urlscan.io logo urlscan.io
SecurityTrails logo

www.letsbeardown.com Open in urlscan Pro
68.168.112.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.letsbeardown.com/
Effective URL: https://www.letsbeardown.com/
Submission: On September 30 via api from GB — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 7 countries across 63 domains to perform 234 HTTP transactions. The main IP is 68.168.112.242, located in Canada and belongs to GTCOMM, CA. The main domain is www.letsbeardown.com.
TLS certificate: Issued by R3 on September 30th 2023. Valid for: 3 months.
This is the only time www.letsbeardown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 68.168.112.242 36666 (GTCOMM)
30 172.64.174.36 13335 (CLOUDFLAR...)
3 172.253.115.95 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
2 151.101.129.229 54113 (FASTLY)
35 172.253.115.156 15169 (GOOGLE)
8 172.253.63.155 15169 (GOOGLE)
1 13.224.214.16 16509 (AMAZON-02)
1 172.253.63.97 15169 (GOOGLE)
6 44.213.141.94 14618 (AMAZON-AES)
3 142.251.16.94 15169 (GOOGLE)
1 23.92.190.74 10913 (INTERNAP-BLK)
5 34.235.214.237 14618 (AMAZON-AES)
10 38 172.253.122.156 15169 (GOOGLE)
1 172.253.63.154 15169 (GOOGLE)
1 23.200.0.203 20940 (AKAMAI-ASN1)
4 172.253.62.132 15169 (GOOGLE)
16 142.251.16.132 15169 (GOOGLE)
4 142.251.16.106 15169 (GOOGLE)
7 11 104.18.27.193 13335 (CLOUDFLAR...)
6 8 68.67.179.166 29990 (ASN-APPNEX)
8 18.238.4.110 16509 (AMAZON-02)
1 172.253.115.148 15169 (GOOGLE)
2 2 104.102.115.151 16625 (AKAMAI-AS)
2 2 8.18.45.140 25751 (VALUECLICK)
1 5 34.237.90.245 14618 (AMAZON-AES)
2 2 184.25.127.90 20940 (AKAMAI-ASN1)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 34.233.239.154 14618 (AMAZON-AES)
1 1 34.236.127.74 14618 (AMAZON-AES)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.116 16276 (OVH)
4 4 35.211.178.172 15169 (GOOGLE)
4 172.253.122.94 15169 (GOOGLE)
1 1 34.205.126.186 14618 (AMAZON-AES)
1 34.227.12.45 14618 (AMAZON-AES)
2 2 185.167.164.43 198622 (ADFORM)
19 29 69.173.151.100 26667 (RUBICONPR...)
6 18.67.76.65 16509 (AMAZON-02)
1 108.138.85.126 16509 (AMAZON-02)
1 142.251.16.139 15169 (GOOGLE)
2 23.66.192.65 16625 (AKAMAI-AS)
1 13.107.21.200 8068 (MICROSOFT...)
2 2 52.202.64.188 14618 (AMAZON-AES)
4 4 52.223.40.198 16509 (AMAZON-02)
3 3 35.170.132.10 14618 (AMAZON-AES)
2 2 198.148.27.131 19189 (PULSEPOINT)
2 2 96.46.183.20 7979 (SERVERS-COM)
1 147.135.119.115 16276 (OVH)
2 2 23.192.31.127 16625 (AKAMAI-AS)
4 184.29.130.170 16625 (AKAMAI-AS)
2 2 23.105.12.172 30633 (LEASEWEB-...)
2 2 3.226.142.250 14618 (AMAZON-AES)
1 1 80.77.87.166 46636 (NATCOWEB)
2 2 44.238.141.43 16509 (AMAZON-02)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 1 213.19.162.90 3356 (LEVEL3)
1 23.105.14.106 ()
2 13.107.42.14 ()
4 6 52.94.222.140 16509 (AMAZON-02)
4 6 52.46.151.131 ()
2 54.159.168.32 ()
2 2 52.206.108.195 14618 (AMAZON-AES)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
2 2 3.225.218.10 14618 (AMAZON-AES)
1 23.204.152.160 20940 (AKAMAI-ASN1)
1 1 13.224.214.89 16509 (AMAZON-02)
1 1 13.224.214.26 16509 (AMAZON-02)
1 52.85.132.68 16509 (AMAZON-02)
234 45
7    68.168.112.242 (Canada)

ASN36666 (GTCOMM, CA)
PTR: web1-marqueur.likuid.com
www.letsbeardown.com
i.markerzone.com
www.hetlmedia.com
30    172.64.174.36 (United States)

ASN13335 (CLOUDFLARENET, US)
i.marqueur.com
3    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
35    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
8    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
1    13.224.214.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-16.phl50.r.cloudfront.net
static.freeskreen.com
1    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
6    44.213.141.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-141-94.compute-1.amazonaws.com
sb.freeskreen.com
3    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
1    23.92.190.74 (Katy, United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
5    34.235.214.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-214-237.compute-1.amazonaws.com
btlr.sharethrough.com
38    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
1    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
partner.googleadservices.com
1    23.200.0.203 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-203.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
16    142.251.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
tpc.googlesyndication.com
4    142.251.16.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f106.1e100.net
www.google.com
11    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
8    18.238.4.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-110.phl51.r.cloudfront.net
am.contobox.com
1    172.253.115.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f148.1e100.net
s0.2mdn.net
2    104.102.115.151 (Billerica, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-115-151.deploy.static.akamaitechnologies.com
px.owneriq.net
2    8.18.45.140 (Miami, United States)

ASN25751 (VALUECLICK, US)
PTR: ric07-nessy-float2.dotomi.com
dclk-match.dotomi.com
5    34.237.90.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-90-245.compute-1.amazonaws.com
match.sharethrough.com
2    184.25.127.90 (Sterling, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-127-90.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    34.233.239.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-239-154.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
1    34.236.127.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-127-74.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
4    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
4    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
www.gstatic.com
1    34.205.126.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-126-186.compute-1.amazonaws.com
fksnk.com
1    34.227.12.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-12-45.compute-1.amazonaws.com
rtb.adentifi.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
29    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    18.67.76.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-65.iad89.r.cloudfront.net
cbmedia2.contobox.com
1    108.138.85.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-126.iad12.r.cloudfront.net
shoppable-api.contobox.com
1    142.251.16.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f139.1e100.net
www.google-analytics.com
2    23.66.192.65 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-192-65.deploy.static.akamaitechnologies.com
images.homedepot.ca
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.202.64.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-64-188.compute-1.amazonaws.com
t.pswec.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    35.170.132.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-132-10.compute-1.amazonaws.com
ssp.disqus.com
2    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    147.135.119.115 (United States)

ASN16276 (OVH, FR)
PTR: ip115.ip-147-135-119.us
ww1772.smartadserver.com
2    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    184.29.130.170 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-130-170.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    23.105.12.172 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
2    3.226.142.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-142-250.compute-1.amazonaws.com
scm.publishers.tremorhub.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    44.238.141.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-141-43.us-west-2.compute.amazonaws.com
loadeu.exelator.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    23.105.14.106 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
6    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
6    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
2    54.159.168.32 (None, )

ASN- ()
match.prod.bidr.io
2    52.206.108.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-108-195.compute-1.amazonaws.com
sync.ipredictive.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    23.204.152.160 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-160.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    13.224.214.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-89.phl50.r.cloudfront.net
live.primis.tech
1    13.224.214.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-26.phl50.r.cloudfront.net
sync.intentiq.com
1    52.85.132.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-68.iad50.r.cloudfront.net
sync1.intentiq.com
Apex Domain
Subdomains		 Transfer
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
451 KB
46 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433
314 KB
37 rubiconproject.com
fastlane.rubiconproject.com Failed
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 7282
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
41 KB
30 marqueur.com
i.marqueur.com — Cisco Umbrella Rank: 300637
764 KB
15 contobox.com
am.contobox.com — Cisco Umbrella Rank: 54128
cbmedia2.contobox.com — Cisco Umbrella Rank: 56212
shoppable-api.contobox.com — Cisco Umbrella Rank: 141337
557 KB
12 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com
8 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
7 KB
10 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1680
match.sharethrough.com — Cisco Umbrella Rank: 876
37 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
6 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
50 KB
7 freeskreen.com
static.freeskreen.com — Cisco Umbrella Rank: 82061
sb.freeskreen.com — Cisco Umbrella Rank: 65366
33 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
3 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
2 KB
4 smartadserver.com
ww1772.smartadserver.com — Cisco Umbrella Rank: 88777
sync.smartadserver.com — Cisco Umbrella Rank: 2057
rtb-csync.smartadserver.com
4 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
4 letsbeardown.com
www.letsbeardown.com
303 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2272
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
171 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
3 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1438
sync1.intentiq.com — Cisco Umbrella Rank: 2789
2 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
986 B
2 bidr.io
match.prod.bidr.io
866 B
2 linkedin.com
px.ads.linkedin.com
768 B
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 10313
2 KB
2 tremorhub.com
scm.publishers.tremorhub.com — Cisco Umbrella Rank: 88391
636 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
2 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
2 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 6689
1 KB
2 homedepot.ca
images.homedepot.ca — Cisco Umbrella Rank: 121841
5 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
1 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2496
1 KB
2 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2902
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
887 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3422
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 687 Failed
3 KB
2 markerzone.com
i.markerzone.com — Cisco Umbrella Rank: 684681
24 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
5 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
531 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 2263
646 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1518
624 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 481
692 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
258 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1944
287 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 8734
615 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2679
640 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2803
173 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
44 KB
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2879
296 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
609 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
531 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
78 KB
1 hetlmedia.com
www.hetlmedia.com — Cisco Umbrella Rank: 349463
442 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
6 KB
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
0 ctnsnet.com Failed
ius.ctnsnet.com Failed
0 openx.net Failed
rtb.openx.net Failed
0 uuidksinc.net Failed
s.uuidksinc.net Failed
0 rfihub.com Failed
a.rfihub.com Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 media.net Failed
prebid.media.net Failed
234 63
Domain Requested by
32 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
www.letsbeardown.com
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
32 pagead2.googlesyndication.com www.letsbeardown.com
pagead2.googlesyndication.com
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
30 i.marqueur.com www.letsbeardown.com
16 pixel.rubiconproject.com 8 redirects
16 tpc.googlesyndication.com dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.letsbeardown.com
pagead2.googlesyndication.com
13 token.rubiconproject.com 11 redirects eus.rubiconproject.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
8 am.contobox.com dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
www.letsbeardown.com
8 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
6 s.amazon-adsystem.com 4 redirects
6 aax-eu.amazon-adsystem.com 4 redirects
6 cbmedia2.contobox.com dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
6 sb.freeskreen.com static.freeskreen.com
www.letsbeardown.com
6 securepubads.g.doubleclick.net www.letsbeardown.com
securepubads.g.doubleclick.net
5 match.sharethrough.com 1 redirects www.letsbeardown.com
5 btlr.sharethrough.com www.hetlmedia.com
4 pixel.tapad.com 2 redirects
4 eus.rubiconproject.com sb.freeskreen.com
ww1772.smartadserver.com
eus.rubiconproject.com
4 match.adsrvr.org 4 redirects
4 www.gstatic.com www.letsbeardown.com
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
4 x.bidswitch.net 4 redirects
4 www.google.com dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
www.letsbeardown.com
tpc.googlesyndication.com
4 dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.letsbeardown.com 1 redirects www.letsbeardown.com
3 ssp.disqus.com 3 redirects
3 pr-bh.ybp.yahoo.com 3 redirects
3 www.googletagservices.com dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
www.letsbeardown.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.letsbeardown.com
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
2 ups.analytics.yahoo.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 match.prod.bidr.io eus.rubiconproject.com
2 px.ads.linkedin.com
2 loadeu.exelator.com 2 redirects
2 scm.publishers.tremorhub.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 bh.contextweb.com 2 redirects
2 t.pswec.com 2 redirects
2 images.homedepot.ca dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
2 c1.adform.net 2 redirects
2 sync.inmobi.com 2 redirects
2 analytics.pangle-ads.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 px.owneriq.net 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 id5-sync.com www.hetlmedia.com
2 i.markerzone.com www.letsbeardown.com
2 cdn.jsdelivr.net www.letsbeardown.com
www.hetlmedia.com
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 hb.yahoo.net
1 rtb-csync.smartadserver.com
1 pixel-eu.rubiconproject.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 ww1772.smartadserver.com sb.freeskreen.com
1 c.bing.com www.letsbeardown.com
1 www.google-analytics.com www.googletagmanager.com
1 shoppable-api.contobox.com www.letsbeardown.com
1 rtb.adentifi.com dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
1 fksnk.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 tr.blismedia.com dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
1 ssum-sec.casalemedia.com 1 redirects
1 s0.2mdn.net dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
1 qsearch-a.akamaihd.net www.letsbeardown.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ap.lijit.com www.hetlmedia.com
1 www.googletagmanager.com www.letsbeardown.com
1 static.freeskreen.com www.letsbeardown.com
1 www.hetlmedia.com www.letsbeardown.com
1 code.jquery.com www.letsbeardown.com
1 cdnjs.cloudflare.com www.letsbeardown.com
0 sync-dmp.mobtrakk.com Failed dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
0 ius.ctnsnet.com Failed dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
0 rtb.openx.net Failed dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
0 s.uuidksinc.net Failed dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
0 a.rfihub.com Failed dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
0 eb2.3lift.com Failed dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
0 prebid.media.net Failed www.hetlmedia.com
0 fastlane.rubiconproject.com Failed www.hetlmedia.com
234 85

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
letsbeardown.com
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh
marqueur.com
GTS CA 1P5		 2023-08-08 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
i.markerzone.com
R3		 2023-08-21 -
2023-11-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
hetlmedia.com
R3		 2023-08-05 -
2023-11-03		 3 months crt.sh
*.freeskreen.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-12-16		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-08-02 -
2024-08-13		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
contobox.com
Amazon RSA 2048 M02		 2023-05-11 -
2024-06-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
images.homedepot.ca
Entrust Certification Authority - L1K		 2023-08-04 -
2024-08-09		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-27 -
2024-01-26		 a year crt.sh

This page contains 21 frames:

Primary Page: https://www.letsbeardown.com/
Frame ID: 0FCBE62B6DAE16DF6C4FF942ACD5345B
Requests: 85 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: B1524250A63EB6D783642BAB9407D3D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542527489535740&output=html&adk=1812271804&adf=3025194257&lmt=1696072776&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fwww.letsbeardown.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696047576482&bpp=4&bdt=610&idt=135&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1545367369835&frm=20&pv=2&ga_vid=990885962.1696047577&ga_sid=1696047577&ga_hid=891389481&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078200%2C44798934%2C31078320%2C31078301&oid=2&pvsid=3609365273053077&tmod=1509486628&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Frame ID: 6025EF5C828D713CA3292662A55AD6BD
Requests: 1 HTTP requests in this frame

Frame: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24F0B62C2CAE4D5F064226DD02A31805
Requests: 1 HTTP requests in this frame

Frame: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F8E215B2249241357BFCF47A21F1D93
Requests: 17 HTTP requests in this frame

Frame: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44ADCF1E78B741630E2F5FB802D15EAA
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDQlQEQi67cAhj7xZ3hATAB&v=APEucNWuBpNQqS7gf6u3HMZKF4ufHbHu40hY74ccLwpdnQWYP78zqXD2wjIMdnzxMJx8aiUFFPqWQV8MigltppZpnxdMI16IWg
Frame ID: 1E0924379E0942C1EF9D3CCE7E5A504F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-XCxCcl_v6ARipqJPeATAB&v=APEucNU3hswBE90M1W1FYQzO_bwhPfAHLVKIPmXto2U8qP_X76OEC4bRh1GXrP9nAXiPbL9VmCwPTe_uPus7EH3d3qofOAgKyQ
Frame ID: 815C5B244BD022C46F0B4E26B733388B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3779BFA9DDCE109DF7772615FAD1098
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D086B2C90D26C4520D5A3666F1B6E80
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0103BD371019042D9915F9417DC05170
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD2474CCF079595A4E5B4C480682446F
Requests: 3 HTTP requests in this frame

Frame: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CA53DC361884F6C35E3092AFA1C64FA
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 50F7AE835D43A4BE5D3B15BCD05FF5A5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7327E598093CF222E20CD317888C368
Requests: 9 HTTP requests in this frame

Frame: https://am.contobox.com/v3/service/proxy?url=https%3A%2F%2Fdee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fmraid.js
Frame ID: 6AC9C9904D1B5AACF323F27558A1BAF6
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: D9D0C12FA3E3C48D572FF629587CCAAA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: A1EE4B1FAA8DA844FA9AC590D19E6ADC
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: F6FD432C07FB4C1E0A24B82DE1541065
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5DEAA453D645DE1AD8D19B6296D55DE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF2E1BBD87585A8B6CC565F4E10EE1B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chicago Bears NFL Football News | LetsBearDown.com

Page URL History Show full URLs

  1. http://www.letsbeardown.com/ HTTP 301
    https://www.letsbeardown.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

