28b0a81f15c03baa45804a67022e3ab1d01c19c7d68c85fb9c33e9007b9f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a0180a98d54785b91221532325791b81bd40d0b89d1619a6f0b11df2f8cd90
b37e558d60e9643d77167ecf956b7f84dded6e5e96dbe6a7074f6f86b1f05e64
b39d8bcdad8f1393973c2851ccd762677ce649e4edf072a7145068802e0c539b
b62489037a015d4d4e6831d0dfed7db76049626b03d44794db8277554e4f98ea
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b8fb99c65b07efa461d53bc7eb08b8ddeed0bcd41ab1e861bb59163f801ebab6
b91c7e60a3431b119d4851aee4bd8126449c5f2ef9233b1371a844207517c637
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c692da319dafff2df3272b106f72a33435e9eb223f1e02df0e3cb35ebcded692
ca343169650887c7676904cce6e840c8d6c88ccad1cb3b12e052a2af9f50b58f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce6b3c4eebfed2f4cd36d677e962efcf918b0d6074c8af26a2b7f37e1c4c16ff
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cef1e4d463af8260e81aff5e353b6e186ed307566b44497b3b26c466e053780a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d14ce2a32fb22a9a4ba78def66c24696b7308ab54963d9560504fef012d9ec3f
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d1d3abe7b43a4559f1ba08a5c3c92613b62d6b406491f5571d7cb351c61b247b
d274203a9480a7beceb8405e21775a4b077706794968219b78bce8f4f4a69517
d2de4841d5b7049e098bc0196ffb1b6081288b8f218b6ea8d0a3b54f11811101
d30a38bdd3b917c2a665a50515e333fdfbb12c357016f437b8962c5eebf81f0c
d36bbb1bb6ce3e647ff0391b396d05a1fd58b83e220ee52789e59af978a98fc0
d573a89cf40ed2c0edf9028b71e431b89926993eb676041117a549ac6821d981
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
daa735206eb2d8d49bac05f2b90f68dfc717aadfcd3a6849d026da379876c0c0
db5abf1b8fe5a03c8e6e4308c9c74dfa2609418dbc002688d75fd3fe5c2e5c3e
dbfdab41129bb46800b537a5cc87ca6592a3d0498d6214f7e7a9e561e414d246
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de13e5ed0484e4d9c8d5f93330b02a28e19c6ae0d6a2d27f4f2dfd9bfad589cb
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e0d0b7c575cdaa18d74a5232eddaf64f8a87a0bdcf2573605985e166ec5f4ee1
e2385a1c89de07934b23f1d423cd5a3de373ef9fa07d6d3966c72c55e170c489
e3364299c906c3fd0de136335d4d2338c7076c093d92294f56109a6bf7b6aa60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e812bbe11def8c9c0880a8156cde16c74b098c31c723691980a7b4b6ab533d7e
e81d904e1a744628e5c9597a2e53dad4eb16c5945f2c6c91284250ab0135dfe2
e89de7226e455c70432b00b9c3c9e41d2d0c3f5a91d1e0776af98419ba0f2d11
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eeef97e787ec5790de1948a94bb0358e652f0e8025ceedef99cfcaed9c414a50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f7da0952547e68946d938b9caa26ac0f19de23b44945d15949d1f2ce7ee27
f20709f5911663236587fbf68546aec95e633db6afe7b4e9584b226d33d7d09e
f41a8c95dba4c4fc7ae62a720cdfad05e2c88fb94b56ef52d6cf1c64acda5c88
f4829b31cf13494a0f848755c53a44fc192718080f1fac40fcbcaa328cf457a2
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f5b66fc00ac38ce8ab09a197a9dddd36aa1ecf3a700aefd866220162b16ebbba
faac6b9031d79a3f00c6f066e1123f99cc6c9db4de3c7f5606c7009fdce481fa
fd5dd209404d0cb6e3742f272cf87a9e8873b9e71d0103bc1ae5d90630e45d30
fd953108dcaa921f569d4e9ba6f7343fe5131219a501add60e019b8d16948457
fe347d26b846bc8bc4e9db8701a601c953505e533c009cbecb548488770fd504

tomandlorenzo.com Open in urlscan Pro 172.67.70.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

310 Requests

100 %HTTPS

33 %IPv6

62 Domains

103 Subdomains

80 IPs

8 Countries

11504 kBTransfer

16814 kBSize

19 Cookies

5 Outgoing links

Redirected requests

310 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tomandlorenzo.com Open in urlscan Pro
172.67.70.205 Public Scan

Screenshot
Live screenshot

Full Image

310
Requests

100 %
HTTPS

33 %
IPv6

62
Domains

103
Subdomains

80
IPs

8
Countries

11504 kB
Transfer

16814 kB
Size

19
Cookies

310 HTTP transactions
6 data transactions