234
Requests

72 %
HTTPS

0 %
IPv6

63
Domains

85
Subdomains

45
IPs

7
Countries

3362 kB
Transfer

6049 kB
Size

86
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.letsbeardown.com/ HTTP 301
    https://www.letsbeardown.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
Request Chain 92
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZReh2guDbga6pbnuCZORAAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRPiKjeHnMsqno0Ip_pFEY&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
Request Chain 94
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
Request Chain 96
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZReh2o8-AYuBmnSGn2SFYQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRPiKjeHnMsqno0Ip_pFEY&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
Request Chain 98
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
Request Chain 117
  • https://px.owneriq.net/ecmg?google_gid=CAESEPWidQfSU07aQ6JcRFJKEB8&google_cver=1&google_push=AXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucChL4q_8Y5Zlxv_1Pi5z7g3TQNdoIsJu3 HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucChL4q_8Y5Zlxv_1Pi5z7g3TQNdoIsJu3%26google_cver%3d1%26google_gid%3dCAESEPWidQfSU07aQ6JcRFJKEB8%26google_hm%3dUTc0OTMzMzk4MTEyODk2NjkwNjE%3d&uid=Q7493339811289669061&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucChL4q_8Y5Zlxv_1Pi5z7g3TQNdoIsJu3&google_cver=1&google_gid=CAESEPWidQfSU07aQ6JcRFJKEB8&google_hm=UTc0OTMzMzk4MTEyODk2NjkwNjE=
Request Chain 118
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP1Br_gIdKgClqTX1NIcIMY&google_cver=1&google_push=AXcoOmSmXIohjGl0u-o00a4oi3CuhYdxNPrSX-jNirq7gW0nNbqa03E1H6uRyICkzGZzmXEnjBDLm6BjWMOEhY6uR-ns6-ol7BZ8 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=64357859f59906b7&is_secure=true&networkId=14000&version=1&google_gid=CAESEP1Br_gIdKgClqTX1NIcIMY&google_cver=1&google_push=AXcoOmSmXIohjGl0u-o00a4oi3CuhYdxNPrSX-jNirq7gW0nNbqa03E1H6uRyICkzGZzmXEnjBDLm6BjWMOEhY6uR-ns6-ol7BZ8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABt38VEdo2iQMCTqzoAAAAAAA&expiration=1696133981&google_cver=1&is_secure=true&google_gid=CAESEP1Br_gIdKgClqTX1NIcIMY&google_push=AXcoOmSmXIohjGl0u-o00a4oi3CuhYdxNPrSX-jNirq7gW0nNbqa03E1H6uRyICkzGZzmXEnjBDLm6BjWMOEhY6uR-ns6-ol7BZ8
Request Chain 119
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEApG76l3k7YI96HymmRSqyk&google_cver=1&google_push=AXcoOmSUIqnqOMzVLvFiXPyUyUEmVIs3652WqewS2mqQbXPPZSYu73eGOyJF8DWHqo33lYAdDFeBHtjQEwJz7o4ZlUrFVAA4yUU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEApG76l3k7YI96HymmRSqyk&google_hm=ZReh2sG3tvF0XybYl2BPCwAABY8AAAIB&google_nid=index&google_push=AXcoOmSUIqnqOMzVLvFiXPyUyUEmVIs3652WqewS2mqQbXPPZSYu73eGOyJF8DWHqo33lYAdDFeBHtjQEwJz7o4ZlUrFVAA4yUU
Request Chain 121
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEP-AvHjPmofroKebX6zkYJ4&google_cver=1&google_push=AXcoOmT0sOaloJ1uujmrfedYSAp2JQNA0soMDMC3RyW-df65QoZ34LJ8jT6gAX9PzlkCGZKWzY22VSggFcye5AuwJZGibIiFqk3t HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTExNjcwMmYtMzc4NC00MTEzLWJiMDUtZjk3NjUxYmNkOTk1&google_push=AXcoOmT0sOaloJ1uujmrfedYSAp2JQNA0soMDMC3RyW-df65QoZ34LJ8jT6gAX9PzlkCGZKWzY22VSggFcye5AuwJZGibIiFqk3t
Request Chain 123
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESELgrBFIEzfFygKzRRMPcZSc&google_cver=1&google_push=AXcoOmSgUUIgWEsjkRTAD-uVHwTiwjQwf-GwUkLy_IQKOAGF8Sif6sQtI1XpG4mLofHLGGD1v_ex6AIB61m0yf1hmzvQulZRbkhB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSgUUIgWEsjkRTAD-uVHwTiwjQwf-GwUkLy_IQKOAGF8Sif6sQtI1XpG4mLofHLGGD1v_ex6AIB61m0yf1hmzvQulZRbkhB
Request Chain 128
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE6Y8cyiqIggnfFejcktGUs&google_cver=1&google_push=AXcoOmR2S6cVevwvJjisYS6a110OFE6F84RWFcGMOr99VII1nNpqw6lW713l9bXFaNn5esZQKZNkCYCBhlaNwjb9USu2hikSKgYP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2S6cVevwvJjisYS6a110OFE6F84RWFcGMOr99VII1nNpqw6lW713l9bXFaNn5esZQKZNkCYCBhlaNwjb9USu2hikSKgYP&google_hm=eS1Tck9wUGFSRTJwRmtRRVdnNHRkQ0RqVzVrakRBZzk4Q35B
Request Chain 131
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEOp08z6JnbsJGOWhDrYC9Pc&google_cver=1&google_push=AXcoOmRRBKsZGHx66gJqlfPsAXiscoYocVaB-6wTs2nVLEwrpQxfejvfxM2FAnt6lxsG3Joq4pbBN4jfZneLXmqpvQVrB4IcfV5Zlg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sVlWnZ78tUGmuFuB-kc6dA&google_push=AXcoOmRRBKsZGHx66gJqlfPsAXiscoYocVaB-6wTs2nVLEwrpQxfejvfxM2FAnt6lxsG3Joq4pbBN4jfZneLXmqpvQVrB4IcfV5Zlg
Request Chain 132
  • https://sync.inmobi.com/gob?google_gid=CAESEERILCCtx7r1UuU7raU9tuw&google_cver=1&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-8124rFhq9JgXvgxvdJ4JVZhFpq6h8xIfNhP-kCZydQ&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=zyq37rmTlvDZ4hoT85Sq&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA&google_nid=inmobi_new_eb
Request Chain 133
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEA9ER9U-yd3Ic3xVgKIAr1c&google_cver=1&google_push=AXcoOmSrmCAGYcrFPBQJ_3EHPlKOYRIC30EgXzoJ6C-ZIrt9M6303qOd8waR-vDA8sYHU4KB7yqs1rT0am6UY3KCgFtj1kPRRO7plA HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEA9ER9U-yd3Ic3xVgKIAr1c&google_cver=1&google_push=AXcoOmSrmCAGYcrFPBQJ_3EHPlKOYRIC30EgXzoJ6C-ZIrt9M6303qOd8waR-vDA8sYHU4KB7yqs1rT0am6UY3KCgFtj1kPRRO7plA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=53d5fc28-828c-42bc-91a1-23062d736a47&%%GOOGLE_PUSH_PAIR%%
Request Chain 155
  • https://fksnk.com/cs/google?google_gid=CAESEL2gKLynaMMcaeUwdvT0Ij4&google_cver=1&google_push=AXcoOmSjisyHoJM1xllwISJHqZCbZHZM4xwbqsO7yZunBKDzFrOsya46EexzGPyj-wbQhacTLY4zxIY1zLomid0lct_10fZ294RDq0D_Kgfew5lHex8lIydrFhDWP1GGYajdvyAlHIIAAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTU2MEJEMkNDRkEwMTRCOQ==
Request Chain 157
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDrlcJr6CLVDwL8F5JuIZbI&google_cver=1&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4OSdQFSD-GNQ-OvehEppILV2bYaKKlWu7xy7E9VLhbJp94wzlOTEpbpBhLpi9syUMytPo0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDrlcJr6CLVDwL8F5JuIZbI&google_cver=1&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4OSdQFSD-GNQ-OvehEppILV2bYaKKlWu7xy7E9VLhbJp94wzlOTEpbpBhLpi9syUMytPo0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNzczMjY2NzY0MTAzNTc2&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4OSdQFSD-GNQ-OvehEppILV2bYaKKlWu7xy7E9VLhbJp94wzlOTEpbpBhLpi9syUMytPo0
Request Chain 158
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELAOyKchp054VjWdIzc1sOI&google_cver=1&google_push=AXcoOmRQ2RHCdpU6_raFYjFP75yMvKonXRAtUITip6ug7aeVa1jUY-CeyOUUP2WcglWFdud8JUnY-1qzrcSPa9FOiepBjtE6ph2WgO1vLZbDSvrHCmCeAorL7_dAE64fXWTA89ubcBA0uSE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhYM1QtUS02RFJJ&google_push=AXcoOmRQ2RHCdpU6_raFYjFP75yMvKonXRAtUITip6ug7aeVa1jUY-CeyOUUP2WcglWFdud8JUnY-1qzrcSPa9FOiepBjtE6ph2WgO1vLZbDSvrHCmCeAorL7_dAE64fXWTA89ubcBA0uSE
Request Chain 161
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEG5nw189_BwCEV8GehHE6Tg&google_cver=1&google_push=AXcoOmTXFpYdc9Hr2_AIn0-H6ZZEN2w1nqp29hgN2eNErqDNXZjqGxPDoV77S5YETmxvmmmcx5epnysrzjQAVp_Vx-WCJRgC9HEYZQGgWg8AOF0wp0V_DPxTLBzT607zzylQ62NLG-o9U-0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTXFpYdc9Hr2_AIn0-H6ZZEN2w1nqp29hgN2eNErqDNXZjqGxPDoV77S5YETmxvmmmcx5epnysrzjQAVp_Vx-WCJRgC9HEYZQGgWg8AOF0wp0V_DPxTLBzT607zzylQ62NLG-o9U-0
Request Chain 184
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=dd3446a2-a821-4803-8421-ca3c81fc167e&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=sharethrough&bsw_user_id= HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=sharethrough&bsw_user_id= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=a188fde1-f28c-481b-802e-31d7567a2dc2&expires=3&user_group=1&ssp=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=53d5fc28-828c-42bc-91a1-23062d736a47&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 185
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=
Request Chain 186
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough&gpp=&gpp_sid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0MzYyNjc4ZjEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtYTNlNTBlMDItZWJhNS0zYjdkLWE2ODUtYjg5NDM2MjY3OGYxMgIdIDgB%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=29&buyeruid=of1VoYiW91jj&r=Cid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0MzYyNjc4ZjEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtYTNlNTBlMDItZWJhNS0zYjdkLWE2ODUtYjg5NDM2MjY3OGYxMgIdIDgB&gdpr=&gdpr_consent=&ev=1&us_privacy=&pid=562894 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0MzYyNjc4ZjEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtYTNlNTBlMDItZWJhNS0zYjdkLWE2ODUtYjg5NDM2MjY3OGYxMgIdIDgC&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0MzYyNjc4ZjEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtYTNlNTBlMDItZWJhNS0zYjdkLWE2ODUtYjg5NDM2MjY3OGYxMgIdIDgC&gdpr=&gdpr_consent=&us_privacy=&crf=1&rts=2294043073958753755 HTTP 302
  • https://ssp.disqus.com/match?bidder=32&buyeruid=e05ad052-164b-5311-b2a6-9be0d7b13a3e&r=Cid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0MzYyNjc4ZjEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtYTNlNTBlMDItZWJhNS0zYjdkLWE2ODUtYjg5NDM2MjY3OGYxMgIdIDgC HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-a3e50e02-eba5-3b7d-a685-b894362678f1
Request Chain 187
  • https://bh.contextweb.com/bh/rtset?pid=558357&ev=1&rurl=https%3a%2f%2fmatch.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=%%VGUID%% HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=GVIYBS4C8cfP&pid=558357
Request Chain 191
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Request Chain 192
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
  • https://sb.freeskreen.com/um?sa=9117547341720585190
Request Chain 193
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://sb.freeskreen.com/um?tlr=1d6492d162034a0b9fe8024f5880f747
Request Chain 194
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
  • https://sb.freeskreen.com/um?ac=1f6c48ee-bb64-4515-8c16-aa593ff4562f
Request Chain 195
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
  • https://sb.freeskreen.com/um?ni=b37c9a311ab72b6d684d218a72bedd48
Request Chain 196
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 205
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LN5IXWVB-B-7MSG HTTP 302
  • https://sb.freeskreen.com/um?mg=LN5IXWVB-B-7MSG
Request Chain 208
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LN5IXWWE-H-7WK3 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LN5IXWWE-H-7WK3
Request Chain 209
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE41SVhXV0UtSC03V0sz HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELAOyKchp054VjWdIzc1sOI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
Request Chain 210
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
Request Chain 211
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
Request Chain 212
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
Request Chain 213
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S2PuJmMgnCVm6YoPOCzHQQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.AfHCQhE2oLZE8Gyx_FzFPGnQmbJ_oAlM5EgbQ--~A
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
Request Chain 215
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2YFFdJl5QuicnrPzcLo26g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2YFFdJl5QuicnrPzcLo26g
Request Chain 216
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=out3yzYCSbOoIudcrm-WeQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=out3yzYCSbOoIudcrm-WeQ
Request Chain 218
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4f611b87-1c59-4f3d-9fd9-fed741d60c2b&expires=30
Request Chain 219
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
Request Chain 220
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN5IXWWE-H-7WK3&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN5IXWWE-H-7WK3&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1aQ3NpZk50RTJ1R0V6dkVDSFRtcGVObXdoeEg2RE1yR35B&ovsid=LN5IXWWE-H-7WK3&dpid=58160
Request Chain 222
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE41SVhXV0UtSC03V0sz HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELAOyKchp054VjWdIzc1sOI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
Request Chain 223
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S2PuJmMgnCVm6YoPOCzHQQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dg9iG89E2oLKpUUoJHbiBXOTYklITl19yYBnvw--~A
Request Chain 224
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B348LIh6RJeVHD0WysfPRg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B348LIh6RJeVHD0WysfPRg
Request Chain 225
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
Request Chain 226
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
Request Chain 227
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2Moqd8VVSBWgOvYoC9pLjw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Moqd8VVSBWgOvYoC9pLjw
Request Chain 228
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
Request Chain 231
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN5IXWWE-H-7WK3 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LN5IXWWE-H-7WK3 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LN5IXWWE-H-7WK3&ckls=true&ci=BSBXThvFfo&nc=false&trid=12216973
Request Chain 232
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1535596f-7a5b-4afa-8ffc-dab7eb7e5891&expires=30
Request Chain 233
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3

234 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.letsbeardown.com/
Redirect Chain
  • http://www.letsbeardown.com/
  • https://www.letsbeardown.com/
83 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.168.112.242 , Canada, ASN36666 (GTCOMM, CA),
Reverse DNS
web1-marqueur.likuid.com
Software
Apache /
Resource Hash
194402684f6a65ee2573ef5ca709c112a13bbed554dba85b669ce50c063677b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Sep 2023 04:19:35 GMT
Keep-Alive
timeout=5, max=500
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Sep 2023 04:19:35 GMT
Keep-Alive
timeout=5, max=500
Location
https://www.letsbeardown.com/
Server
Apache
css.css
i.marqueur.com/css/auto/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/css.css?bg=5
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d0f2e242b01e1d051c2d7d6025d21e37bb64d31933577b6e7795aa375effaf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 29 Sep 2023 07:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9K3IKc3OxMpbLyrNodjzCM0PyE0NoFNap8NeNxbSfViCoBr1xNIOcwIVB7ae%2B3FWmKfsrLbsuek2cKPBUS0tzoacPYzWA%2BJdes5DbtNJ%2FqDWOWt3EtUfMOmOl44piLw0bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
80e9ab25b90e429f-EWR
alt-svc
h3=":443"; ma=86400
css.css
www.letsbeardown.com/css/ 		448 B
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.letsbeardown.com/css/css.css?bg=5
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.168.112.242 , Canada, ASN36666 (GTCOMM, CA),
Reverse DNS
web1-marqueur.likuid.com
Software
Apache /
Resource Hash
f65c9334d6bd21e62dacbdfcae4e9b1e14f941b73cc49fa25dd619561f1f7420

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 30 Sep 2023 04:19:35 GMT
Last-Modified
Sat, 15 Oct 2022 13:29:10 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
448
oswald.css
i.marqueur.com/css/auto/ 		44 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/oswald.css?bg=3
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8c34012fba5143653013ef74900fc346dc115bc642b51859811df54354c141

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 29 Sep 2023 07:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn1uDEDLcdXNQZxAK%2BiufblkZ73EFylJ%2BISvMjNLKYI%2BP9E6pbyCp%2B7TyBKlKFCI69McFnuxUmdJ%2FZTFloySZwe3WBW%2BVVo1viArjiqS%2FN349VA8dQ3a7h4MvDkaULhLbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
80e9ab25b90f429f-EWR
alt-svc
h3=":443"; ma=86400
opensans.css
i.marqueur.com/css/auto/ 		60 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/opensans.css?bg=3
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717b10593d54204f670e8962fbe282f51357d361b0cec4ec5b979429fe08f86e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 29 Sep 2023 07:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAVT4ZDeXOq%2FwQSLGYaxq4jQxq2ZuIxLq8btQl4UfIy4AtJuQgH6CgrFiMvGELxMdG6WaZaPXBYtSzMxvGwsB12QM0UtWRZESHQvRslKvXX7sKEXh%2FAoVeLzqP%2FvpgZVig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
80e9ab25b910429f-EWR
alt-svc
h3=":443"; ma=86400
russo_one_3.css
i.marqueur.com/css/auto/ 		61 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/auto/russo_one_3.css?bg=3
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e03515f92eb3f9da1542fda3aba456d358b7f77abf96502e315139ffb898ae6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 29 Sep 2023 07:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx411eME8ZQwwepR6URRQxsjUCbqRbfx9Cz33V0Jrv%2Bj3gm%2F%2Fz7EmEjTnAFXokAeYTuTYrJOIF0qDO7c367gcBiyOvaairadMOBeY1BtffCNa204OFnw%2FD5vWUgsYPuldA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
80e9ab25c913429f-EWR
alt-svc
h3=":443"; ma=86400
css_stripe.css
i.marqueur.com/css/ 		118 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.marqueur.com/css/css_stripe.css?bg=3
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea24f23e3904d8725fe2429924bfe5720279f477856440be7a208bee4609049d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 14 Mar 2022 16:49:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuUH2k7Y9DEtaYvXNvSjKuLl5ukPL%2Bdu4%2BwX%2BXr1Mi131u9ovPCq2PZ8wbG23N76xmfuo4rBgyDV5RWjwTJhR3t2GXsIhaW7rZ6kP0eBUSKbiT6wIt%2FpgsYJssEVfD1FPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
80e9ab25c911429f-EWR
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald&family=Open+Sans&family=Russo+One&display=swap
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
d499e6ea1906782f11dcd21f8c968e1c1ef1846ee5a9ef9e63ac00dd18733e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 02:53:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Sep 2023 04:19:35 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2046244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5634
last-modified
Thu, 22 Jun 2023 11:02:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3a-1602"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeaMJk%2Fs7o474T3o7xQrgVmDqSEyV4fpSzf0VMnDN7I4pauxxvG0X6JWao3dx3SPX5KKmjyATJTMDiAk%2BTv4PvlL5vOglAnO3R3qpgQeOQj5qMGVlL1lwLSkjRu%2BC8DAxkxQeAj0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80e9ab257bcda23b-YYZ
expires
Thu, 19 Sep 2024 04:19:35 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
809476
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-yyz4542-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696047576.918557,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
43, 219498
messagebox.min.js
cdn.jsdelivr.net/npm/gasparesganga-jquery-message-box@3.2.2/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/gasparesganga-jquery-message-box@3.2.2/dist/messagebox.min.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0cbdfb3b821a07f673744cd4d3d20a67712a161e897d170bb2ed5897c003ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 30 Sep 2023 04:19:35 GMT
x-content-type-options
nosniff
content-encoding
br
age
2165863
x-jsd-version
3.2.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3238
x-served-by
cache-fra-etou8220033-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
etag
W/"24b7-WT6FSefY1qkWBRIdlExxoU8H0ys"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tooltips.js
i.markerzone.com/js/auto/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.markerzone.com/js/auto/tooltips.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.168.112.242 , Canada, ASN36666 (GTCOMM, CA),
Reverse DNS
web1-marqueur.likuid.com
Software
Apache /
Resource Hash
b655378edefec880f4a04f926f8b17e4ebff9e35f2c5b51ace7bfc5c2d1e7070

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 30 Sep 2023 04:19:35 GMT
Last-Modified
Fri, 29 Sep 2023 07:11:58 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
16971
libs.js
i.markerzone.com/js/auto/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.markerzone.com/js/auto/libs.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.168.112.242 , Canada, ASN36666 (GTCOMM, CA),
Reverse DNS
web1-marqueur.likuid.com
Software
Apache /
Resource Hash
e232846bb1f93ad35f2423d7ec39f59300dbf4564ae05653b9950d52f49cbed0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 30 Sep 2023 04:19:35 GMT
Last-Modified
Fri, 29 Sep 2023 07:11:59 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
7546
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
cdf75f75d11b1874bb255aa0d5633d2528eef0650d55b18051ab223c53c53cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50779
x-xss-protection
0
server
cafe
etag
15174457547317842804
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
0d6aaac889cacf6ca8674fb653954d26e30e31e411deef3e80e5546aa44835b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29353
x-xss-protection
0
server
cafe
etag
193 / 19630 / m202309260101 / config-hash: 9162079683277741110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:37 GMT
prebid.js
www.hetlmedia.com/ 		441 KB
442 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hetlmedia.com/prebid.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.168.112.242 , Canada, ASN36666 (GTCOMM, CA),
Reverse DNS
web1-marqueur.likuid.com
Software
Apache /
Resource Hash
c59eeedd897a679af574c86f0f5a7ac24aefc9a6069294f582f97822ceb8d4fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 30 Sep 2023 04:19:36 GMT
Last-Modified
Thu, 21 Sep 2023 04:01:46 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
451965
freeskreen.min.js
static.freeskreen.com/ba/582/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/ba/582/freeskreen.min.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5863de83de86bc9d0c9ca7c8a788a62ee645e6ca5a8b7ca2039464dda56832b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
sftnK54CEBMwzQ7ZG47yzEfXoV1mEmgU
Content-Encoding
gzip
Via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
Date
Fri, 29 Sep 2023 09:15:00 GMT
Last-Modified
Wed, 18 May 2022 20:47:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL50-C1
Age
68761
ETag
"1edf2d8e3795906aa03ddbb3d18474e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8828
X-Amz-Cf-Id
NZIvg90fHgMkHnZAa5KjheGAHAPr-x--n2bkx3f9ob41bYRdZVNzxA==
head.jpg
www.letsbeardown.com/i/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.letsbeardown.com/i/head.jpg
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.168.112.242 , Canada, ASN36666 (GTCOMM, CA),
Reverse DNS
web1-marqueur.likuid.com
Software
Apache /
Resource Hash
61129dc0126d5ac7fd4b374f3966021fcaffd5105f6e14cf2232d2d5e2cdee48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 30 Sep 2023 04:19:36 GMT
Last-Modified
Fri, 21 Jan 2022 00:21:54 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
223884
js
www.googletagmanager.com/gtag/ 		217 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8C2XWZXZ5F
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b83bcaff73aa4c71deff5473c106c68d45ef9ed05adadb03d866d824314093b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79604
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Sep 2023 04:19:39 GMT
script.js
sb.freeskreen.com/publisher/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.letsbeardown.com%2F&usp=&gdpr=-1&cs=-1
Requested by
Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/582/freeskreen.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-141-94.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
079ec5342ae21cb4c239a79896e2db74d37877995da7922c9280c5f8e4016085

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:43 GMT
content-encoding
gzip
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
21271
expires
Thu, 01 Jan 1970 00:00:00 GMT
Z9XUDmZRWg6M1LvRYsHOz8mJvLuL9A.woff2
fonts.gstatic.com/s/russoone/v16/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/russoone/v16/Z9XUDmZRWg6M1LvRYsHOz8mJvLuL9A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Open+Sans&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
b2595d7538b004d12ee6afbcee1b34e5e209d178515c9995129888823581c800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.letsbeardown.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 06:15:24 GMT
x-content-type-options
nosniff
age
165853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7372
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:54:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 06:15:24 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZSSShiA.woff2
fonts.gstatic.com/s/oswald/v53/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZSSShiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Open+Sans&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
e1b7cb1503dd34e3746b9bdd714871a24ea2336b0b3724458ce1206d23b655e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.letsbeardown.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 26 Sep 2023 00:18:31 GMT
x-content-type-options
nosniff
age
360066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12240
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:38:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 00:18:31 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVIUx6EQ.woff2
fonts.gstatic.com/s/opensans/v36/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVIUx6EQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Open+Sans&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
a8502a6a0c17656490145cf014b905ddb494eb5c0bc71079576eb25a625f84a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.letsbeardown.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 25 Sep 2023 23:48:09 GMT
x-content-type-options
nosniff
age
361888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13476
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:03:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Sep 2024 23:48:09 GMT
316971.webp
i.marqueur.com/habsetlnh/medium/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316971.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2013f2b4b0adcfacc2e150ade507273dc56db054a992774f6f6e68306afb90de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 20:37:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5814
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxCIiJB0d0aYwqeqN4C0CbGrrjiUf4c%2FmLCl9X3S9bKQefW3rvPFv0P5vv4dh3O90%2FmiXijLm8ETiqC0BWJQe%2B%2Fup06sFcisokP%2F8SCp9PYUkjhVsb%2FR7VlT54s1PBJ4nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26c9b5429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
24038
316935.webp
i.marqueur.com/habsetlnh/medium/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316935.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202400ae1999494068b41dee6ff769771869af456b37ef1eb2792edc0d37880a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 19:27:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2679
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIF93iROTRIXKtI1uT9WvgqEWf6I67cgqewq5w7pVI%2BK6ETjC2%2FfPmK9BLIU8krcrH8Vy8xsKkXoLyhk8ETp%2Bkrf%2BuucCYl11v3ST92sSuR9ZKCz80K5YZm7qiaBpVbPZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26c9b9429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
31740
316921.webp
i.marqueur.com/habsetlnh/medium/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316921.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0a0de4f7cacb142865b2b6de94d66632f05e06bb3d966d4a04ff7a37f228765

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 19:05:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4069
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSZtp6BWphlQvldrwFud0v%2BIqTW%2B9z38ja8QJ4I%2Bk%2FxyObd4wSdvYIeRE1MfFx%2BirPwh%2FRTMElUV98e1GEFj%2BWMNMBOVcZo5wWMvuUXYgU9Bjw%2FKjMUQzbp5x1oascOBWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26c9ba429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
20276
316920.webp
i.marqueur.com/habsetlnh/medium/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316920.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c3845d4dd8d78733663853bf765f4478e628ba16af69aed4ff83f715b097c30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 19:05:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4003
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIX42LlrWzaDfODAEQp2tGnJzR18He4%2FNsCtJ7B6OSxXx0lcuUzUpVl1QsHa4zhrPud8l%2FbcrS5VjWT2vgZxIEqh%2Fnn3ayBOIk%2FRoAW%2BFcNXEW98Pv5ii7mTmMKy9vmi7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26c9bb429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
40822
316915.webp
i.marqueur.com/habsetlnh/medium/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316915.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b495aa0e5fed4d5b40f3c25dba67eaa14e8346389f0cd6e46fd973858163963b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 18:52:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4759
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEXmrWmPyMJwcUxJm8DDDG%2FIi%2FOtymdyws%2BieEKieo0U%2F55RUB4ilN%2BOUbKXaO9MFebH78GkTv7kAAI7N%2B3fHGAqt2scf9wLR2hTneUdO2YnzLcJreP917Ro9hLBf9yJdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26c9bc429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
38870
316914.webp
i.marqueur.com/habsetlnh/medium/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316914.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e070e3f23c6a6e5b7f163b25eae68ae56cbebe169447b87b714f2c9d4205c4c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 18:48:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4704
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDlkQjPJiLHrMtmwuHYQPb%2FmUWKJbtwp3BP7nET2zI2EpJr7wbCVO9CF08DCt%2F2Wsoln5%2B72YLGaICSD94kIr9pxyANoAMnxy99Ti4p8KzCc6W4wblqmVWkrgnk7GMqgBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26c9bd429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
40902
316912.webp
i.marqueur.com/habsetlnh/medium/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316912.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be2a7c7cddb27661d4a10427fe4ea9d5074e8613573b8c8dd98a878f54cdea0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 18:47:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4702
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B80%2BWZGZtV1ya%2FIUDjRfC0tE5FMkr8eTd96LMLuieFvACMb2szsEJ03mno%2BokjcTIvexXqfrCB5T4SGwOZ%2F%2BPHejD%2BgSjVnHgiubq0vI6v9hMNYqnrCwe7DfeJqRZI3ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26c9be429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
36720
316871.webp
i.marqueur.com/habsetlnh/medium/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316871.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14778e8cf9e9d5c89a9f5828837be5a13943ae8df4e4c33f5ffd99b626eb1f0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 18:02:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6821
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8qYpSrIewNZBowe2jkaD%2BzJSfcf5Cmf0xrXhqULHVl1oHXSzTj8EdRPN0aQNnlON4J4pQPlqelcP%2BPW%2F7Fif%2B6NPYFTyxqk6atgVNCOw3ckfjI8mtYOGsvFc4n6NC3GPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9bf429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
24714
316912.webp
i.marqueur.com/habsetlnh/small/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/small/316912.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da0895d436994f90660cb477b233758ee0c7656a62982dabbad37331869f206

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Sep 2023 18:47:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkngJI%2F9Op3r%2BjGAqG8mSiokrUcZMXpJcIzZ1Zbnq%2BdAKrQJTd1svHRUQI3pcwT3x58qEd4wxjWOGTRt%2BQrrZ7%2Fl8RwmALNXsM13Dlyh0bqUp4%2BgZRxI9PVFNonc%2FgaEmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9c1429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
13354
316298.webp
i.marqueur.com/habsetlnh/small/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/small/316298.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83572aadd1e2df35bc88ff0897d21208aaeee93b2566bae1a1483f6e2bba35f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 28 Sep 2023 14:49:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urvatVK6TkSjgfqS0H7LwAM%2FM8Ikp0ehyA2q5yW%2F14wV1o4%2FU%2FbHSBDnECMcMe%2FON%2BDRtkhMvj%2F8dI0ayUpY3BrS0S1wahT46tbSOZ1GYQJnIu8YaCACZkBLL%2B8l03%2BElQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9c2429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
9708
316871.webp
i.marqueur.com/habsetlnh/small/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/small/316871.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66780d9c252dbe704f2cb616e10c1624f1d1cade23e14eb2812c762c39126cb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Sep 2023 18:02:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyFVnhn2yL49XkCDXQEVV08kF1J8nvIo3OZu8lAr9cPaqK3sn7711ZkfrVfM%2BlTR9MXc449lr3ywqT4uTiWxhjjr42XCohpjogP2nKcL%2F2XyOjZMLUfNQPjBTLY8OCfUoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9c3429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
9970
315764.webp
i.marqueur.com/habsetlnh/small/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/small/315764.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa42aa0f9e28e0e6948932432a41c4b2588b1f53b0f7dfa3cf427fa1d96129d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Sep 2023 12:25:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iigTnj8xozdr7lmTFJJUH%2Fn684Z3M7wrcVVAHNseukcOP%2FpIsZTov0fwjAnUTDbasuC2Dn8RoE0PiMyqRWyClz2auCWaJHu7wKdFo4FnGydmI%2Boxp%2BKBWqryXrTxzFmXWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9c4429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
14814
316914.webp
i.marqueur.com/habsetlnh/small/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/small/316914.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd00b3856690c2bac674f6a8b4aea53679103f40d2e7e58a8d1ed8065903a6c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
MISS
last-modified
Fri, 29 Sep 2023 18:48:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWI4ksERxI9YXy2gqpbVoLh3Qx1F95pEimr74aqokkZnDd%2B6xrd28IZouBiXLO9rL%2FHH4xrTSxZ7Sfl0J%2BPfWDqxJDpIFa8JJjLIlMgSPObLzlsUy45%2BT4frwKDn8Pg8aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9c5429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
13806
316640.webp
i.marqueur.com/habsetlnh/medium/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316640.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67cc8037f604770f627561fee645f433e7376ae396035885d7057f025a0586b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 04:30:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2871
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1MiXoyzkW8%2FfsZsQTP9%2B1ldtJrGa7ohPfL9lJ18kHLxirr32jaWsuRGjl%2FG3%2BNm90UNwwK7f6%2F%2BbBVRCRL0xhO4wWy46Wb1%2FP8FhryK0ffp0TvXNCIaBcV00mxNUtavcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9c6429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
33358
316636.webp
i.marqueur.com/habsetlnh/medium/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316636.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7e484017dd2528378ab17a66740095f9087f4489efefe16d295ffd01c125a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 04:10:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2263
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nj8zQ2g0sVdbjnwTwLhtcAhBkdM6%2Bnac3QqEqL%2FwRu1nWKxx7qNSLMeHy23EcskwWV5OGUm1fRPGo3JtE%2BQIsKBGxTtq518hi32Stkv%2B6Q0exTGlCABDS3c4PMajGOMFmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26d9c7429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
25392
316577.webp
i.marqueur.com/habsetlnh/medium/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316577.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55a10086153fee9f6320930360e6bc7677444e998ba8eee76da94a7a66da076

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 00:40:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2255
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjwttBBEs1%2F84CIvGBn702RxrowTIo6xsCo%2BpgS4Unn%2FHM2pZ%2Fy9LG9SWONkTOVuqouNESSXVncD2hry1INrppec30FqfI4IeY8AG%2Fq3PjyNOSYT5FEvx%2FhqkkLLRMw8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d0429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
52674
316298.webp
i.marqueur.com/habsetlnh/medium/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316298.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6e6051d8a72522d1ad39abaa68eb81781d3364cdaf13532eb3133ab1f7ae46

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:49:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2237
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKRYgs50%2FJqGr7rJAT7QrBnKzOdrElq4JgG47YFHrMJfUZuWSP0Jao3Uz6ALgW3SZC2cn1weNczTl1s7uLnwO%2BCP9aOZ8OsvwKC2exWX3XldBx%2Be1KabExOVg0%2Bf1rCkAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d1429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
27664
316291.webp
i.marqueur.com/habsetlnh/medium/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316291.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14778e8cf9e9d5c89a9f5828837be5a13943ae8df4e4c33f5ffd99b626eb1f0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:46:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
367
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kxDdQDwQPEpMevtFHSZJ72K%2Fv%2Fw%2FxJr8tlOmOPDGt9yB1eg65beOYEozmi5lA5WZ8ojuzlgEwmxxRioqF30K8%2FSX5AyvOaZVP1MhDrQ4YxUaeFZ510ARIEl1LZOSWPCyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d2429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
24714
316289.webp
i.marqueur.com/habsetlnh/medium/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316289.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b495aa0e5fed4d5b40f3c25dba67eaa14e8346389f0cd6e46fd973858163963b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:44:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2221
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG6fB%2F0LgfdPtYq0rghv3eqF4dL5uDayoN0QtBhSpj1IOcEAEUv26dXCF72ubgnF%2FU1JVEXsQ9iippDy57Utw8onl0oqyvowSECRCtBJL%2FslKsuL3ggusA1T9EmgZY7gmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d3429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
38870
316224.webp
i.marqueur.com/habsetlnh/medium/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316224.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e452999b9522408471506fd88525509af4a8afec5bdefee7f32c1b5a56fe7339

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 13:23:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
367
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMem9uIrpiw8wma26zPgvKlwd7ZPKeZfCaFCpuB2O3HH1TqF5n69p%2B31kmFMABzl1lyTsM%2BSlGJf%2BKE2bAt5n3WptqlNSkdfy2HZhzGAO28shA9eWbVNuEo8OroedCT1uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d4429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
36888
316156.webp
i.marqueur.com/habsetlnh/medium/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316156.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8893fb4b876d1baa9d9f2c0e2c48e2b644caa0bf63890bfdbbb57c8de8d43e83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 02:01:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
367
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bu5qJVBf75XFFXk3Cw0jv7ikq8dktNndtZH06mz5TE1Et%2BLolaxl0AuZazulQhDrX0e8zYKgSJiz6uMptkXvS5SO3T73pOin2IM1wcpcpqSUIxyNUozhCNh2pTDwFOOiWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d6429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
47294
316146.webp
i.marqueur.com/habsetlnh/medium/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/316146.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d365d712fb1627bddd0366d23ff4c427e71c404d9587bf6085ab921f239bcd8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 01:39:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
367
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruv78SSlWfPPJxRN0wp9aaG2DIHGcY7bLR4i1aEEtade0xrIKhXE4OglPf%2FXhUcBf9Y30gS3n0FpYfJkL9FVWncP8hJ%2Fj1kTc0eSHxFh%2BAkaLieNayYwflbEGHkFxQ80xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d7429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
40796
315887.webp
i.marqueur.com/habsetlnh/medium/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/315887.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cb0def46c2aba14c42320504c43499f4ee0a7ca04d0e08962f87dd9cd96618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 16:39:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
367
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQeMLiul4B93p%2BeQc03qt8yR6lq3uD1Gptq1%2B7kK3ewCUiPDuXwkOmAhnZVH8aNs8th7kjEezJfqHmd2rp%2FnOT%2B%2F2n5NZ4COpU9m1OOnucxDvXUcMSreV0WjD8%2BLRhOZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9d8429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
44246
315884.webp
i.marqueur.com/habsetlnh/medium/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/315884.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58f49b4e5bf6ee6b172f1267e640e42654c6df777566bd510146a3bf8b02ad7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 16:37:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
367
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BX98uLJzAS2QJ6cEnw8wQDPdNg5o8aQxXLbJmC%2BfyQLRDGqRb8Otk1VWhpKF84h4zKacSy84cL8hunbQH4xsUidkmy2W4mVcvgpFgplNfIVW7Ep8Uo4fNfxnIPdwjw5CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9da429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
28660
315767.webp
i.marqueur.com/habsetlnh/medium/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.marqueur.com/habsetlnh/medium/315767.webp
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.174.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f7de18456f8651da6b52f51c4d53e4c36f1d27d2e73757a6ea8ae7e705c693

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 12:36:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
367
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68p3s9UXbrzGEC70roQyFafMtYgai9adn7XI0izzM729O%2FnjsSZYDlt6xPdXU%2BGAHf6%2BIJXCjPf1WBzGyU3XBSGUi%2FzC6mt0hf9YIsk0ef1LdBLz265iu3i7Nyxnw59juQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80e9ab26e9db429f-EWR
alt-svc
h3=":443"; ma=86400
content-length
30402
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230929
Requested by
Host: www.hetlmedia.com
URL: https://www.hetlmedia.com/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a712add12c2aef523f34bafb5e73fa5a595c1656f2d2b2ad690f84a92b644bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.letsbeardown.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 30 Sep 2023 04:19:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
1124
x-jsd-version
1.0.1828
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
848
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4583-YYZ
x-jsd-version-type
version
etag
W/"637-tFf4FHgi06a+jBn9HO9jyJnZQfQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
id5-sync.com/api/config/ 		0
0
bid
ap.lijit.com/rtb/ 		24 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.15.0
Requested by
Host: www.hetlmedia.com
URL: https://www.hetlmedia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Katy, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
0dfc9e7bab66cfdf4358f3cd17589aacd7e4875fed3ef29d3df54573f166812e

Request headers

Referer
https://www.letsbeardown.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

Date
Sat, 30 Sep 2023 04:19:36 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.letsbeardown.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
v1
btlr.sharethrough.com/universal/ 		693 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.hetlmedia.com
URL: https://www.hetlmedia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
b0e1b217818b5fb03aa740115f3133d7e38f527a77e4059eb73ce6852314db3f

Request headers

Referer
https://www.letsbeardown.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
397
v1
btlr.sharethrough.com/universal/ 		728 B
748 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.hetlmedia.com
URL: https://www.hetlmedia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
92c877164210ac336c5bde8e0a9d12e3a9a5379299784241489c65ce1719ed8c

Request headers

Referer
https://www.letsbeardown.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
435
v1
btlr.sharethrough.com/universal/ 		37 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.hetlmedia.com
URL: https://www.hetlmedia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
b28ff9c30b36f667fcff20ba95a3eff71335c901c855e0ca5e50f057d0f7aa3a

Request headers

Referer
https://www.letsbeardown.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
18964
v1
btlr.sharethrough.com/universal/ 		672 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.hetlmedia.com
URL: https://www.hetlmedia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
edf40f11c44a39989aa8b6e0519d7ebc827cad99a553f1cbbb08aab7cf0f40c9

Request headers

Referer
https://www.letsbeardown.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
391
v1
btlr.sharethrough.com/universal/ 		31 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.hetlmedia.com
URL: https://www.hetlmedia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
d6f60200124a7e70d4f57c1e7a6aadd8456d8862f1f3fcdf6a4f4494890938c4

Request headers

Referer
https://www.letsbeardown.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
14819
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
c80cac907a7bd1e6e9108422f277023d41967a4b4935f1946186e32ca64ce327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131825
x-xss-protection
0
server
cafe
etag
8567238190214006061
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame B152 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

age
81217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 05:45:59 GMT
etag
2603938475786422795
expires
Fri, 13 Oct 2023 05:45:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		399 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.letsbeardown.com&callback=_gfp_s_&client=ca-pub-6542527489535740
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
51ec93b9fb1491ccc1bb582cefbf62dd0d9d5be7def1b7cc480cb29b9597b7df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6025 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542527489535740&output=html&adk=1812271804&adf=3025194257&lmt=1696072776&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fwww.letsbeardown.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696047576482&bpp=4&bdt=610&idt=135&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1545367369835&frm=20&pv=2&ga_vid=990885962.1696047577&ga_sid=1696047577&ga_hid=891389481&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078200%2C44798934%2C31078320%2C31078301&oid=2&pvsid=3609365273053077&tmod=1509486628&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=pub_marc&cls=pt10%20pb10%20bgf%20bbd%20w3-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		410 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 05:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
82868
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132541
x-xss-protection
0
server
cafe
etag
15229329507080665565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 28 Sep 2024 05:18:29 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=fef94f35-5c10-49a1-b8bc-3e65fbd1b6a3&cid=8CURPE8U4&crid=223773778|423158194|757123081|237073884|746955452&adunit_count=5&dn=www.letsbeardown.com&requrl=https://www.letsbeardown.com/&istop=true&event=client_timeout&value=5&rd=1000
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:40 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 30 Sep 2023 04:19:40 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		189 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3609365273053077&correlator=1914704992382500&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=117014822%2Cletsbeardown&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C980x300%7C980x120%7C970x250%7C970x90%7C970x66%7C750x100%7C728x90%7C300x250%7C336x280&ifi=2&sfv=1-0-40&ists=2&fas=8%2C0&eri=1&sc=1&cookie=ID%3D34cd3b35d681c77f-227b251974e400cd%3AT%3D1696047576%3ART%3D1696047576%3AS%3DALNI_MYYo0hCKVt5CxXvbZzTbDs-13iFiQ&gpic=UID%3D00000d95f83a678b%3AT%3D1696047576%3ART%3D1696047576%3AS%3DALNI_MY3VnP7BxFESxW6k6Jg2BjzV-imDw&abxe=1&dt=1696047577374&lmt=1696072777&adxs=-9%2C310&adys=-9%2C10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&loc=https%3A%2F%2Fwww.letsbeardown.com%2F&vis=1&psz=0x-1%7C1600x-1&msz=0x-1%7C1600x-1&fws=2%2C512&ohw=0%2C0&ga_vid=990885962.1696047577&ga_sid=1696047577&ga_hid=891389481&ga_fc=false&dlt=1696047575872&idt=1458&prev_scp=position%3Doop%7Cposition%3D1%26refresh%3Dtrue&cust_params=hostname%3Dletsbeardown%26page%3Dstory%26lang%3Den&adks=2088765725%2C1097867433&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
0dc12dea8574b37d4ca562aaa371b9bde2f402502bd6cf9145c460f8c7c9a269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53264
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 24F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:37 GMT
expires
Sun, 29 Sep 2024 04:19:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 18:56:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
33800
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13202
x-xss-protection
0
server
cafe
etag
9134410016569746439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 28 Sep 2024 18:56:17 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3609365273053077&correlator=4323440166631777&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=117014822%2Cletsbeardown&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C336x280%7C300x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D34cd3b35d681c77f-227b251974e400cd%3AT%3D1696047576%3ART%3D1696047576%3AS%3DALNI_MYYo0hCKVt5CxXvbZzTbDs-13iFiQ&gpic=UID%3D00000d95f83a678b%3AT%3D1696047576%3ART%3D1696047576%3AS%3DALNI_MY3VnP7BxFESxW6k6Jg2BjzV-imDw&abxe=1&dt=1696047577396&lmt=1696072777&adxs=236&adys=751&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&loc=https%3A%2F%2Fwww.letsbeardown.com%2F&vis=1&psz=789x-1&msz=789x-1&fws=512&ohw=0&ga_vid=990885962.1696047577&ga_sid=1696047577&ga_hid=891389481&ga_fc=false&dlt=1696047575872&idt=1458&prev_scp=position%3D2%26refresh%3Dtrue&cust_params=hostname%3Dletsbeardown%26page%3Dstory%26lang%3Den&adks=1299203841&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
61a41c0b6ce42dc4eadf7169911fb1dfdef4e0de19f6440f62b099ee674326dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13854
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3609365273053077&correlator=746702740510196&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=117014822%2Cletsbeardown&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x600%7C300x250%7C320x480%7C160x600&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D34cd3b35d681c77f-227b251974e400cd%3AT%3D1696047576%3ART%3D1696047576%3AS%3DALNI_MYYo0hCKVt5CxXvbZzTbDs-13iFiQ&gpic=UID%3D00000d95f83a678b%3AT%3D1696047576%3ART%3D1696047576%3AS%3DALNI_MY3VnP7BxFESxW6k6Jg2BjzV-imDw&abxe=1&dt=1696047577400&lmt=1696072777&adxs=1032&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&loc=https%3A%2F%2Fwww.letsbeardown.com%2F&vis=1&psz=369x-1&msz=369x-1&fws=512&ohw=0&ga_vid=990885962.1696047577&ga_sid=1696047577&ga_hid=891389481&ga_fc=false&dlt=1696047575872&idt=1458&prev_scp=position%3D5%26refresh%3Dtrue%26hb_format_sharethrou%3Dbanner%26hb_size_sharethrough%3D300x250%26hb_pb_sharethrough%3D1.08%26hb_adid_sharethrough%3D267578fd04e8a38%26hb_bidder_sharethrou%3Dsharethrough%26hb_format%3Dbanner%26hb_deal_sharethrough%3D25i4w%26hb_deal%3D25i4w%26hb_size%3D300x250%26hb_pb%3D1.08%26hb_adid%3D267578fd04e8a38%26hb_bidder%3Dsharethrough&cust_params=hostname%3Dletsbeardown%26page%3Dstory%26lang%3Den&adks=574139835&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
f57d3edf067e78a76f7436be8d0d5e99f1e297195c145443e304149f48742df2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12151
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.letsbeardown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F8E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:37 GMT
expires
Sun, 29 Sep 2024 04:19:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44AD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:37 GMT
expires
Sun, 29 Sep 2024 04:19:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E09 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDQlQEQi67cAhj7xZ3hATAB&v=APEucNWuBpNQqS7gf6u3HMZKF4ufHbHu40hY74ccLwpdnQWYP78zqXD2wjIMdnzxMJx8aiUFFPqWQV8MigltppZpnxdMI16IWg
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6F8E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F8E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMVFOOygEAFs8pbUFNuJYMzPqogjQhAaR4eAho_Qzx50WPSDEMiw_td-FlZi5IGVcORHGiU1Bxrax8IRsjANLyazcCuyUr_V3ph13S1zPrSNqx8fM
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F8E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=602172461534186356&x=1&ct=77
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 6F8E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 05:55:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
80624
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 05:55:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 6F8E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 06:13:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
79597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 06:13:01 GMT
l
www.google.com/ads/measurement/ Frame 6F8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRW4zB-hXDQQieuCdHo3MTMKvuhJIZmd5FuKkQ1cBsEShmhyqSDIEv19qViqgsTZ4CQEqJ_9VOSR-iH67ZudzodnKnA7Q
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F8E 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 815C 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-XCxCcl_v6ARipqJPeATAB&v=APEucNU3hswBE90M1W1FYQzO_bwhPfAHLVKIPmXto2U8qP_X76OEC4bRh1GXrP9nAXiPbL9VmCwPTe_uPus7EH3d3qofOAgKyQ
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 44AD 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44AD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAEl_3wXE1tuRSphj8vLBqlAt242fk356xmkosFeUBtANh-fddxtjWaJ-V6-7aRpKhuGOnZxcchhlBnO6RPiph8P8_ttH8lrRSwWaVpAVT8ACS5N8
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44AD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12499470603616883886&x=1&ct=76
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 44AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 05:55:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
80624
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 05:55:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 44AD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 06:13:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
79597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 06:13:01 GMT
l
www.google.com/ads/measurement/ Frame 44AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5kl2kdQsobQn6p9GupwgUeFggQmXpWxG1i6rcZHhir40Hg1fXSWoTMzQQJFs3C6EB689IXB5f75Vl3WZ9WubjTgsqrQ
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44AD 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDQlQEQi67cAhj7xZ3hATAB&v=APEucNWuBpNQqS7gf6u3HMZKF4ufHbHu40hY74ccLwpdnQWYP78zqXD2wjIMdnzxMJx8aiUFFPqWQV8MigltppZpnxdMI16IWg
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVZEMopyZ3Z74%2Bypd5BJc0aqsZGOG%2BpH5GsgFV%2BlRWAkf5XhkzSPywiwl8AaLvbAxcLTadnEtQvLnesh10LhmzP3an03lYeLSYT3GbfO0CVZSncA%2FuSeaDOI9z%2Ba5OWJ20O2TZ%2FFiNwXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e9ab335c0c39f2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBXiXrIDn7hLyjPtQ%2BmZnsgGzFU4AZtDHHp1kc9AI5H7AhNZPtkWKcfMG5mo2OAjNb4MgjHuZ1cU%2Bh3MAWQXXDrf199gMt%2BvLdTG6zdaFTlSFyMCm0Dlz4WYIhltSJrI3X3N8QE%2BNqOSSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
cache-control
no-cache
cf-ray
80e9ab331bcc39f2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 1E09
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZReh2guDbga6pbnuCZORAAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDQlQEQi67cAhj7xZ3hATAB&v=APEucNWuBpNQqS7gf6u3HMZKF4ufHbHu40hY74ccLwpdnQWYP78zqXD2wjIMdnzxMJx8aiUFFPqWQV8MigltppZpnxdMI16IWg
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe7Ua6Zc4l2u4p6ZibgJ8hAN%2BkcVHjKJvL5%2BAk8HyNuE1EreS7qaw7szR9iLWAk2kjRGUu9llICwdsSVc%2FLaGGT%2B0HrwmovpDc2tc7UJhqoFRhMTK1FoTvgnCvUZpWniYP52%2F8wzIFEgAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e9ab33ea5339c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 1E09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRPiKjeHnMsqno0Ip_pFEY&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDQlQEQi67cAhj7xZ3hATAB&v=APEucNWuBpNQqS7gf6u3HMZKF4ufHbHu40hY74ccLwpdnQWYP78zqXD2wjIMdnzxMJx8aiUFFPqWQV8MigltppZpnxdMI16IWg
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
an-x-request-uuid
aff24f9c-87e0-4950-b5d1-960aaf370191
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.114; 86.48.15.114; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
an-x-request-uuid
18b803cb-a570-4c89-b558-d2592c3e6685
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.114; 86.48.15.114; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1E09
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDQlQEQi67cAhj7xZ3hATAB&v=APEucNWuBpNQqS7gf6u3HMZKF4ufHbHu40hY74ccLwpdnQWYP78zqXD2wjIMdnzxMJx8aiUFFPqWQV8MigltppZpnxdMI16IWg
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
an-x-request-uuid
73c41085-5b41-47b1-aefe-bf3de4e976b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
x-proxy-origin
86.48.15.114; 86.48.15.114; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 815C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-XCxCcl_v6ARipqJPeATAB&v=APEucNU3hswBE90M1W1FYQzO_bwhPfAHLVKIPmXto2U8qP_X76OEC4bRh1GXrP9nAXiPbL9VmCwPTe_uPus7EH3d3qofOAgKyQ
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhvHKRRbwFWjLLzEQ2SXvv4tNIdQrMCYPpA0m%2B7oRejrYQz1vin%2FQ974Lr3VV1Rfg65i4jSrTxqsxtjOiqXuG0%2FiuY%2B4n6wlW4NPvG7oNR7RmAGNiomDsUCv%2FXgvIRhbAM%2BGvbpFzOF0EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e9ab336c1339f2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4grgf722bljdxKWlLw6c6bWjk4MDwxTD8b9NkD11K1geBA8HwUXhNm8X1Q0x6CdCs5kgLriMUNwebMFeIWBz27mA0HIi7GEhgJ8vuH8cTaqhsivyyGFBEpMmlXAd1z3hyNuxBiKS4hmxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1&C=1
cache-control
no-cache
cf-ray
80e9ab331bcd39f2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 815C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZReh2o8-AYuBmnSGn2SFYQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-XCxCcl_v6ARipqJPeATAB&v=APEucNU3hswBE90M1W1FYQzO_bwhPfAHLVKIPmXto2U8qP_X76OEC4bRh1GXrP9nAXiPbL9VmCwPTe_uPus7EH3d3qofOAgKyQ
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4m%2BNnwrvEx3JTslyflu4ZD0NJcMhcU55%2F1%2F0baVIGZHA2Qc9uN5D59btnE0%2B0cCkd5dUd14pHMBg5ZeU3ByaaDjrUJzsgUh1Iar8s3ojH4AWbYyrDX3M0wwvgkB%2FaMbmymIpz2kZR318w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e9ab33ea5139c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKSHsVI2tE7Z0L07Z2Jkk0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 815C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRPiKjeHnMsqno0Ip_pFEY&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-XCxCcl_v6ARipqJPeATAB&v=APEucNU3hswBE90M1W1FYQzO_bwhPfAHLVKIPmXto2U8qP_X76OEC4bRh1GXrP9nAXiPbL9VmCwPTe_uPus7EH3d3qofOAgKyQ
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
an-x-request-uuid
e5fdae65-92b3-4654-8330-da38caf15ace
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.114; 86.48.15.114; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
an-x-request-uuid
0151e37d-a90e-4944-99a3-29adc1d6f432
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELRPiKjeHnMsqno0Ip_pFEY%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.114; 86.48.15.114; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 815C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-XCxCcl_v6ARipqJPeATAB&v=APEucNU3hswBE90M1W1FYQzO_bwhPfAHLVKIPmXto2U8qP_X76OEC4bRh1GXrP9nAXiPbL9VmCwPTe_uPus7EH3d3qofOAgKyQ
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
an-x-request-uuid
ecce94f2-66a5-4a97-831f-c0bb3ba7f249
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNDU2NTE3MzY2MjY2ODk4OA%3D%3D
x-proxy-origin
86.48.15.114; 86.48.15.114; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4141818151769&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4141818151769&version=m202309120101&ct=77&x=1&cor=602172461534186400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6F8E 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cz6_iYUcWNtBUn332pVCKLGMGC0wa-TuoQc_HLg6CyOzp5fA63pt7iQEPMjtHdEi_DEqVlZvSBuw571nEG0Z9MW9IruKCfM0hfcVOF7r6AUIq1v1TpLAy1eYCn8AF88FPYrgoKOUCBufzSomh9GqmBGzGO-zy4rhprfV8pbZyiuYHjrXQ&dbm_d=AKAmf-AFVwpyCKCLoIOZBWI0-RmxhaSUmXCRxRRGvyXrwFx0q44c_8C-hqG6faQ7qhWyqKebCNKSbFOs33G9lynae6PE-Fz5vkccDH4RMnaDhdLiYCOOky3nPzECpVwAkbhR3-7sdc5iKTkPz269gq_HgzNgNC7bAab-v9nafWodd4ORBVJM98-0R-h4J1Acpp8BiQCoVe9kdWh5fLtA5kydOvypHHkp68mJmYfQOhMWfJUgBTnjNwThh1mMN7POw11DMxL8IdZY6jWU3dTt64WwwsDqWIfMSd0bNybCDON-rvKQKTeI-hpOtxWNZ2aoP-cSz38rerTY4su_ytn9uv6_-ZobVv6LfFgvZspe8ji70eixa9UGYhBMjuOchbyVdQsjNPVgRrzUtV2o9ha5uq222gN7aJn-QVpi7QbYY4gNUJFcTFFIZ9IOxzjppo_oHw6RuO1hKtaJ7xkmg9UFl3l8pJMNjAquoIEUPejY3YYBkH1UuER_bQu9SDkwWTt6a7PRK49f3qCu3_A_rpJBrjWAEwmv7AmqKSxMHkZSpjFN5Z4mV2C_Op-eeQA6Ue4GWestRvBksxNSwJhJMS-8TAaaH6cKko1gCa0Xy6k9UPpLA2KVNhQYeJg6w55coDoLuebp5vcP1fG8MlzI_QNtUwNENSPphCofcMG8MYze37ELx1L_hZRl8k-vcF-4Lpo3mf_UUjnPNHAwFOnbJ1eQup0CX_rim1pYp6ISacaEyrjQHt5QmlGOawpeNEqAxRhg_46khFd0KPZGNmvHT6kEiHJabdUS_38NSAdDYR1_9_yo4L0U5pvej0OCtU0awJ92RP5DPKGjmo3V-9llUx7djYidjW7LJyPjQCRtl78cmhF5mykNIorRwqBsVW70liqJpUKgpArbiBuOWcKz9gq6r9LmI2tolEaD6F-eXZ2Flk1R7jE-8Enel5p5cQcXRJCEuUHbuxtCqCk9X06v9xDaK5hu8X1Zn6egLJHXqvYVkf_6pSbRmggEF5_5E6o3-XmwNWdAsZi-vWbOoTo92gRP-f0TmQ4RoJfJmrWqZSCEvMka8Iq1hnGOtj6x6B6Ce-s5zr05RrmzRxWLHGPrlelfvttTBaLVBv5B7chbAU1e4a4Cz3gamQqTbdna8SzN8bTds2iXRk96yxhnlYE42V0fF__b2DeKEP3r9SdbGtXx0m0DUFpiRh4yaPVN6S4lBUOBmdhAE4seurwRhXLz_xxnh6yxA7E0hLgvH-LHXWZlQTlI70EBEteSjJTPuGrBQ4_UsMfocsEGsGoJRrXWoJ8Tl6yYAtq6ZbNBAzyRryMNj-F6oYDu4SyWcygr_JtghVTscyyLg9v64oANL8NFtpJ7j_CKM3tx-UW7tkwKy0bvt7YFjW7vMjQSe0vNXA4XRf3kWTmobX9Dch05ES4jZvzDteBLpjfPoVlibfNYZO_7N0KVYo4NS_-Vy7EYwFId9BG-jhovL_Nr9rvgyntDyBzpa51Pced3Ku7CKaHwblAUtQhZF3wh1Y9qadxQjYeZ49z8cjLWHJ5aHC5EvTQi-JqLkKLquaI7AfUDrmAh7iMNp8c8mEjTHJ0whvjWi1T4kp7tJBa9CO2GfVAVbPIh1tHq9jjO2nTMdodvuT7rsV8LKXbAP8M9rkDyGc6-DbKGrZH4FHgD3zor22363NQpc9C2c8ux-flkgzbuCENFLWFeqT10ZIv-fKJfGUPbYiMOD7MrRcf_7c8bsO3utEPm9vxCOu3s-1ljiyfo1vtfQyfpmV71SxQAICtmYfmCNKTFsD2gpLF421H_N2qB9hF4gd8pzPypWYevxPOGQ9ySMQ2eOvqiwRLNosMTwdMYa6diRXuTkxUmOyVFAQIJuvoIwVg56KYOMfe3yEuwuVEBwfUmOLnyqFzE3RiNulNDjBEO2u7F42at76KzOJTwP1r2_9UEAAmpXcyWyP4zCGqnnhDNr2mik0M88i4wfdaGTnIIeQFObjNV2ZCkRrl1zIzSsY4HN_-hMYPq8sKhWdt1YtWS0R6mZOXwbtvHC2A1ZpYayibCo1e5cdbJ8ZxYANaQxEKJH751bSRVOdcSMpZUX2zMIgepII07RQlChRqg4BKcs72_aPw_SCQs1t3eFPlKUO7zVNdZQSAA6DUa8-tmgxNp2Dvmq-bbbFZ3-BtU4M7uAgBIkT7Ed0oVKPPMGTs7ZpbTQXM2CF7VWs63avcJ7NCz9jVL60rPPxeIYHyGlMAiJP8Cuif9narGsTLFLFhDpjR93fxFo_1FvHLD_S3Xhnwu1bZn1o9KhvAp3d1ZRE0Dc-TMwMz1HAQ1m3mi0qKvlgFYQ5FcGKmXwdbm3n7Hr-DBUvvC7RL2eqvc8LugPtwxjkYDEbfs0zB0Y5_Mgtd2j618diA8QjC7YgkxeOYRCLyG0UkEXRgwa3-N8k5xrhRhw1K5jNrP3mm8cwHU4qUJAzE9WrQRpdhxkdVFHSSDYJCbBYTPCAxY57ae8sHTCoCixgI42I6qOCDrN5BFKrrB3kbO7DofVHrKEcq6dTfsD3O1Vi0a37ezcpoL0t2kW25G_RK0WjciUgvPh_XeMn-QghneH6VatsaedjTMGQUKitnE9kNeXVFnTfTEdRVhio2qRKtxIbyhaG8EPemzUnitdzhdYxKq4_NO6GAm4fEa6w_8oh85XERfGVpv9I75TMdwO_ClqFw1bmf2rP_9uEbaWkKSl8CLIlK71d61Qg7wMg84vybIWovfrnEUcAr8r1pciFEo8cFEMYeWcIpwa2bBFSB-4cE4TumEO8sYJ3gC-O2wurUB6424m7Y-s6tSz_uYsAXMm4jMApLw_Bxc7owfiN7KgTgMBwI42qp93EEvYBt4esuyogMq_mBUx-lHna3gEMA7eK1FUEk7f74irc5nqardN8Pq4VUXeaG9jk6Uxdky3EAZtvjsGie1DjuqcrviHtcCd5UKaaoXqFfOZeCXdQ3DBwhtE_6cSa5rtoeOeIqFk0qwkfdntDlKT2jH51BV_FCx3WtOjFEYNQCocEWqdkjfHeNpZi7DlNRj3a5R4GAPJf1YbYPoXKDpbFIkg7D0F21FyaoTn5mO5uAjaRdrkvHcXIOVXYBUUVbhEIosf5o-mP3MKz0UumfidTmMPLf8ElPVhOI8jBgmfp_OZ7RtfZOge4FZY9WYDGu7UvtLblzLBGDCtQkrtFLcrA1l6J64N4KqspMULUoJHPlFJnKxeVNO9cCqyoUnh1RCs9aUjWHSM8w4OI32CdKvwyxxqbm77S_cevRQxux5P1fxvckAu-FkXukiEfwnSE-l0OQ-JA07sU0oVDVtFcYVCcxTJ4UWg379m3ufR42wbNkMK57dAeOe60-wrEvN9DAo3_kbG6fp0NdUrYxEA2seChEThuwuH2AItr7A4WIbl3hdrQx5_XkmMkGZ8wtV_GZ7unWJewQNtCxNOJSuuURnYno1Z3WTI_0tOYh1j9fT5oEFxviaXo1tOyjmokv0JlSw3Z-67l3mWM5kAcTFQgrsJnY8_3Lg8uSB1kQ5AQO27OgJLrmmpXc_Qi1fxiWHeXXomnsK-mZmSlVGn_mwOPncFK7iHw8BUxC8T8z_19PumMZGeLfXtkXrQspD1p9rXCuvUTvKJ98UZmxOK1S-yikOiFivTx_Kb9J5lNxD-Svsxbq1hpGgvvSE2df2vFdMeaghCtu-SzALwMFIn1IbUnxHFf7K069of2PIYzhiVtm4iBUJmnyS8fiPb4jhiYJmnR7EKXAr9yVoF3q2vQL7r-k75apmRPtetXF8tHNkIJIYWIRbJAUAfibhqyS003AFpbDFr9bQIPFrMEnhAHQNCMOEn5R5It8lMvX8IwzbajtWvlnYLGhGrC_Tq7ubmlmfyc-bkz0-x9EoHuHmUZNapbhOombyqUhJ1IFw-NEw1EqMFsg9fDy55SUpM41AyfJ4PjsXTJRsFSP0cYB6TX83J4fnnzzQmvyK6j1_SBazzzyYhEbzeEzSWSFTJJ1xXh97C7d0ACl1p2UNFKORN7A6hCODX1Eq1ETmTqqk9BRsW0tOevvndQOM4T562SkOKgTCtDjIvvtaoihoweXqwBDZMHkQT3ejzfl2M53re3-vdBLSUw54tDKmPEgDudtXpArAwibxzQ&cid=CAQSOwDICaaNzbOARm-VOycHUyo3ThKovRxUZbKeXASw1zhF8-twpttto_dJ7qxA5CyLM8z36nJ3E3SWRf1EGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=602172461534186400&adk=250412560&idt=73&cac=0&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
6b2e8cdb95b950cd8645c769dc6caf9958e3e223d9372ccae776286b7b44b989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18167
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1042795727034&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1042795727034&version=m202309120101&ct=76&x=1&cor=12499470603616885000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 44AD 		80 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5pZ-cslbRnK5c4VN5P1uZyv9g_u3G3yPGURMyYzQ3371HXi-1FPlV9bTfzc6uOpZtW928P2vVLLMp5rzrncXWZoMx9w&cry=1&dbm_d=AKAmf-Ap1WJe-xacydWV4w_MoWnFsKPqjsffXen-W5cUQL768b79MqVbUpkkp2kqcYQRUXlZw31bmuyYlm6wx88I7u5c5wIuWUvJQpRGaPhNKQGjZNcsX1utn0PSpQUph3qPZ_yC9n_h9LHRPMaL21JVIxfU421cEwRzlvPiwzJG1IxlBYr0Bp6yW3xq9qQxql1w8tKm0M8HxVFv-TgKspb80HXZCEl1yBsrj7BeMn4sHdfGeHNbyDEn1OkjGT8JQwMe495HcO2BVhIAXWWIR8Rd49bAO5Rv4Ns-dKcE7io24tSR8M-cRLy-ksKWqOHacR_TF9_6wZXjA4sKhLAcB18DlBK_6z3VJaSOVYJkr5x9SS-ZGAhjNecQu02tFMAWLwBaNTqlwOdWAylvFZ6hFj9sjZ52UU631ki4pL6N5HNR8CHoCcrivshgEKDkws-trGf5XvizAh81blFtqbQNo9vCE6EmsvsN0BgG0hBvoYW2-P0M6AgbBwHfq3Y1L4JnAjeTQCgi3jLXaMRLC2cqzEpmSjJRc1wAr0jSYw6h-xe5w_PRHAuy4rOgYBHlSJz7HS9Dayi27ajhzJneWQD-duOu5TKq3s3Wxqa6RVG7B31fQxIhkhKSwta5BGFdQBVfCyH9QB3vXm9kbd3d1VtrE98ALJyjta_O1ZZBeX7SujfgVbluilp4UiG9sTRzPyIM2OLPhvYr8ssrnlYSZfEaacTGnr4N_oBq7_zHuvffRiMNGvkBaTW7cmU_X0fPl-3lKeZkDuRCazTKjApp9LMvpaNaSmodrW_PkxRs9ZOXqsv3KB4B06ZVhwIMh6B-wpYVI5LppvbSdpPkYGAB7bUzFPWlcYzCL5gz4hZP4u0bdVraJFaUix5YYB0aQ67hDzBY5ZrLwJYB5phscqhTkUoqhaD4B7Lw4DxcZyh2CSwBhhDbLH140p9wNi_-z4lLnzb4YgHMe0Vf3zXYKe91alLGI7rtde6f-VtlFnhrhkm-LBO7GfBxARY-64K6PgbSX4xFl2tfCHER4H4LfAdCKdhnfGDWD896KMMXpTFDtERq0Z1_d9pZ4hNWpOIsb2q-_MCfIXuPZWzJ32xWyRekInskz4Lj7iRPs-OFsl7jNgAvxRWCZX-EvEs8TPiGKkV9hGiHBxPZs5yhple7IjH6L88m_ccP_qzGTEDRYOqyaILGDoJ2y8a0V7rhq2ngCJtL5R5yddeuiJf9o5Y62glkHMI-DoQu6MB74eorkIycFChlG2T-MfxXT7TUUM6WQshpkU_sDOItyP6930zVbxZUsolHxRanr4DzZLcSc-Ye44lJLDrELJo3bYSHYqu0c6sTL1YrsFzvnCD3vMPTMHqWCHb8HzV02Dj-8GdOLs4Gn_oLYtyTGS2GZ6wcekI4Btf15zdImweaz-fA_M4EI4l4Lgc27CLvmU7mU5QZoMuKxaDPJCL22LOTCMq-cHP0B9P8t9UJVhNKb0UQ3fQa-rlxGiHnqm9tXQLIsO088DcB5idvVjGBvme1Cq6bPIzydoh6ZhOazfgfymc0m68esMdmx4DtmrTwL6OLwzE6RzlSsgTVct4n8MDCuZbGi2ev-9Dbto_wmNGGpfWI7gHZJW-BhtdoBpDyOhif2D6vgE7ICL-24fFBY0xBM17C5vzpEsgrnqscTRpMGf3ckaJdGe_q5hr7OrVOEYEIF0E8rNwwT6Gjfc6MUq4JswFRD_qkGNDWh3X9uZs40Bffq7Ze7-hYA4o8sVeeuvgnvyl1pX6GYVZK3AbyHzy9M1N50GNichIV4fwJorRYtfrD-ovR7KJfWhmW2n3Uw1p7KGfAt5iOXc4DwdZZpvQRWqHlTjPazzNaVbxwS8rygfoI-Dpl-zDH2CgRhpqBI1cYnjvzkes1skvh1iodPVjm_kDx6CaTBUSd-ubZfwyFZR2LSTr05_-ApQhfh3eluSGPPFVrty8Mn2DXQqvxjX6EBwrUY6m24ASbmvb_2yeKTYydPYv9qwxg1iyO7E8w8qTmoIFJ5PNcxuo54HyqpFbbDIj-FCmbryv2yZGvIXxqluX-GlnhJ7bFO-8ttFk6uV2zqCPWf-0ahG-5kx5TYCFA309MAa3CWAME78uEIUAP1OTliUn4Pe_MD2-P2XV3r5Ix3Y_xAJNmhnERtGDGpnDvW9uBcVL6RBVX02KsR14ezJydaVmI6JkWTBTN36pZXPyF6cYkRuecI-bWJefxviSGz3fY2usWxsxiFxMDmDjyJNDz9YRIN0WCM0P2QkQQ-OY1OjUlsyr5akBathFUEmjEGqfC2spwr90SYyzxTanesD73McuIBqmaCSREOXhQQRa5Ow4lnGQ73OhUR_5XF2bJtQSJJJaYvIEf2zBza7BIZ7JMPx_HJOX2-xxi5nJ6JTZWrtisizrxZAozmQb2zLlJ5X4qYoNM3J9HWgqvu3fQ2FleVIJO27ig2muYgg1Q1SGkTIk4R_Y8VTFbkmh8GrMRmu7VsFRScJfseGbkgawXQZONPGRalpOdV45UgAshHS_OOtet2KssZ3NAl2KHtj9VuOx8JSOi-nlpQwQzEMa7k4LJ7211E8gdO4djIw4ZGJcWw6Nc66iBd_2EB6uuAb4kU4hZnBjTmlgzWP-qzOTicSQzZrISfw4ggctgUOSeFFbkm2q9vj2Fwru_iSVJCrK2ScMKSBiNQKspMyooxpJN6rHb3fPD6-Ti3RlNQ3ZRDXGZ2pOFK6Hp0uK2vgH_p_2lpfyBi4rUl39NmgoRzxKDWRUKuu28QRc8C1xXzsv-FPLC2Eqo5ms4MLBKwelXpMW_sdf_U06wKtBkVKWV_xdYO2DJSDgHvuCuFiesSGkr0WLpXwQCyP0roRsVEeJP5lznY18upgTGzeE0wT1rtsyS3TItFnXArNYpK9XKnTEJr4e6y2RKOzZDBbWYnXZxQsFx4hvh40Qcwmgn_KGoMqgP-YfEJvkMgJy9STTJ7EplTexdbWDVwO2EIEKfY02dI9vCyyHyV-zLLWGIk6rQxc9QdfOXpPDXcNE3tdqTx9c9rMVljVYuWNHAssLo9F9Es5Q1x2_CB6SiOCUhNiI-27n8q-GkGroZ2iigCWaU1nyEj8C9sHyMdlDIjumyz1NWgL_f9_ncHkJsMaajKFrezarZCEEz7waQMqNNOtaex4pHUk7Lier19y9enx7FIUaupRj_RQyKlh8aOmcRzC2EFfqR2pWVM0mindaSfXfHzY6Xi6K1zh2A6zxtBl-nlCRrrjJYU-Bl8GSgtNnwosayG6pB31DF3RtgU45_Uz4Re-zdK6QI7xpB045-ZOnrdC6uCJTRLNgcVNRM7wp60sdVdJbVcX0UlarJI8ULI--mLpC6NCARhNHqCD_JuMJ1vbbpXHagroApQJlgd95HpXi9j6rhSxIG5ilaiVDKvv0k5ikGPYay4prkpr9_xpUntxNNUthZ807cffZlzjpK1I8npN2a3WSsGP0iPBzfr_f6llevGkpuibcZMo-YglIrKcgaqGbzycsfLat_dpZkVMdiQ6tA0Vs2N35uPvVbNmXPqy49kDaC4D6txIc1olVIOV3CpDHinCoLHRrTJ2JM02bEeL6T00A8UEhMadktwecXcXVwl3A65IPY01Uc2WUpXu8YoUAFFBDNHgMiNF8_pS7x9E87Xb0YupMb0Qf9sbnsrJyiBnB-ft_0NKl526dWQWnD95uCdEZVe8akCVmC0eucBmlvODCOxS-GolvYJMQmKdXqXJTUvtAzCyJmcEwL7doYnh9JzTYOKOjdX96rfNwH9NIX_870D9rkn8daPhfVPYSZQex5hECQjKbTKj5skaEpOIgGjFjiSKIun6aneONVSth7r586wheALuRfCfi-hA8TmFcT7OcroagI9afQNZyrNsaJTBUQ7t43Kds8uf6V2SHFWrYVssFbQqaP9nhHL9ADNZtKbSl3fE4t0hr_p2g8FkePqdPGfS9AC5dqyBeqJTQIUMfTuoSC&cid=CAQSOwDICaaNDf5nEYJ4TJcYcyGdnvyG8n0UpoOdi48JSvI1Ko4W7ScMCDdY-D3SbPM4Ka1EO1quXRGW2BsnGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=12499470603616885000&adk=1964084972&idt=104&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
d94f916f26a0d583c9950e00454d770fe75fc4fb429059b3c4462d4decefd746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37786
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 6F8E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cz6_iYUcWNtBUn332pVCKLGMGC0wa-TuoQc_HLg6CyOzp5fA63pt7iQEPMjtHdEi_DEqVlZvSBuw571nEG0Z9MW9IruKCfM0hfcVOF7r6AUIq1v1TpLAy1eYCn8AF88FPYrgoKOUCBufzSomh9GqmBGzGO-zy4rhprfV8pbZyiuYHjrXQ&dbm_d=AKAmf-AFVwpyCKCLoIOZBWI0-RmxhaSUmXCRxRRGvyXrwFx0q44c_8C-hqG6faQ7qhWyqKebCNKSbFOs33G9lynae6PE-Fz5vkccDH4RMnaDhdLiYCOOky3nPzECpVwAkbhR3-7sdc5iKTkPz269gq_HgzNgNC7bAab-v9nafWodd4ORBVJM98-0R-h4J1Acpp8BiQCoVe9kdWh5fLtA5kydOvypHHkp68mJmYfQOhMWfJUgBTnjNwThh1mMN7POw11DMxL8IdZY6jWU3dTt64WwwsDqWIfMSd0bNybCDON-rvKQKTeI-hpOtxWNZ2aoP-cSz38rerTY4su_ytn9uv6_-ZobVv6LfFgvZspe8ji70eixa9UGYhBMjuOchbyVdQsjNPVgRrzUtV2o9ha5uq222gN7aJn-QVpi7QbYY4gNUJFcTFFIZ9IOxzjppo_oHw6RuO1hKtaJ7xkmg9UFl3l8pJMNjAquoIEUPejY3YYBkH1UuER_bQu9SDkwWTt6a7PRK49f3qCu3_A_rpJBrjWAEwmv7AmqKSxMHkZSpjFN5Z4mV2C_Op-eeQA6Ue4GWestRvBksxNSwJhJMS-8TAaaH6cKko1gCa0Xy6k9UPpLA2KVNhQYeJg6w55coDoLuebp5vcP1fG8MlzI_QNtUwNENSPphCofcMG8MYze37ELx1L_hZRl8k-vcF-4Lpo3mf_UUjnPNHAwFOnbJ1eQup0CX_rim1pYp6ISacaEyrjQHt5QmlGOawpeNEqAxRhg_46khFd0KPZGNmvHT6kEiHJabdUS_38NSAdDYR1_9_yo4L0U5pvej0OCtU0awJ92RP5DPKGjmo3V-9llUx7djYidjW7LJyPjQCRtl78cmhF5mykNIorRwqBsVW70liqJpUKgpArbiBuOWcKz9gq6r9LmI2tolEaD6F-eXZ2Flk1R7jE-8Enel5p5cQcXRJCEuUHbuxtCqCk9X06v9xDaK5hu8X1Zn6egLJHXqvYVkf_6pSbRmggEF5_5E6o3-XmwNWdAsZi-vWbOoTo92gRP-f0TmQ4RoJfJmrWqZSCEvMka8Iq1hnGOtj6x6B6Ce-s5zr05RrmzRxWLHGPrlelfvttTBaLVBv5B7chbAU1e4a4Cz3gamQqTbdna8SzN8bTds2iXRk96yxhnlYE42V0fF__b2DeKEP3r9SdbGtXx0m0DUFpiRh4yaPVN6S4lBUOBmdhAE4seurwRhXLz_xxnh6yxA7E0hLgvH-LHXWZlQTlI70EBEteSjJTPuGrBQ4_UsMfocsEGsGoJRrXWoJ8Tl6yYAtq6ZbNBAzyRryMNj-F6oYDu4SyWcygr_JtghVTscyyLg9v64oANL8NFtpJ7j_CKM3tx-UW7tkwKy0bvt7YFjW7vMjQSe0vNXA4XRf3kWTmobX9Dch05ES4jZvzDteBLpjfPoVlibfNYZO_7N0KVYo4NS_-Vy7EYwFId9BG-jhovL_Nr9rvgyntDyBzpa51Pced3Ku7CKaHwblAUtQhZF3wh1Y9qadxQjYeZ49z8cjLWHJ5aHC5EvTQi-JqLkKLquaI7AfUDrmAh7iMNp8c8mEjTHJ0whvjWi1T4kp7tJBa9CO2GfVAVbPIh1tHq9jjO2nTMdodvuT7rsV8LKXbAP8M9rkDyGc6-DbKGrZH4FHgD3zor22363NQpc9C2c8ux-flkgzbuCENFLWFeqT10ZIv-fKJfGUPbYiMOD7MrRcf_7c8bsO3utEPm9vxCOu3s-1ljiyfo1vtfQyfpmV71SxQAICtmYfmCNKTFsD2gpLF421H_N2qB9hF4gd8pzPypWYevxPOGQ9ySMQ2eOvqiwRLNosMTwdMYa6diRXuTkxUmOyVFAQIJuvoIwVg56KYOMfe3yEuwuVEBwfUmOLnyqFzE3RiNulNDjBEO2u7F42at76KzOJTwP1r2_9UEAAmpXcyWyP4zCGqnnhDNr2mik0M88i4wfdaGTnIIeQFObjNV2ZCkRrl1zIzSsY4HN_-hMYPq8sKhWdt1YtWS0R6mZOXwbtvHC2A1ZpYayibCo1e5cdbJ8ZxYANaQxEKJH751bSRVOdcSMpZUX2zMIgepII07RQlChRqg4BKcs72_aPw_SCQs1t3eFPlKUO7zVNdZQSAA6DUa8-tmgxNp2Dvmq-bbbFZ3-BtU4M7uAgBIkT7Ed0oVKPPMGTs7ZpbTQXM2CF7VWs63avcJ7NCz9jVL60rPPxeIYHyGlMAiJP8Cuif9narGsTLFLFhDpjR93fxFo_1FvHLD_S3Xhnwu1bZn1o9KhvAp3d1ZRE0Dc-TMwMz1HAQ1m3mi0qKvlgFYQ5FcGKmXwdbm3n7Hr-DBUvvC7RL2eqvc8LugPtwxjkYDEbfs0zB0Y5_Mgtd2j618diA8QjC7YgkxeOYRCLyG0UkEXRgwa3-N8k5xrhRhw1K5jNrP3mm8cwHU4qUJAzE9WrQRpdhxkdVFHSSDYJCbBYTPCAxY57ae8sHTCoCixgI42I6qOCDrN5BFKrrB3kbO7DofVHrKEcq6dTfsD3O1Vi0a37ezcpoL0t2kW25G_RK0WjciUgvPh_XeMn-QghneH6VatsaedjTMGQUKitnE9kNeXVFnTfTEdRVhio2qRKtxIbyhaG8EPemzUnitdzhdYxKq4_NO6GAm4fEa6w_8oh85XERfGVpv9I75TMdwO_ClqFw1bmf2rP_9uEbaWkKSl8CLIlK71d61Qg7wMg84vybIWovfrnEUcAr8r1pciFEo8cFEMYeWcIpwa2bBFSB-4cE4TumEO8sYJ3gC-O2wurUB6424m7Y-s6tSz_uYsAXMm4jMApLw_Bxc7owfiN7KgTgMBwI42qp93EEvYBt4esuyogMq_mBUx-lHna3gEMA7eK1FUEk7f74irc5nqardN8Pq4VUXeaG9jk6Uxdky3EAZtvjsGie1DjuqcrviHtcCd5UKaaoXqFfOZeCXdQ3DBwhtE_6cSa5rtoeOeIqFk0qwkfdntDlKT2jH51BV_FCx3WtOjFEYNQCocEWqdkjfHeNpZi7DlNRj3a5R4GAPJf1YbYPoXKDpbFIkg7D0F21FyaoTn5mO5uAjaRdrkvHcXIOVXYBUUVbhEIosf5o-mP3MKz0UumfidTmMPLf8ElPVhOI8jBgmfp_OZ7RtfZOge4FZY9WYDGu7UvtLblzLBGDCtQkrtFLcrA1l6J64N4KqspMULUoJHPlFJnKxeVNO9cCqyoUnh1RCs9aUjWHSM8w4OI32CdKvwyxxqbm77S_cevRQxux5P1fxvckAu-FkXukiEfwnSE-l0OQ-JA07sU0oVDVtFcYVCcxTJ4UWg379m3ufR42wbNkMK57dAeOe60-wrEvN9DAo3_kbG6fp0NdUrYxEA2seChEThuwuH2AItr7A4WIbl3hdrQx5_XkmMkGZ8wtV_GZ7unWJewQNtCxNOJSuuURnYno1Z3WTI_0tOYh1j9fT5oEFxviaXo1tOyjmokv0JlSw3Z-67l3mWM5kAcTFQgrsJnY8_3Lg8uSB1kQ5AQO27OgJLrmmpXc_Qi1fxiWHeXXomnsK-mZmSlVGn_mwOPncFK7iHw8BUxC8T8z_19PumMZGeLfXtkXrQspD1p9rXCuvUTvKJ98UZmxOK1S-yikOiFivTx_Kb9J5lNxD-Svsxbq1hpGgvvSE2df2vFdMeaghCtu-SzALwMFIn1IbUnxHFf7K069of2PIYzhiVtm4iBUJmnyS8fiPb4jhiYJmnR7EKXAr9yVoF3q2vQL7r-k75apmRPtetXF8tHNkIJIYWIRbJAUAfibhqyS003AFpbDFr9bQIPFrMEnhAHQNCMOEn5R5It8lMvX8IwzbajtWvlnYLGhGrC_Tq7ubmlmfyc-bkz0-x9EoHuHmUZNapbhOombyqUhJ1IFw-NEw1EqMFsg9fDy55SUpM41AyfJ4PjsXTJRsFSP0cYB6TX83J4fnnzzQmvyK6j1_SBazzzyYhEbzeEzSWSFTJJ1xXh97C7d0ACl1p2UNFKORN7A6hCODX1Eq1ETmTqqk9BRsW0tOevvndQOM4T562SkOKgTCtDjIvvtaoihoweXqwBDZMHkQT3ejzfl2M53re3-vdBLSUw54tDKmPEgDudtXpArAwibxzQ&cid=CAQSOwDICaaNzbOARm-VOycHUyo3ThKovRxUZbKeXASw1zhF8-twpttto_dJ7qxA5CyLM8z36nJ3E3SWRf1EGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=602172461534186400&adk=250412560&idt=73&cac=0&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 06:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
78265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11587
x-xss-protection
0
server
cafe
etag
192838463742493612
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 06:35:13 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6F8E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cz6_iYUcWNtBUn332pVCKLGMGC0wa-TuoQc_HLg6CyOzp5fA63pt7iQEPMjtHdEi_DEqVlZvSBuw571nEG0Z9MW9IruKCfM0hfcVOF7r6AUIq1v1TpLAy1eYCn8AF88FPYrgoKOUCBufzSomh9GqmBGzGO-zy4rhprfV8pbZyiuYHjrXQ&dbm_d=AKAmf-AFVwpyCKCLoIOZBWI0-RmxhaSUmXCRxRRGvyXrwFx0q44c_8C-hqG6faQ7qhWyqKebCNKSbFOs33G9lynae6PE-Fz5vkccDH4RMnaDhdLiYCOOky3nPzECpVwAkbhR3-7sdc5iKTkPz269gq_HgzNgNC7bAab-v9nafWodd4ORBVJM98-0R-h4J1Acpp8BiQCoVe9kdWh5fLtA5kydOvypHHkp68mJmYfQOhMWfJUgBTnjNwThh1mMN7POw11DMxL8IdZY6jWU3dTt64WwwsDqWIfMSd0bNybCDON-rvKQKTeI-hpOtxWNZ2aoP-cSz38rerTY4su_ytn9uv6_-ZobVv6LfFgvZspe8ji70eixa9UGYhBMjuOchbyVdQsjNPVgRrzUtV2o9ha5uq222gN7aJn-QVpi7QbYY4gNUJFcTFFIZ9IOxzjppo_oHw6RuO1hKtaJ7xkmg9UFl3l8pJMNjAquoIEUPejY3YYBkH1UuER_bQu9SDkwWTt6a7PRK49f3qCu3_A_rpJBrjWAEwmv7AmqKSxMHkZSpjFN5Z4mV2C_Op-eeQA6Ue4GWestRvBksxNSwJhJMS-8TAaaH6cKko1gCa0Xy6k9UPpLA2KVNhQYeJg6w55coDoLuebp5vcP1fG8MlzI_QNtUwNENSPphCofcMG8MYze37ELx1L_hZRl8k-vcF-4Lpo3mf_UUjnPNHAwFOnbJ1eQup0CX_rim1pYp6ISacaEyrjQHt5QmlGOawpeNEqAxRhg_46khFd0KPZGNmvHT6kEiHJabdUS_38NSAdDYR1_9_yo4L0U5pvej0OCtU0awJ92RP5DPKGjmo3V-9llUx7djYidjW7LJyPjQCRtl78cmhF5mykNIorRwqBsVW70liqJpUKgpArbiBuOWcKz9gq6r9LmI2tolEaD6F-eXZ2Flk1R7jE-8Enel5p5cQcXRJCEuUHbuxtCqCk9X06v9xDaK5hu8X1Zn6egLJHXqvYVkf_6pSbRmggEF5_5E6o3-XmwNWdAsZi-vWbOoTo92gRP-f0TmQ4RoJfJmrWqZSCEvMka8Iq1hnGOtj6x6B6Ce-s5zr05RrmzRxWLHGPrlelfvttTBaLVBv5B7chbAU1e4a4Cz3gamQqTbdna8SzN8bTds2iXRk96yxhnlYE42V0fF__b2DeKEP3r9SdbGtXx0m0DUFpiRh4yaPVN6S4lBUOBmdhAE4seurwRhXLz_xxnh6yxA7E0hLgvH-LHXWZlQTlI70EBEteSjJTPuGrBQ4_UsMfocsEGsGoJRrXWoJ8Tl6yYAtq6ZbNBAzyRryMNj-F6oYDu4SyWcygr_JtghVTscyyLg9v64oANL8NFtpJ7j_CKM3tx-UW7tkwKy0bvt7YFjW7vMjQSe0vNXA4XRf3kWTmobX9Dch05ES4jZvzDteBLpjfPoVlibfNYZO_7N0KVYo4NS_-Vy7EYwFId9BG-jhovL_Nr9rvgyntDyBzpa51Pced3Ku7CKaHwblAUtQhZF3wh1Y9qadxQjYeZ49z8cjLWHJ5aHC5EvTQi-JqLkKLquaI7AfUDrmAh7iMNp8c8mEjTHJ0whvjWi1T4kp7tJBa9CO2GfVAVbPIh1tHq9jjO2nTMdodvuT7rsV8LKXbAP8M9rkDyGc6-DbKGrZH4FHgD3zor22363NQpc9C2c8ux-flkgzbuCENFLWFeqT10ZIv-fKJfGUPbYiMOD7MrRcf_7c8bsO3utEPm9vxCOu3s-1ljiyfo1vtfQyfpmV71SxQAICtmYfmCNKTFsD2gpLF421H_N2qB9hF4gd8pzPypWYevxPOGQ9ySMQ2eOvqiwRLNosMTwdMYa6diRXuTkxUmOyVFAQIJuvoIwVg56KYOMfe3yEuwuVEBwfUmOLnyqFzE3RiNulNDjBEO2u7F42at76KzOJTwP1r2_9UEAAmpXcyWyP4zCGqnnhDNr2mik0M88i4wfdaGTnIIeQFObjNV2ZCkRrl1zIzSsY4HN_-hMYPq8sKhWdt1YtWS0R6mZOXwbtvHC2A1ZpYayibCo1e5cdbJ8ZxYANaQxEKJH751bSRVOdcSMpZUX2zMIgepII07RQlChRqg4BKcs72_aPw_SCQs1t3eFPlKUO7zVNdZQSAA6DUa8-tmgxNp2Dvmq-bbbFZ3-BtU4M7uAgBIkT7Ed0oVKPPMGTs7ZpbTQXM2CF7VWs63avcJ7NCz9jVL60rPPxeIYHyGlMAiJP8Cuif9narGsTLFLFhDpjR93fxFo_1FvHLD_S3Xhnwu1bZn1o9KhvAp3d1ZRE0Dc-TMwMz1HAQ1m3mi0qKvlgFYQ5FcGKmXwdbm3n7Hr-DBUvvC7RL2eqvc8LugPtwxjkYDEbfs0zB0Y5_Mgtd2j618diA8QjC7YgkxeOYRCLyG0UkEXRgwa3-N8k5xrhRhw1K5jNrP3mm8cwHU4qUJAzE9WrQRpdhxkdVFHSSDYJCbBYTPCAxY57ae8sHTCoCixgI42I6qOCDrN5BFKrrB3kbO7DofVHrKEcq6dTfsD3O1Vi0a37ezcpoL0t2kW25G_RK0WjciUgvPh_XeMn-QghneH6VatsaedjTMGQUKitnE9kNeXVFnTfTEdRVhio2qRKtxIbyhaG8EPemzUnitdzhdYxKq4_NO6GAm4fEa6w_8oh85XERfGVpv9I75TMdwO_ClqFw1bmf2rP_9uEbaWkKSl8CLIlK71d61Qg7wMg84vybIWovfrnEUcAr8r1pciFEo8cFEMYeWcIpwa2bBFSB-4cE4TumEO8sYJ3gC-O2wurUB6424m7Y-s6tSz_uYsAXMm4jMApLw_Bxc7owfiN7KgTgMBwI42qp93EEvYBt4esuyogMq_mBUx-lHna3gEMA7eK1FUEk7f74irc5nqardN8Pq4VUXeaG9jk6Uxdky3EAZtvjsGie1DjuqcrviHtcCd5UKaaoXqFfOZeCXdQ3DBwhtE_6cSa5rtoeOeIqFk0qwkfdntDlKT2jH51BV_FCx3WtOjFEYNQCocEWqdkjfHeNpZi7DlNRj3a5R4GAPJf1YbYPoXKDpbFIkg7D0F21FyaoTn5mO5uAjaRdrkvHcXIOVXYBUUVbhEIosf5o-mP3MKz0UumfidTmMPLf8ElPVhOI8jBgmfp_OZ7RtfZOge4FZY9WYDGu7UvtLblzLBGDCtQkrtFLcrA1l6J64N4KqspMULUoJHPlFJnKxeVNO9cCqyoUnh1RCs9aUjWHSM8w4OI32CdKvwyxxqbm77S_cevRQxux5P1fxvckAu-FkXukiEfwnSE-l0OQ-JA07sU0oVDVtFcYVCcxTJ4UWg379m3ufR42wbNkMK57dAeOe60-wrEvN9DAo3_kbG6fp0NdUrYxEA2seChEThuwuH2AItr7A4WIbl3hdrQx5_XkmMkGZ8wtV_GZ7unWJewQNtCxNOJSuuURnYno1Z3WTI_0tOYh1j9fT5oEFxviaXo1tOyjmokv0JlSw3Z-67l3mWM5kAcTFQgrsJnY8_3Lg8uSB1kQ5AQO27OgJLrmmpXc_Qi1fxiWHeXXomnsK-mZmSlVGn_mwOPncFK7iHw8BUxC8T8z_19PumMZGeLfXtkXrQspD1p9rXCuvUTvKJ98UZmxOK1S-yikOiFivTx_Kb9J5lNxD-Svsxbq1hpGgvvSE2df2vFdMeaghCtu-SzALwMFIn1IbUnxHFf7K069of2PIYzhiVtm4iBUJmnyS8fiPb4jhiYJmnR7EKXAr9yVoF3q2vQL7r-k75apmRPtetXF8tHNkIJIYWIRbJAUAfibhqyS003AFpbDFr9bQIPFrMEnhAHQNCMOEn5R5It8lMvX8IwzbajtWvlnYLGhGrC_Tq7ubmlmfyc-bkz0-x9EoHuHmUZNapbhOombyqUhJ1IFw-NEw1EqMFsg9fDy55SUpM41AyfJ4PjsXTJRsFSP0cYB6TX83J4fnnzzQmvyK6j1_SBazzzyYhEbzeEzSWSFTJJ1xXh97C7d0ACl1p2UNFKORN7A6hCODX1Eq1ETmTqqk9BRsW0tOevvndQOM4T562SkOKgTCtDjIvvtaoihoweXqwBDZMHkQT3ejzfl2M53re3-vdBLSUw54tDKmPEgDudtXpArAwibxzQ&cid=CAQSOwDICaaNzbOARm-VOycHUyo3ThKovRxUZbKeXASw1zhF8-twpttto_dJ7qxA5CyLM8z36nJ3E3SWRf1EGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=602172461534186400&adk=250412560&idt=73&cac=0&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
15556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 00:00:22 GMT
getcode.js
am.contobox.com/v3/frontend/creatives/ Frame 6F8E 		342 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/v3/frontend/creatives/getcode.js?ph_id=cbox_ph_7919310&zone_id=140322&nomraid=false&lid=%7B%22a%22%3A%22DBM%22%2C%22c%22%3A%2219637160449%22%2C%22e%22%3A%221%22%2C%22s%22%3A%22171470878862%22%2C%22d%22%3A%22%22%2C%22n%22%3A%22472343291%22%7D&sourceUrl=https%253A%252F%252Fwww.letsbeardown.com%252F&ifr=1&isSF=nosf&clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCCC2w2aEXZa6lHKGnoPMP_qSLsA79uNzrcoaIzvP1EJrV95-_ARABIN3J4H5g_aCZgegDoAHGy5TAAsgBCakC0b0OXZi2qD6oAwHIA5sEqgSuAk_Q9paNaiRz_qKT2dyz10dZzFW8SimfyFu0yhMdEAo9-D3k89lS4XaBqgYT0oO3u93rMZslTMX55AYwqEwZfiFVOrB8mz3-AeP2hjTXfvqLgYckW8mCEgQrJW8R9E-XfAOVhuCe2ZUqgOBU3QVBgKjNCGYiqKX4xavGa-JZ81kyWGzXaTmqD-IR4f94SWQj5wBq_7lzU6p3ta8yNeMmjLag9RYaO2OULTnGvxmXV43ZU1rRNbkQ9r6kEM9ukIlHZnazyWd5K1eATomVgd1UjJpPont_msdsYhrjpiMNJAWmm5ezDepVwINpCC5_F5COV5OJHCGofIasFfr2GfdrwJJQRHmy5wb2LavXb_946snQovLYLqFrzcu_xz4IJvcjTZ99ycLBPHzOnYUExwgUwASJhbjklgTgBAOIBYGU3ZNJkAYBoAZN2AYCgAeitOu_AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCICwpQSwCALSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNByA0B4g0TCOmygMu90YEDFaETaAgdftIC5rAT_ofzFNATANgTDYIUFhoUd3d3LmxldHNiZWFyZG93bi5jb23YFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMI7vWBy73RgQMVoRNoCB1-0gLmEAEYASAAEgKgr_D_BwE%2526num%253D1%2526cid%253DCAQSOwDICaaNzbOARm-VOycHUyo3ThKovRxUZbKeXASw1zhF8-twpttto_dJ7qxA5CyLM8z36nJ3E3SWRf1EGAE%2526sig%253DAOD64_0eE8PfMhafd7jCw2bpHH3tDNOyyg%2526client%253Dca-pub-9647836942103656%2526dbm_c%253DAKAmf-CK5yIQSZoBYHCX8iTBRRMTzReuuQJpSLCpLKYlNZf6yGQsgmRLd2RkZdu9slOHB-Na2-UngagrOc-NDbN0d6Ubxs1pPlHAklAbhWCJIeG5D83Cuio7RW30FYLpuS4vcNal2su2f08FZqfiFLYwx9B_DbTEw04jaoSNY_L95x43jEW1Vuk%2526dbm_d%253DAKAmf-A83Iohyp50Z9_JAN8u35aYf4S3-p2qdlO9-lhUOKsq57LpT17zZp3eAJmgxU4r68L2cCu5bmSZH6JJ1hxYfq7XX7H3futqd-9h8Gi5fv3j70CM7_P1wdnIBcBV9YkO853oTbA1ZAestBgEhc6k42mVweN_2kwryi4rP3Ol0ebcmahE-Mp2hWNoZnF0dFgeCnyEECcqVxH6Hsi8US5ucW9kqoJEWX3DEpCDD_U6_H3Ib3g3qothDs7YYblZqm7Mzq7i0ywE0mJEKt8NjQy_H4mSUrwMVLvYgsHFx0Ixc2WeCthMFVH5ueniZr7eTxb_eeMBwOYlM5KnAwicTtVffj26Be_gzxRBbEau96oTvEt_f43avGAYbrjT9deavNJ8WYogtQDE-fubTqXKM3qKQ4bY3whiaN-PvnIHNiOrHn2A8pbHZWBQy4UJuCmYQ4Kv7aUzk-bQXUhXJ0ZXItQ0TtCwC-jTHdils_Sn3cBwP7BrsF6DU4ahFwKZ2wOy27dkxJVCwtbEsnyfR9zl95BJgf4G1GpluubJyp9vHU9rcDV33oFETn4%2526adurl%253D&fromurl=https%3A%2F%2Fdee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fwww.letsbeardown.com%2F&dyno_tag_params=%7B%7D
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
/
Resource Hash
42bfa22673471da4706a87857a4e35a3053ff5fa6b3a12f13d9b3d9ff6a8a2ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
gzip
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
vary
Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
dswnLkNmKk7PenDcxU5IVY3eAAIGKzZ_QJtAwimIRWBPnnYhqOCRkQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F377 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

age
78072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 06:38:26 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 06:38:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6F8E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c5098d55718ef77198d850ac39f6eebaee857b6bb311a39cea1a0fb1a9c56e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 44AD 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5pZ-cslbRnK5c4VN5P1uZyv9g_u3G3yPGURMyYzQ3371HXi-1FPlV9bTfzc6uOpZtW928P2vVLLMp5rzrncXWZoMx9w&cry=1&dbm_d=AKAmf-Ap1WJe-xacydWV4w_MoWnFsKPqjsffXen-W5cUQL768b79MqVbUpkkp2kqcYQRUXlZw31bmuyYlm6wx88I7u5c5wIuWUvJQpRGaPhNKQGjZNcsX1utn0PSpQUph3qPZ_yC9n_h9LHRPMaL21JVIxfU421cEwRzlvPiwzJG1IxlBYr0Bp6yW3xq9qQxql1w8tKm0M8HxVFv-TgKspb80HXZCEl1yBsrj7BeMn4sHdfGeHNbyDEn1OkjGT8JQwMe495HcO2BVhIAXWWIR8Rd49bAO5Rv4Ns-dKcE7io24tSR8M-cRLy-ksKWqOHacR_TF9_6wZXjA4sKhLAcB18DlBK_6z3VJaSOVYJkr5x9SS-ZGAhjNecQu02tFMAWLwBaNTqlwOdWAylvFZ6hFj9sjZ52UU631ki4pL6N5HNR8CHoCcrivshgEKDkws-trGf5XvizAh81blFtqbQNo9vCE6EmsvsN0BgG0hBvoYW2-P0M6AgbBwHfq3Y1L4JnAjeTQCgi3jLXaMRLC2cqzEpmSjJRc1wAr0jSYw6h-xe5w_PRHAuy4rOgYBHlSJz7HS9Dayi27ajhzJneWQD-duOu5TKq3s3Wxqa6RVG7B31fQxIhkhKSwta5BGFdQBVfCyH9QB3vXm9kbd3d1VtrE98ALJyjta_O1ZZBeX7SujfgVbluilp4UiG9sTRzPyIM2OLPhvYr8ssrnlYSZfEaacTGnr4N_oBq7_zHuvffRiMNGvkBaTW7cmU_X0fPl-3lKeZkDuRCazTKjApp9LMvpaNaSmodrW_PkxRs9ZOXqsv3KB4B06ZVhwIMh6B-wpYVI5LppvbSdpPkYGAB7bUzFPWlcYzCL5gz4hZP4u0bdVraJFaUix5YYB0aQ67hDzBY5ZrLwJYB5phscqhTkUoqhaD4B7Lw4DxcZyh2CSwBhhDbLH140p9wNi_-z4lLnzb4YgHMe0Vf3zXYKe91alLGI7rtde6f-VtlFnhrhkm-LBO7GfBxARY-64K6PgbSX4xFl2tfCHER4H4LfAdCKdhnfGDWD896KMMXpTFDtERq0Z1_d9pZ4hNWpOIsb2q-_MCfIXuPZWzJ32xWyRekInskz4Lj7iRPs-OFsl7jNgAvxRWCZX-EvEs8TPiGKkV9hGiHBxPZs5yhple7IjH6L88m_ccP_qzGTEDRYOqyaILGDoJ2y8a0V7rhq2ngCJtL5R5yddeuiJf9o5Y62glkHMI-DoQu6MB74eorkIycFChlG2T-MfxXT7TUUM6WQshpkU_sDOItyP6930zVbxZUsolHxRanr4DzZLcSc-Ye44lJLDrELJo3bYSHYqu0c6sTL1YrsFzvnCD3vMPTMHqWCHb8HzV02Dj-8GdOLs4Gn_oLYtyTGS2GZ6wcekI4Btf15zdImweaz-fA_M4EI4l4Lgc27CLvmU7mU5QZoMuKxaDPJCL22LOTCMq-cHP0B9P8t9UJVhNKb0UQ3fQa-rlxGiHnqm9tXQLIsO088DcB5idvVjGBvme1Cq6bPIzydoh6ZhOazfgfymc0m68esMdmx4DtmrTwL6OLwzE6RzlSsgTVct4n8MDCuZbGi2ev-9Dbto_wmNGGpfWI7gHZJW-BhtdoBpDyOhif2D6vgE7ICL-24fFBY0xBM17C5vzpEsgrnqscTRpMGf3ckaJdGe_q5hr7OrVOEYEIF0E8rNwwT6Gjfc6MUq4JswFRD_qkGNDWh3X9uZs40Bffq7Ze7-hYA4o8sVeeuvgnvyl1pX6GYVZK3AbyHzy9M1N50GNichIV4fwJorRYtfrD-ovR7KJfWhmW2n3Uw1p7KGfAt5iOXc4DwdZZpvQRWqHlTjPazzNaVbxwS8rygfoI-Dpl-zDH2CgRhpqBI1cYnjvzkes1skvh1iodPVjm_kDx6CaTBUSd-ubZfwyFZR2LSTr05_-ApQhfh3eluSGPPFVrty8Mn2DXQqvxjX6EBwrUY6m24ASbmvb_2yeKTYydPYv9qwxg1iyO7E8w8qTmoIFJ5PNcxuo54HyqpFbbDIj-FCmbryv2yZGvIXxqluX-GlnhJ7bFO-8ttFk6uV2zqCPWf-0ahG-5kx5TYCFA309MAa3CWAME78uEIUAP1OTliUn4Pe_MD2-P2XV3r5Ix3Y_xAJNmhnERtGDGpnDvW9uBcVL6RBVX02KsR14ezJydaVmI6JkWTBTN36pZXPyF6cYkRuecI-bWJefxviSGz3fY2usWxsxiFxMDmDjyJNDz9YRIN0WCM0P2QkQQ-OY1OjUlsyr5akBathFUEmjEGqfC2spwr90SYyzxTanesD73McuIBqmaCSREOXhQQRa5Ow4lnGQ73OhUR_5XF2bJtQSJJJaYvIEf2zBza7BIZ7JMPx_HJOX2-xxi5nJ6JTZWrtisizrxZAozmQb2zLlJ5X4qYoNM3J9HWgqvu3fQ2FleVIJO27ig2muYgg1Q1SGkTIk4R_Y8VTFbkmh8GrMRmu7VsFRScJfseGbkgawXQZONPGRalpOdV45UgAshHS_OOtet2KssZ3NAl2KHtj9VuOx8JSOi-nlpQwQzEMa7k4LJ7211E8gdO4djIw4ZGJcWw6Nc66iBd_2EB6uuAb4kU4hZnBjTmlgzWP-qzOTicSQzZrISfw4ggctgUOSeFFbkm2q9vj2Fwru_iSVJCrK2ScMKSBiNQKspMyooxpJN6rHb3fPD6-Ti3RlNQ3ZRDXGZ2pOFK6Hp0uK2vgH_p_2lpfyBi4rUl39NmgoRzxKDWRUKuu28QRc8C1xXzsv-FPLC2Eqo5ms4MLBKwelXpMW_sdf_U06wKtBkVKWV_xdYO2DJSDgHvuCuFiesSGkr0WLpXwQCyP0roRsVEeJP5lznY18upgTGzeE0wT1rtsyS3TItFnXArNYpK9XKnTEJr4e6y2RKOzZDBbWYnXZxQsFx4hvh40Qcwmgn_KGoMqgP-YfEJvkMgJy9STTJ7EplTexdbWDVwO2EIEKfY02dI9vCyyHyV-zLLWGIk6rQxc9QdfOXpPDXcNE3tdqTx9c9rMVljVYuWNHAssLo9F9Es5Q1x2_CB6SiOCUhNiI-27n8q-GkGroZ2iigCWaU1nyEj8C9sHyMdlDIjumyz1NWgL_f9_ncHkJsMaajKFrezarZCEEz7waQMqNNOtaex4pHUk7Lier19y9enx7FIUaupRj_RQyKlh8aOmcRzC2EFfqR2pWVM0mindaSfXfHzY6Xi6K1zh2A6zxtBl-nlCRrrjJYU-Bl8GSgtNnwosayG6pB31DF3RtgU45_Uz4Re-zdK6QI7xpB045-ZOnrdC6uCJTRLNgcVNRM7wp60sdVdJbVcX0UlarJI8ULI--mLpC6NCARhNHqCD_JuMJ1vbbpXHagroApQJlgd95HpXi9j6rhSxIG5ilaiVDKvv0k5ikGPYay4prkpr9_xpUntxNNUthZ807cffZlzjpK1I8npN2a3WSsGP0iPBzfr_f6llevGkpuibcZMo-YglIrKcgaqGbzycsfLat_dpZkVMdiQ6tA0Vs2N35uPvVbNmXPqy49kDaC4D6txIc1olVIOV3CpDHinCoLHRrTJ2JM02bEeL6T00A8UEhMadktwecXcXVwl3A65IPY01Uc2WUpXu8YoUAFFBDNHgMiNF8_pS7x9E87Xb0YupMb0Qf9sbnsrJyiBnB-ft_0NKl526dWQWnD95uCdEZVe8akCVmC0eucBmlvODCOxS-GolvYJMQmKdXqXJTUvtAzCyJmcEwL7doYnh9JzTYOKOjdX96rfNwH9NIX_870D9rkn8daPhfVPYSZQex5hECQjKbTKj5skaEpOIgGjFjiSKIun6aneONVSth7r586wheALuRfCfi-hA8TmFcT7OcroagI9afQNZyrNsaJTBUQ7t43Kds8uf6V2SHFWrYVssFbQqaP9nhHL9ADNZtKbSl3fE4t0hr_p2g8FkePqdPGfS9AC5dqyBeqJTQIUMfTuoSC&cid=CAQSOwDICaaNDf5nEYJ4TJcYcyGdnvyG8n0UpoOdi48JSvI1Ko4W7ScMCDdY-D3SbPM4Ka1EO1quXRGW2BsnGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=12499470603616885000&adk=1964084972&idt=104&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 06:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
78265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11587
x-xss-protection
0
server
cafe
etag
192838463742493612
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 06:35:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 44AD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5pZ-cslbRnK5c4VN5P1uZyv9g_u3G3yPGURMyYzQ3371HXi-1FPlV9bTfzc6uOpZtW928P2vVLLMp5rzrncXWZoMx9w&cry=1&dbm_d=AKAmf-Ap1WJe-xacydWV4w_MoWnFsKPqjsffXen-W5cUQL768b79MqVbUpkkp2kqcYQRUXlZw31bmuyYlm6wx88I7u5c5wIuWUvJQpRGaPhNKQGjZNcsX1utn0PSpQUph3qPZ_yC9n_h9LHRPMaL21JVIxfU421cEwRzlvPiwzJG1IxlBYr0Bp6yW3xq9qQxql1w8tKm0M8HxVFv-TgKspb80HXZCEl1yBsrj7BeMn4sHdfGeHNbyDEn1OkjGT8JQwMe495HcO2BVhIAXWWIR8Rd49bAO5Rv4Ns-dKcE7io24tSR8M-cRLy-ksKWqOHacR_TF9_6wZXjA4sKhLAcB18DlBK_6z3VJaSOVYJkr5x9SS-ZGAhjNecQu02tFMAWLwBaNTqlwOdWAylvFZ6hFj9sjZ52UU631ki4pL6N5HNR8CHoCcrivshgEKDkws-trGf5XvizAh81blFtqbQNo9vCE6EmsvsN0BgG0hBvoYW2-P0M6AgbBwHfq3Y1L4JnAjeTQCgi3jLXaMRLC2cqzEpmSjJRc1wAr0jSYw6h-xe5w_PRHAuy4rOgYBHlSJz7HS9Dayi27ajhzJneWQD-duOu5TKq3s3Wxqa6RVG7B31fQxIhkhKSwta5BGFdQBVfCyH9QB3vXm9kbd3d1VtrE98ALJyjta_O1ZZBeX7SujfgVbluilp4UiG9sTRzPyIM2OLPhvYr8ssrnlYSZfEaacTGnr4N_oBq7_zHuvffRiMNGvkBaTW7cmU_X0fPl-3lKeZkDuRCazTKjApp9LMvpaNaSmodrW_PkxRs9ZOXqsv3KB4B06ZVhwIMh6B-wpYVI5LppvbSdpPkYGAB7bUzFPWlcYzCL5gz4hZP4u0bdVraJFaUix5YYB0aQ67hDzBY5ZrLwJYB5phscqhTkUoqhaD4B7Lw4DxcZyh2CSwBhhDbLH140p9wNi_-z4lLnzb4YgHMe0Vf3zXYKe91alLGI7rtde6f-VtlFnhrhkm-LBO7GfBxARY-64K6PgbSX4xFl2tfCHER4H4LfAdCKdhnfGDWD896KMMXpTFDtERq0Z1_d9pZ4hNWpOIsb2q-_MCfIXuPZWzJ32xWyRekInskz4Lj7iRPs-OFsl7jNgAvxRWCZX-EvEs8TPiGKkV9hGiHBxPZs5yhple7IjH6L88m_ccP_qzGTEDRYOqyaILGDoJ2y8a0V7rhq2ngCJtL5R5yddeuiJf9o5Y62glkHMI-DoQu6MB74eorkIycFChlG2T-MfxXT7TUUM6WQshpkU_sDOItyP6930zVbxZUsolHxRanr4DzZLcSc-Ye44lJLDrELJo3bYSHYqu0c6sTL1YrsFzvnCD3vMPTMHqWCHb8HzV02Dj-8GdOLs4Gn_oLYtyTGS2GZ6wcekI4Btf15zdImweaz-fA_M4EI4l4Lgc27CLvmU7mU5QZoMuKxaDPJCL22LOTCMq-cHP0B9P8t9UJVhNKb0UQ3fQa-rlxGiHnqm9tXQLIsO088DcB5idvVjGBvme1Cq6bPIzydoh6ZhOazfgfymc0m68esMdmx4DtmrTwL6OLwzE6RzlSsgTVct4n8MDCuZbGi2ev-9Dbto_wmNGGpfWI7gHZJW-BhtdoBpDyOhif2D6vgE7ICL-24fFBY0xBM17C5vzpEsgrnqscTRpMGf3ckaJdGe_q5hr7OrVOEYEIF0E8rNwwT6Gjfc6MUq4JswFRD_qkGNDWh3X9uZs40Bffq7Ze7-hYA4o8sVeeuvgnvyl1pX6GYVZK3AbyHzy9M1N50GNichIV4fwJorRYtfrD-ovR7KJfWhmW2n3Uw1p7KGfAt5iOXc4DwdZZpvQRWqHlTjPazzNaVbxwS8rygfoI-Dpl-zDH2CgRhpqBI1cYnjvzkes1skvh1iodPVjm_kDx6CaTBUSd-ubZfwyFZR2LSTr05_-ApQhfh3eluSGPPFVrty8Mn2DXQqvxjX6EBwrUY6m24ASbmvb_2yeKTYydPYv9qwxg1iyO7E8w8qTmoIFJ5PNcxuo54HyqpFbbDIj-FCmbryv2yZGvIXxqluX-GlnhJ7bFO-8ttFk6uV2zqCPWf-0ahG-5kx5TYCFA309MAa3CWAME78uEIUAP1OTliUn4Pe_MD2-P2XV3r5Ix3Y_xAJNmhnERtGDGpnDvW9uBcVL6RBVX02KsR14ezJydaVmI6JkWTBTN36pZXPyF6cYkRuecI-bWJefxviSGz3fY2usWxsxiFxMDmDjyJNDz9YRIN0WCM0P2QkQQ-OY1OjUlsyr5akBathFUEmjEGqfC2spwr90SYyzxTanesD73McuIBqmaCSREOXhQQRa5Ow4lnGQ73OhUR_5XF2bJtQSJJJaYvIEf2zBza7BIZ7JMPx_HJOX2-xxi5nJ6JTZWrtisizrxZAozmQb2zLlJ5X4qYoNM3J9HWgqvu3fQ2FleVIJO27ig2muYgg1Q1SGkTIk4R_Y8VTFbkmh8GrMRmu7VsFRScJfseGbkgawXQZONPGRalpOdV45UgAshHS_OOtet2KssZ3NAl2KHtj9VuOx8JSOi-nlpQwQzEMa7k4LJ7211E8gdO4djIw4ZGJcWw6Nc66iBd_2EB6uuAb4kU4hZnBjTmlgzWP-qzOTicSQzZrISfw4ggctgUOSeFFbkm2q9vj2Fwru_iSVJCrK2ScMKSBiNQKspMyooxpJN6rHb3fPD6-Ti3RlNQ3ZRDXGZ2pOFK6Hp0uK2vgH_p_2lpfyBi4rUl39NmgoRzxKDWRUKuu28QRc8C1xXzsv-FPLC2Eqo5ms4MLBKwelXpMW_sdf_U06wKtBkVKWV_xdYO2DJSDgHvuCuFiesSGkr0WLpXwQCyP0roRsVEeJP5lznY18upgTGzeE0wT1rtsyS3TItFnXArNYpK9XKnTEJr4e6y2RKOzZDBbWYnXZxQsFx4hvh40Qcwmgn_KGoMqgP-YfEJvkMgJy9STTJ7EplTexdbWDVwO2EIEKfY02dI9vCyyHyV-zLLWGIk6rQxc9QdfOXpPDXcNE3tdqTx9c9rMVljVYuWNHAssLo9F9Es5Q1x2_CB6SiOCUhNiI-27n8q-GkGroZ2iigCWaU1nyEj8C9sHyMdlDIjumyz1NWgL_f9_ncHkJsMaajKFrezarZCEEz7waQMqNNOtaex4pHUk7Lier19y9enx7FIUaupRj_RQyKlh8aOmcRzC2EFfqR2pWVM0mindaSfXfHzY6Xi6K1zh2A6zxtBl-nlCRrrjJYU-Bl8GSgtNnwosayG6pB31DF3RtgU45_Uz4Re-zdK6QI7xpB045-ZOnrdC6uCJTRLNgcVNRM7wp60sdVdJbVcX0UlarJI8ULI--mLpC6NCARhNHqCD_JuMJ1vbbpXHagroApQJlgd95HpXi9j6rhSxIG5ilaiVDKvv0k5ikGPYay4prkpr9_xpUntxNNUthZ807cffZlzjpK1I8npN2a3WSsGP0iPBzfr_f6llevGkpuibcZMo-YglIrKcgaqGbzycsfLat_dpZkVMdiQ6tA0Vs2N35uPvVbNmXPqy49kDaC4D6txIc1olVIOV3CpDHinCoLHRrTJ2JM02bEeL6T00A8UEhMadktwecXcXVwl3A65IPY01Uc2WUpXu8YoUAFFBDNHgMiNF8_pS7x9E87Xb0YupMb0Qf9sbnsrJyiBnB-ft_0NKl526dWQWnD95uCdEZVe8akCVmC0eucBmlvODCOxS-GolvYJMQmKdXqXJTUvtAzCyJmcEwL7doYnh9JzTYOKOjdX96rfNwH9NIX_870D9rkn8daPhfVPYSZQex5hECQjKbTKj5skaEpOIgGjFjiSKIun6aneONVSth7r586wheALuRfCfi-hA8TmFcT7OcroagI9afQNZyrNsaJTBUQ7t43Kds8uf6V2SHFWrYVssFbQqaP9nhHL9ADNZtKbSl3fE4t0hr_p2g8FkePqdPGfS9AC5dqyBeqJTQIUMfTuoSC&cid=CAQSOwDICaaNDf5nEYJ4TJcYcyGdnvyG8n0UpoOdi48JSvI1Ko4W7ScMCDdY-D3SbPM4Ka1EO1quXRGW2BsnGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=12499470603616885000&adk=1964084972&idt=104&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 06:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
79754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 06:10:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 44AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstn4Tp9-bPg0gTTPnEt6n42B_g1v427fVlXTLSw34Z4fBtSZQ7Hlx9DUl7952AOkIh0nNWC8iOxxWjP4egS8Uh9gj6s3ZNIUHkj8OPRfcLFbBfWSJKUDsbbtoYQEOzZKf9TQQj6DdSe4JVL-J7X38P0IsXP1ldR_jCWhumx0TYiZRKIJzaLX1Pfbt-Tw4BRkBACcVX2JvGCWP4_nYYIPeMoT-OqazMbG-j1XT5sSmga8_jKYLrZWCdHOYW-QTE3-Z5uxzS5WtkmmoQGpc7VRpuuhwXPXU0X0qQ8WBnbx-SzRNgCidQkDnouuE3V72haG1Sj_RaKq0-7dffvgufeygrDCycbobQWITK2mTFf97cI1K-fXsXpPhnrw87Yif3GR4vs-IaOiSptVsSs6csgS-w6Jrpj0LrvmZ4CmeEu-naFGTPmyTRX6LeqwF1vUKHTTINEu4o4b9JB0m7Eb4pQA5-zoVw6SNzefSkNOltkRtDv4Fru3ukrSL63bDQoB5p6A-rxprpWmgwOTVPVUWGurPxM6DHRl1oiVX821wI2zSszbvLjYnSr-KJxaamuzB2WmBnXGLdHRwbZUFlS8Br7f--QETdH-8cSE9i_T9Dbk2iylqrXhQM50X1R3uceSfJJZkHfEHQT-Td0JNalSsa480tOsHcRqkI0q7Cw8kgJZqE1Z5bDYCx8mevdFDSoOAkdrCSlpmsDXPv43MeTiwFclqu-QwLGi77DQ41_QibDg1NqTsZ6Nn_PI3xhpzsKWnPkGbAeJ_AZXIlzB73YG51-lhc_lx366ST1kq5KeTJaGZFSbKIOKcOucyoc_uG3bu5BhM3ZzxeCIj04zwqR38JA3DUgDLuAFq4ZWVcKEHvroXN-80F90palRtmMZ6WoD6G-4iocdhQYBCX8EbKdNNi0jQhz1NxFPvF9K--YbMkGKjSeV5TAVGLrw_luZQmWMUQBCRNhc_pTE5JSiGjLE9mwyNGSJcvVhPjga8u2hcdoqkFJgDHoXTw7gtjqDRibDvCcol8zGnCiXMg3qpmqi9D1m67OnVCkoqBtozvS76U4pyl6P-mx2fbhcyj5nS9H1YhqG7mTVzrFL9CiW4X8VVD9lFfSnFvkJ829JYmZ_fTD_BfcBh-6ka8JtKUOHDKQrT6Cea1P1rtgFCZ-KLO5SHygLeAj-xuAVs2lYhl4AcX58wrRBItvdwLIlB3SbyJjaGf6nux-B8P6HRN42DjMFGa_M-FKKwpHXYXUu0QF6cCdFmSlg6pFCuTfEKHKntHE0xIYMLDamFgSusEek98CoiozY3OkUV6m-dmVNyvYZh-lp6G8JlYE7LNJ6np7ip5a-bdIpuixLEEi-KHXyFuarAA2sBbXvvSR4AFZVavrgulO2gyQP5yguDAafPaSigeH7Tz7ZHO1Rmsmw2YyfM70JG0zfgptUqsCcu8kXknrDvLCOLmB_NlA2VJ-ftNmnlLtoKGbNGMGzd2R3FDRdMb-TB7emQ-VbwdetBxpfdQYTDkorhHhKmb1AsTf1U9dQPaj0HlUgdCIEw&sai=AMfl-YQXGmF76Jt0Etyvw4t7IL-w6Dx7mlzyxR84fqPW4e3NvEEPZazoIPwqQdKfI-8zqwpFBgSvMWGOXYkYL3bGEohCgoRzX7vFrHov5ryhLBX2s5tRJGOSamqD1_aMjZmKcPI6FS8zUPsaXsuziH3GsTM8pNcLmsyta3oNeS65QB3GEQYTQ5pmqMPmObosCqt-3QU1ane9SyUDzTbwq9luU6UUk5eI8KsWgRA8CvJsLtaDAR7HTkKQnSYw-gMA4h9JgSfP&sig=Cg0ArKJSzDq4JgoxQsaxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230927.54978&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5pZ-cslbRnK5c4VN5P1uZyv9g_u3G3yPGURMyYzQ3371HXi-1FPlV9bTfzc6uOpZtW928P2vVLLMp5rzrncXWZoMx9w&cry=1&dbm_d=AKAmf-Ap1WJe-xacydWV4w_MoWnFsKPqjsffXen-W5cUQL768b79MqVbUpkkp2kqcYQRUXlZw31bmuyYlm6wx88I7u5c5wIuWUvJQpRGaPhNKQGjZNcsX1utn0PSpQUph3qPZ_yC9n_h9LHRPMaL21JVIxfU421cEwRzlvPiwzJG1IxlBYr0Bp6yW3xq9qQxql1w8tKm0M8HxVFv-TgKspb80HXZCEl1yBsrj7BeMn4sHdfGeHNbyDEn1OkjGT8JQwMe495HcO2BVhIAXWWIR8Rd49bAO5Rv4Ns-dKcE7io24tSR8M-cRLy-ksKWqOHacR_TF9_6wZXjA4sKhLAcB18DlBK_6z3VJaSOVYJkr5x9SS-ZGAhjNecQu02tFMAWLwBaNTqlwOdWAylvFZ6hFj9sjZ52UU631ki4pL6N5HNR8CHoCcrivshgEKDkws-trGf5XvizAh81blFtqbQNo9vCE6EmsvsN0BgG0hBvoYW2-P0M6AgbBwHfq3Y1L4JnAjeTQCgi3jLXaMRLC2cqzEpmSjJRc1wAr0jSYw6h-xe5w_PRHAuy4rOgYBHlSJz7HS9Dayi27ajhzJneWQD-duOu5TKq3s3Wxqa6RVG7B31fQxIhkhKSwta5BGFdQBVfCyH9QB3vXm9kbd3d1VtrE98ALJyjta_O1ZZBeX7SujfgVbluilp4UiG9sTRzPyIM2OLPhvYr8ssrnlYSZfEaacTGnr4N_oBq7_zHuvffRiMNGvkBaTW7cmU_X0fPl-3lKeZkDuRCazTKjApp9LMvpaNaSmodrW_PkxRs9ZOXqsv3KB4B06ZVhwIMh6B-wpYVI5LppvbSdpPkYGAB7bUzFPWlcYzCL5gz4hZP4u0bdVraJFaUix5YYB0aQ67hDzBY5ZrLwJYB5phscqhTkUoqhaD4B7Lw4DxcZyh2CSwBhhDbLH140p9wNi_-z4lLnzb4YgHMe0Vf3zXYKe91alLGI7rtde6f-VtlFnhrhkm-LBO7GfBxARY-64K6PgbSX4xFl2tfCHER4H4LfAdCKdhnfGDWD896KMMXpTFDtERq0Z1_d9pZ4hNWpOIsb2q-_MCfIXuPZWzJ32xWyRekInskz4Lj7iRPs-OFsl7jNgAvxRWCZX-EvEs8TPiGKkV9hGiHBxPZs5yhple7IjH6L88m_ccP_qzGTEDRYOqyaILGDoJ2y8a0V7rhq2ngCJtL5R5yddeuiJf9o5Y62glkHMI-DoQu6MB74eorkIycFChlG2T-MfxXT7TUUM6WQshpkU_sDOItyP6930zVbxZUsolHxRanr4DzZLcSc-Ye44lJLDrELJo3bYSHYqu0c6sTL1YrsFzvnCD3vMPTMHqWCHb8HzV02Dj-8GdOLs4Gn_oLYtyTGS2GZ6wcekI4Btf15zdImweaz-fA_M4EI4l4Lgc27CLvmU7mU5QZoMuKxaDPJCL22LOTCMq-cHP0B9P8t9UJVhNKb0UQ3fQa-rlxGiHnqm9tXQLIsO088DcB5idvVjGBvme1Cq6bPIzydoh6ZhOazfgfymc0m68esMdmx4DtmrTwL6OLwzE6RzlSsgTVct4n8MDCuZbGi2ev-9Dbto_wmNGGpfWI7gHZJW-BhtdoBpDyOhif2D6vgE7ICL-24fFBY0xBM17C5vzpEsgrnqscTRpMGf3ckaJdGe_q5hr7OrVOEYEIF0E8rNwwT6Gjfc6MUq4JswFRD_qkGNDWh3X9uZs40Bffq7Ze7-hYA4o8sVeeuvgnvyl1pX6GYVZK3AbyHzy9M1N50GNichIV4fwJorRYtfrD-ovR7KJfWhmW2n3Uw1p7KGfAt5iOXc4DwdZZpvQRWqHlTjPazzNaVbxwS8rygfoI-Dpl-zDH2CgRhpqBI1cYnjvzkes1skvh1iodPVjm_kDx6CaTBUSd-ubZfwyFZR2LSTr05_-ApQhfh3eluSGPPFVrty8Mn2DXQqvxjX6EBwrUY6m24ASbmvb_2yeKTYydPYv9qwxg1iyO7E8w8qTmoIFJ5PNcxuo54HyqpFbbDIj-FCmbryv2yZGvIXxqluX-GlnhJ7bFO-8ttFk6uV2zqCPWf-0ahG-5kx5TYCFA309MAa3CWAME78uEIUAP1OTliUn4Pe_MD2-P2XV3r5Ix3Y_xAJNmhnERtGDGpnDvW9uBcVL6RBVX02KsR14ezJydaVmI6JkWTBTN36pZXPyF6cYkRuecI-bWJefxviSGz3fY2usWxsxiFxMDmDjyJNDz9YRIN0WCM0P2QkQQ-OY1OjUlsyr5akBathFUEmjEGqfC2spwr90SYyzxTanesD73McuIBqmaCSREOXhQQRa5Ow4lnGQ73OhUR_5XF2bJtQSJJJaYvIEf2zBza7BIZ7JMPx_HJOX2-xxi5nJ6JTZWrtisizrxZAozmQb2zLlJ5X4qYoNM3J9HWgqvu3fQ2FleVIJO27ig2muYgg1Q1SGkTIk4R_Y8VTFbkmh8GrMRmu7VsFRScJfseGbkgawXQZONPGRalpOdV45UgAshHS_OOtet2KssZ3NAl2KHtj9VuOx8JSOi-nlpQwQzEMa7k4LJ7211E8gdO4djIw4ZGJcWw6Nc66iBd_2EB6uuAb4kU4hZnBjTmlgzWP-qzOTicSQzZrISfw4ggctgUOSeFFbkm2q9vj2Fwru_iSVJCrK2ScMKSBiNQKspMyooxpJN6rHb3fPD6-Ti3RlNQ3ZRDXGZ2pOFK6Hp0uK2vgH_p_2lpfyBi4rUl39NmgoRzxKDWRUKuu28QRc8C1xXzsv-FPLC2Eqo5ms4MLBKwelXpMW_sdf_U06wKtBkVKWV_xdYO2DJSDgHvuCuFiesSGkr0WLpXwQCyP0roRsVEeJP5lznY18upgTGzeE0wT1rtsyS3TItFnXArNYpK9XKnTEJr4e6y2RKOzZDBbWYnXZxQsFx4hvh40Qcwmgn_KGoMqgP-YfEJvkMgJy9STTJ7EplTexdbWDVwO2EIEKfY02dI9vCyyHyV-zLLWGIk6rQxc9QdfOXpPDXcNE3tdqTx9c9rMVljVYuWNHAssLo9F9Es5Q1x2_CB6SiOCUhNiI-27n8q-GkGroZ2iigCWaU1nyEj8C9sHyMdlDIjumyz1NWgL_f9_ncHkJsMaajKFrezarZCEEz7waQMqNNOtaex4pHUk7Lier19y9enx7FIUaupRj_RQyKlh8aOmcRzC2EFfqR2pWVM0mindaSfXfHzY6Xi6K1zh2A6zxtBl-nlCRrrjJYU-Bl8GSgtNnwosayG6pB31DF3RtgU45_Uz4Re-zdK6QI7xpB045-ZOnrdC6uCJTRLNgcVNRM7wp60sdVdJbVcX0UlarJI8ULI--mLpC6NCARhNHqCD_JuMJ1vbbpXHagroApQJlgd95HpXi9j6rhSxIG5ilaiVDKvv0k5ikGPYay4prkpr9_xpUntxNNUthZ807cffZlzjpK1I8npN2a3WSsGP0iPBzfr_f6llevGkpuibcZMo-YglIrKcgaqGbzycsfLat_dpZkVMdiQ6tA0Vs2N35uPvVbNmXPqy49kDaC4D6txIc1olVIOV3CpDHinCoLHRrTJ2JM02bEeL6T00A8UEhMadktwecXcXVwl3A65IPY01Uc2WUpXu8YoUAFFBDNHgMiNF8_pS7x9E87Xb0YupMb0Qf9sbnsrJyiBnB-ft_0NKl526dWQWnD95uCdEZVe8akCVmC0eucBmlvODCOxS-GolvYJMQmKdXqXJTUvtAzCyJmcEwL7doYnh9JzTYOKOjdX96rfNwH9NIX_870D9rkn8daPhfVPYSZQex5hECQjKbTKj5skaEpOIgGjFjiSKIun6aneONVSth7r586wheALuRfCfi-hA8TmFcT7OcroagI9afQNZyrNsaJTBUQ7t43Kds8uf6V2SHFWrYVssFbQqaP9nhHL9ADNZtKbSl3fE4t0hr_p2g8FkePqdPGfS9AC5dqyBeqJTQIUMfTuoSC&cid=CAQSOwDICaaNDf5nEYJ4TJcYcyGdnvyG8n0UpoOdi48JSvI1Ko4W7ScMCDdY-D3SbPM4Ka1EO1quXRGW2BsnGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=12499470603616885000&adk=1964084972&idt=104&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 44AD 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5pZ-cslbRnK5c4VN5P1uZyv9g_u3G3yPGURMyYzQ3371HXi-1FPlV9bTfzc6uOpZtW928P2vVLLMp5rzrncXWZoMx9w&cry=1&dbm_d=AKAmf-Ap1WJe-xacydWV4w_MoWnFsKPqjsffXen-W5cUQL768b79MqVbUpkkp2kqcYQRUXlZw31bmuyYlm6wx88I7u5c5wIuWUvJQpRGaPhNKQGjZNcsX1utn0PSpQUph3qPZ_yC9n_h9LHRPMaL21JVIxfU421cEwRzlvPiwzJG1IxlBYr0Bp6yW3xq9qQxql1w8tKm0M8HxVFv-TgKspb80HXZCEl1yBsrj7BeMn4sHdfGeHNbyDEn1OkjGT8JQwMe495HcO2BVhIAXWWIR8Rd49bAO5Rv4Ns-dKcE7io24tSR8M-cRLy-ksKWqOHacR_TF9_6wZXjA4sKhLAcB18DlBK_6z3VJaSOVYJkr5x9SS-ZGAhjNecQu02tFMAWLwBaNTqlwOdWAylvFZ6hFj9sjZ52UU631ki4pL6N5HNR8CHoCcrivshgEKDkws-trGf5XvizAh81blFtqbQNo9vCE6EmsvsN0BgG0hBvoYW2-P0M6AgbBwHfq3Y1L4JnAjeTQCgi3jLXaMRLC2cqzEpmSjJRc1wAr0jSYw6h-xe5w_PRHAuy4rOgYBHlSJz7HS9Dayi27ajhzJneWQD-duOu5TKq3s3Wxqa6RVG7B31fQxIhkhKSwta5BGFdQBVfCyH9QB3vXm9kbd3d1VtrE98ALJyjta_O1ZZBeX7SujfgVbluilp4UiG9sTRzPyIM2OLPhvYr8ssrnlYSZfEaacTGnr4N_oBq7_zHuvffRiMNGvkBaTW7cmU_X0fPl-3lKeZkDuRCazTKjApp9LMvpaNaSmodrW_PkxRs9ZOXqsv3KB4B06ZVhwIMh6B-wpYVI5LppvbSdpPkYGAB7bUzFPWlcYzCL5gz4hZP4u0bdVraJFaUix5YYB0aQ67hDzBY5ZrLwJYB5phscqhTkUoqhaD4B7Lw4DxcZyh2CSwBhhDbLH140p9wNi_-z4lLnzb4YgHMe0Vf3zXYKe91alLGI7rtde6f-VtlFnhrhkm-LBO7GfBxARY-64K6PgbSX4xFl2tfCHER4H4LfAdCKdhnfGDWD896KMMXpTFDtERq0Z1_d9pZ4hNWpOIsb2q-_MCfIXuPZWzJ32xWyRekInskz4Lj7iRPs-OFsl7jNgAvxRWCZX-EvEs8TPiGKkV9hGiHBxPZs5yhple7IjH6L88m_ccP_qzGTEDRYOqyaILGDoJ2y8a0V7rhq2ngCJtL5R5yddeuiJf9o5Y62glkHMI-DoQu6MB74eorkIycFChlG2T-MfxXT7TUUM6WQshpkU_sDOItyP6930zVbxZUsolHxRanr4DzZLcSc-Ye44lJLDrELJo3bYSHYqu0c6sTL1YrsFzvnCD3vMPTMHqWCHb8HzV02Dj-8GdOLs4Gn_oLYtyTGS2GZ6wcekI4Btf15zdImweaz-fA_M4EI4l4Lgc27CLvmU7mU5QZoMuKxaDPJCL22LOTCMq-cHP0B9P8t9UJVhNKb0UQ3fQa-rlxGiHnqm9tXQLIsO088DcB5idvVjGBvme1Cq6bPIzydoh6ZhOazfgfymc0m68esMdmx4DtmrTwL6OLwzE6RzlSsgTVct4n8MDCuZbGi2ev-9Dbto_wmNGGpfWI7gHZJW-BhtdoBpDyOhif2D6vgE7ICL-24fFBY0xBM17C5vzpEsgrnqscTRpMGf3ckaJdGe_q5hr7OrVOEYEIF0E8rNwwT6Gjfc6MUq4JswFRD_qkGNDWh3X9uZs40Bffq7Ze7-hYA4o8sVeeuvgnvyl1pX6GYVZK3AbyHzy9M1N50GNichIV4fwJorRYtfrD-ovR7KJfWhmW2n3Uw1p7KGfAt5iOXc4DwdZZpvQRWqHlTjPazzNaVbxwS8rygfoI-Dpl-zDH2CgRhpqBI1cYnjvzkes1skvh1iodPVjm_kDx6CaTBUSd-ubZfwyFZR2LSTr05_-ApQhfh3eluSGPPFVrty8Mn2DXQqvxjX6EBwrUY6m24ASbmvb_2yeKTYydPYv9qwxg1iyO7E8w8qTmoIFJ5PNcxuo54HyqpFbbDIj-FCmbryv2yZGvIXxqluX-GlnhJ7bFO-8ttFk6uV2zqCPWf-0ahG-5kx5TYCFA309MAa3CWAME78uEIUAP1OTliUn4Pe_MD2-P2XV3r5Ix3Y_xAJNmhnERtGDGpnDvW9uBcVL6RBVX02KsR14ezJydaVmI6JkWTBTN36pZXPyF6cYkRuecI-bWJefxviSGz3fY2usWxsxiFxMDmDjyJNDz9YRIN0WCM0P2QkQQ-OY1OjUlsyr5akBathFUEmjEGqfC2spwr90SYyzxTanesD73McuIBqmaCSREOXhQQRa5Ow4lnGQ73OhUR_5XF2bJtQSJJJaYvIEf2zBza7BIZ7JMPx_HJOX2-xxi5nJ6JTZWrtisizrxZAozmQb2zLlJ5X4qYoNM3J9HWgqvu3fQ2FleVIJO27ig2muYgg1Q1SGkTIk4R_Y8VTFbkmh8GrMRmu7VsFRScJfseGbkgawXQZONPGRalpOdV45UgAshHS_OOtet2KssZ3NAl2KHtj9VuOx8JSOi-nlpQwQzEMa7k4LJ7211E8gdO4djIw4ZGJcWw6Nc66iBd_2EB6uuAb4kU4hZnBjTmlgzWP-qzOTicSQzZrISfw4ggctgUOSeFFbkm2q9vj2Fwru_iSVJCrK2ScMKSBiNQKspMyooxpJN6rHb3fPD6-Ti3RlNQ3ZRDXGZ2pOFK6Hp0uK2vgH_p_2lpfyBi4rUl39NmgoRzxKDWRUKuu28QRc8C1xXzsv-FPLC2Eqo5ms4MLBKwelXpMW_sdf_U06wKtBkVKWV_xdYO2DJSDgHvuCuFiesSGkr0WLpXwQCyP0roRsVEeJP5lznY18upgTGzeE0wT1rtsyS3TItFnXArNYpK9XKnTEJr4e6y2RKOzZDBbWYnXZxQsFx4hvh40Qcwmgn_KGoMqgP-YfEJvkMgJy9STTJ7EplTexdbWDVwO2EIEKfY02dI9vCyyHyV-zLLWGIk6rQxc9QdfOXpPDXcNE3tdqTx9c9rMVljVYuWNHAssLo9F9Es5Q1x2_CB6SiOCUhNiI-27n8q-GkGroZ2iigCWaU1nyEj8C9sHyMdlDIjumyz1NWgL_f9_ncHkJsMaajKFrezarZCEEz7waQMqNNOtaex4pHUk7Lier19y9enx7FIUaupRj_RQyKlh8aOmcRzC2EFfqR2pWVM0mindaSfXfHzY6Xi6K1zh2A6zxtBl-nlCRrrjJYU-Bl8GSgtNnwosayG6pB31DF3RtgU45_Uz4Re-zdK6QI7xpB045-ZOnrdC6uCJTRLNgcVNRM7wp60sdVdJbVcX0UlarJI8ULI--mLpC6NCARhNHqCD_JuMJ1vbbpXHagroApQJlgd95HpXi9j6rhSxIG5ilaiVDKvv0k5ikGPYay4prkpr9_xpUntxNNUthZ807cffZlzjpK1I8npN2a3WSsGP0iPBzfr_f6llevGkpuibcZMo-YglIrKcgaqGbzycsfLat_dpZkVMdiQ6tA0Vs2N35uPvVbNmXPqy49kDaC4D6txIc1olVIOV3CpDHinCoLHRrTJ2JM02bEeL6T00A8UEhMadktwecXcXVwl3A65IPY01Uc2WUpXu8YoUAFFBDNHgMiNF8_pS7x9E87Xb0YupMb0Qf9sbnsrJyiBnB-ft_0NKl526dWQWnD95uCdEZVe8akCVmC0eucBmlvODCOxS-GolvYJMQmKdXqXJTUvtAzCyJmcEwL7doYnh9JzTYOKOjdX96rfNwH9NIX_870D9rkn8daPhfVPYSZQex5hECQjKbTKj5skaEpOIgGjFjiSKIun6aneONVSth7r586wheALuRfCfi-hA8TmFcT7OcroagI9afQNZyrNsaJTBUQ7t43Kds8uf6V2SHFWrYVssFbQqaP9nhHL9ADNZtKbSl3fE4t0hr_p2g8FkePqdPGfS9AC5dqyBeqJTQIUMfTuoSC&cid=CAQSOwDICaaNDf5nEYJ4TJcYcyGdnvyG8n0UpoOdi48JSvI1Ko4W7ScMCDdY-D3SbPM4Ka1EO1quXRGW2BsnGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=12499470603616885000&adk=1964084972&idt=104&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
15556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 00:00:22 GMT
12612956338309594986
s0.2mdn.net/simgad/ Frame 44AD 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12612956338309594986
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f148.1e100.net
Software
sffe /
Resource Hash
83870583abadeefc02653eea60e93a24a7845fc2ef14a7d3de1ab9e2987fcb75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 23:12:14 GMT
x-content-type-options
nosniff
age
18444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44111
x-xss-protection
0
last-modified
Tue, 10 Jan 2023 20:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Sep 2024 23:12:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D08 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

age
78072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 06:38:26 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 06:38:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0103 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
15555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 00:00:23 GMT
expires
Sun, 29 Sep 2024 00:00:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F377
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEPWidQfSU07aQ6JcRFJKEB8&google_cver=1&google_push=AXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucChL4q_8Y5Zlxv_1Pi5z7g3TQNdoIsJu3
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucC...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucChL4q_8Y5Zlxv_1Pi5z7g3TQNdoIsJu3&google_cver=1&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucChL4q_8Y5Zlxv_1Pi5z7g3TQNdoIsJu3&google_cver=1&google_gid=CAESEPWidQfSU07aQ6JcRFJKEB8&google_hm=UTc0OTMzMzk4MTEyODk2NjkwNjE=
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 30 Sep 2023 04:19:41 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSNySb9TYhsm1yX4QHt3OwfC13xAE-OnSdDj3SlXvS2T54xAHd34NM96sdgbpucChL4q_8Y5Zlxv_1Pi5z7g3TQNdoIsJu3&google_cver=1&google_gid=CAESEPWidQfSU07aQ6JcRFJKEB8&google_hm=UTc0OTMzMzk4MTEyODk2NjkwNjE=
Content-Type
text/html
Cache-Control
max-age=68495
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame F377
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP1Br_gIdKgClqTX1NIcIMY&google_cver=1&google_push=AXcoOmSmXIohjGl0u-o00a4oi3CuhYdxNPrSX-jNirq7gW0nNbqa03E...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=64357859f59906b7&is_secure=true&networkId=14000&version=1&google_gid=CAESEP1Br_gIdKgClqTX1NIcIMY&google_cver=1&google_push=AXcoOmSmXIoh...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABt38VEdo2iQMCTqzoAAAAAAA&expiration=1696133981&google_cver=1&is_secure=true&google_gid=CAESEP1Br_gIdKgClqTX1NIcI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABt38VEdo2iQMCTqzoAAAAAAA&expiration=1696133981&google_cver=1&is_secure=true&google_gid=CAESEP1Br_gIdKgClqTX1NIcIMY&google_push=AXcoOmSmXIohjGl0u-o00a4oi3CuhYdxNPrSX-jNirq7gW0nNbqa03E1H6uRyICkzGZzmXEnjBDLm6BjWMOEhY6uR-ns6-ol7BZ8
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:41 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABt38VEdo2iQMCTqzoAAAAAAA&expiration=1696133981&google_cver=1&is_secure=true&google_gid=CAESEP1Br_gIdKgClqTX1NIcIMY&google_push=AXcoOmSmXIohjGl0u-o00a4oi3CuhYdxNPrSX-jNirq7gW0nNbqa03E1H6uRyICkzGZzmXEnjBDLm6BjWMOEhY6uR-ns6-ol7BZ8
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame F377
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEApG76l3k7YI96HymmRSqyk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEApG76l3k7YI96HymmRSqyk&google_hm=ZReh2sG3tvF0XybYl2BPCwAABY8AAAIB&google_nid=index&google_push=AXcoOmSUIqnqOMzVLvFiXPyUyUEmVIs3652Wq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEApG76l3k7YI96HymmRSqyk&google_hm=ZReh2sG3tvF0XybYl2BPCwAABY8AAAIB&google_nid=index&google_push=AXcoOmSUIqnqOMzVLvFiXPyUyUEmVIs3652WqewS2mqQbXPPZSYu73eGOyJF8DWHqo33lYAdDFeBHtjQEwJz7o4ZlUrFVAA4yUU
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFRe4xZslJAVDby%2FLoBnYZa87T%2BJpctQ6U7HeK5KchoIeaHW3cS0KYFUTQT%2F5joDG51WrVtoXDconhsQY5EEavCrPgp7qWgOwvd5CiZm7GZCCvvWFzmp93vxKPsdVnZefrjMNx9EzZISYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEApG76l3k7YI96HymmRSqyk&google_hm=ZReh2sG3tvF0XybYl2BPCwAABY8AAAIB&google_nid=index&google_push=AXcoOmSUIqnqOMzVLvFiXPyUyUEmVIs3652WqewS2mqQbXPPZSYu73eGOyJF8DWHqo33lYAdDFeBHtjQEwJz7o4ZlUrFVAA4yUU
cache-control
no-cache
cf-ray
80e9ab344cfa39f2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
ebda
eb2.3lift.com/ Frame F377 		0
0
pixel
cm.g.doubleclick.net/ Frame F377
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEP-AvHjPmofroKebX6zkYJ4&google_cver=1&google_push=AXcoOmT0sOaloJ1uujmrfedYSAp2JQNA0soMDMC3RyW-df65QoZ34LJ8jT6gAX9PzlkCGZKWzY22VSggFcye5AuwJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTExNjcwMmYtMzc4NC00MTEzLWJiMDUtZjk3NjUxYmNkOTk1&google_push=AXcoOmT0sOaloJ1uujmrfedYSAp2JQNA0soMDMC3RyW-df65QoZ34LJ8jT6gAX9P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTExNjcwMmYtMzc4NC00MTEzLWJiMDUtZjk3NjUxYmNkOTk1&google_push=AXcoOmT0sOaloJ1uujmrfedYSAp2JQNA0soMDMC3RyW-df65QoZ34LJ8jT6gAX9PzlkCGZKWzY22VSggFcye5AuwJZGibIiFqk3t
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTExNjcwMmYtMzc4NC00MTEzLWJiMDUtZjk3NjUxYmNkOTk1&google_push=AXcoOmT0sOaloJ1uujmrfedYSAp2JQNA0soMDMC3RyW-df65QoZ34LJ8jT6gAX9PzlkCGZKWzY22VSggFcye5AuwJZGibIiFqk3t
date
Sat, 30 Sep 2023 04:19:42 GMT
content-length
0
cm
a.rfihub.com/ Frame F377 		0
0
pixel
cm.g.doubleclick.net/ Frame F377
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESELgrBFIEzfFygKzRRMPcZSc&google_cver=1&google_push=AXcoOmSgUUIgWEsjkRTAD-uVHwTiwjQwf-GwUkLy_IQKOAGF8Sif6sQtI1XpG4mLofH...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSgUUIgWEsjkRTAD-uVHwTiwjQwf-GwUkLy_IQKOAGF8Sif6sQtI1XpG4mLofHLGGD1v_ex6AIB61m0yf1hmzvQulZRbkhB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSgUUIgWEsjkRTAD-uVHwTiwjQwf-GwUkLy_IQKOAGF8Sif6sQtI1XpG4mLofHLGGD1v_ex6AIB61m0yf1hmzvQulZRbkhB
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
233ea309
date
Sat, 30 Sep 2023 04:19:45 GMT
x-bytefaas-request-id
2023093004194557083EE52BC08545D656
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-78-78-154.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=13
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023093004194557083EE52BC08545D656
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSgUUIgWEsjkRTAD-uVHwTiwjQwf-GwUkLy_IQKOAGF8Sif6sQtI1XpG4mLofHLGGD1v_ex6AIB61m0yf1hmzvQulZRbkhB
x-bytefaas-execution-duration
4.00
access-control-allow-origin
*
access-control-allow-credentials
true
x-origin-response-time
13,104.78.78.154
x-tt-trace-host
01b7cdb27e92b109212105b97e93a85339f03b489946207ef046c35139ab982fbb4c9546910a156f7244dc6c5c0f42fa28439f0244d15797eeb691481354b47abf8cda6f4e39ffad4d3bc2cd35532c3b93bd1b53b5b54b16e22406844ab9cde05c
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 30 Sep 2023 04:19:45 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F377 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JU8txDA-BNgJRwmrVWCgqtleKki_uMyOy4hPSHIfMCux476yWHZwNneDNGc5icFjBM_7qXFtnu
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 44AD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e4e384614ce3a5a811987f39ac22489edfd14d6c7aca83971c82f66c5650d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BD24 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
15555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 00:00:23 GMT
expires
Sun, 29 Sep 2024 00:00:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3D08 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF8_2UY3QXNBhgQYk2xIziU&google_cver=1&google_push=AXcoOmS3zODXA3Fc2_HeWs2EZnzgdKHHN2ewXmo5d3-17HzeGEb1woZSe93EBSrqCbPxQUYRUbzcPyZTAAB84nPaos-jqPOeMG1U
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 3D08
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE6Y8cyiqIggnfFejcktGUs&google_cver=1&google_push=AXcoOmR2S6cVevwvJjisYS6a110OFE6F84RWFcGMOr99VII1nNpqw6lW713l9bXFaNn5esZQKZNkCYCBhlaNwjb9USu2hik...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2S6cVevwvJjisYS6a110OFE6F84RWFcGMOr99VII1nNpqw6lW713l9bXFaNn5esZQKZNkCYCBhlaNwjb9USu2hikSKgYP&google_hm=eS1Tck9wUGFSRTJwRmtRRV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2S6cVevwvJjisYS6a110OFE6F84RWFcGMOr99VII1nNpqw6lW713l9bXFaNn5esZQKZNkCYCBhlaNwjb9USu2hikSKgYP&google_hm=eS1Tck9wUGFSRTJwRmtRRVdnNHRkQ0RqVzVrakRBZzk4Q35B
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2S6cVevwvJjisYS6a110OFE6F84RWFcGMOr99VII1nNpqw6lW713l9bXFaNn5esZQKZNkCYCBhlaNwjb9USu2hikSKgYP&google_hm=eS1Tck9wUGFSRTJwRmtRRVdnNHRkQ0RqVzVrakRBZzk4Q35B
content-length
0
/
s.uuidksinc.net/match/47/ Frame 3D08 		0
0
dds
rtb.openx.net/sync/ Frame 3D08 		0
0
pixel
cm.g.doubleclick.net/ Frame 3D08
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEOp08z6JnbsJGOWhDrYC9Pc&google_cver=1&google_push=AXcoOmRRBKsZGHx66gJqlfPsAXiscoYocVaB-6wTs2nVLEwrpQxfejvfxM2FAnt6lxsG3Joq4pbBN4jfZneLXmq...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sVlWnZ78tUGmuFuB-kc6dA&google_push=AXcoOmRRBKsZGHx66gJqlfPsAXiscoYocVaB-6wTs2nVLEwrpQxfejvfxM2FAnt6lxsG3Joq4pbBN4jfZneLXmqpvQVrB4Icf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sVlWnZ78tUGmuFuB-kc6dA&google_push=AXcoOmRRBKsZGHx66gJqlfPsAXiscoYocVaB-6wTs2nVLEwrpQxfejvfxM2FAnt6lxsG3Joq4pbBN4jfZneLXmqpvQVrB4IcfV5Zlg
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sVlWnZ78tUGmuFuB-kc6dA&google_push=AXcoOmRRBKsZGHx66gJqlfPsAXiscoYocVaB-6wTs2nVLEwrpQxfejvfxM2FAnt6lxsG3Joq4pbBN4jfZneLXmqpvQVrB4IcfV5Zlg
Date
Sat, 30 Sep 2023 04:19:45 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3D08
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEERILCCtx7r1UuU7raU9tuw&google_cver=1&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bm...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-8124rFhq9JgXvgxvdJ4JVZhFpq6h8xIfNhP-kCZydQ&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgE...
  • https://cm.g.doubleclick.net/pixel?google_hm=zyq37rmTlvDZ4hoT85Sq&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA&google_nid=inmob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=zyq37rmTlvDZ4hoT85Sq&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA&google_nid=inmobi_new_eb
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Sep 2023 04:19:46 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=zyq37rmTlvDZ4hoT85Sq&google_push=AXcoOmRHlZz-AfH1B_m49u6UMGYekol4QBNd2Gnu070YH_bmvZ1b9HClQI7fvRoWVhFPGRm7hIszaE-vczD-f_8t9EgESb9mwv3xmA&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
227
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 3D08
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEA9ER9U-y...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEA9...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=53d5fc28-828c-42bc-91a1-23062d736a47&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=53d5fc28-828c-42bc-91a1-23062d736a47&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=53d5fc28-828c-42bc-91a1-23062d736a47&%%GOOGLE_PUSH_PAIR%%
Date
Sat, 30 Sep 2023 04:19:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3D08 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5wcX9ZW4deW4U7vh9jYfFg2IFw1gxsCG45Gvf9m6ayX_spuz5hk01YSF9mmwf4Q0GqaL1cNrL
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js
pagead2.googlesyndication.com/bg/ Frame 0103 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 06:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
164784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14639
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 06:33:14 GMT
tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js
pagead2.googlesyndication.com/bg/ Frame BD24 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 06:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
164784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14639
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 06:33:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0103 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7QR92qEXZbCCB_yAoPwPypiooAEAAAAAOAHgBAI&bg=!ExClEF_NAAZN1Q_XbdU7ADQBe5WfOE-HMQOs45-Nh5mVXGXGV3UBAC8Xwhakv54m_jhKnvs96MSZAJVTvndnzHmFRoMgAgAAAG9SAAAAB2gBB5kDFMh0OLI0HMS05GQ7KLKrDCVXT8syYxk5KlDrb_K34GpdteHWmb3Y1TW9WSJSEP2XU1K-hAEH1ucWLgK69-hVNejhB1vOzBoRWDHMmZ7nI_QL_uq2RjmXKg3LyO5hJNg3Mip5TbB8N486_SNLAd8V8vinSJ1TLZpcjSP1XdZJW0vagF5eezlJa9F3n1iut2Ib3l3Lpnmb_GPNYwBNlaFbSf2ZeACmLQxj0iuG32e717gdwlsFQ-9LPBlxQgNRA4hGY-OE5kV8bRbxlQ7dSbsCJyPd10FpSZZzc5WzWptjehzu2i7d3KokacTKepOFRlzx5VDxtB03GEFBcYrYO3n5F2cdr79-ata88TwftCavOHLyqqwtImU13d5-9lxtDiA5CJNwkiNXV_wxb5wTgXq9W1TnrIUSIzXN3r3eHGBEZaqrM3e0KYnH0QIb1zx5rjfc6qLI2d-9t3em6yy3KYOl-ibZUlJNKUnvbLWrG0rpyQzHKoHhklN4h1pQjm9K4r15j4j96NmT2yQyRF1b7zVWzYcuoUamjLAnmGDicF9ahpyKKNtBtD3saKqMpTkTRboG22nimmkCb2iGkGfS0x04PXsJEYX3G51ag8kL1eF9ROWWas8y02HedjJiUxiFN6Zg4gZorqBU-lTX04FpeaFZ1i73XDVJsHEbrmWoQpOGbYDpJnCrk2ovmX7wIQiVerZ2HLSVluHR_83m7I6Hke-qSblmiFJSsCWvutdt3pTslIbUqvUaSZ0FoWaYFcVYmhqkwWD2xzQqtgQPSsR8Sfi1-tGQmyAaucQbGPXOtt_5Fkl0oYJbKGu4pkQZQ6Y0hNY6RxAZ_ozrG9jYOIz4klhX2aK_WsPFUBr0lWAY8DT4vS9tBm_YhVryPhQuUUiNLuwy9yYLLl9bS4_Tj6j_zzGg_gbFd3tZThn_GdsFL7habM2sPyPmg8RJCapSa9NBa79rjWXpzkodyvHn8O_tlz_58uCYhpep8kdp6lY4AiJ_eq0o_ZiMnQCFuYIxpka-YW75Oy8i0uRF-kZqWDLhFNb5wGRgpxjJ
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD24 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ9Sm2qEXZc_iB_enoPMP7Z-smAUAAAAAOAHgBAI&bg=!f3ylfDPNAAZN1Q_XbdU7ADQBe5WfONUKk7tMZjBBl0ZIWB8aXBGuM3Kro0D1sFeeIb9ZDlmAGq5obZwb0LhPvLDPwjZeAgAAAF9SAAAABWgBBwoARmIX7PArqgLLBW5aCJuTcAsb4NEnmpzZfmm5EMp-wp3q2oA70ddD_YqfM-ACLrxwBas2PooG9aKAQSVFJvqPECM5HhY-x86ZAwwCUssjOFbkrRC2rj19cyD4UV3k5XkwqKTt1YbmXJccJrAKAXtlYnpv7Wq3rywOd72QoDSpEEGMJxWOEYPSw_TtEGNJOyOEtvQl-b-Xn398sZ89GABMJ-qi1kqGRZtCaQ1e3s55FIJCINCuBZ41GhNTNsVBHzeOyWjjXRMuROSmY3OXBWvtsIlZ0j4F4q8uZmnxjG-KNi0WpdFP-Aw3ClvOofPJJrRMrkYUbChTOXoHV7PteIcGzSiDwxnJYjT1V1CmKBvvtZ1812HHR0j5hbK0mIpZU36aXY0NRNw4mLb_IxmqtSfxLC_GI93ATIhV2foLcwMTAMfEoMEKs23hq9mNU2Rtjyxd6Kpq5rcaPWQUbBMXT4s1cu1PBARpNg1CiXVAyH4-PVG9qo9ymolcaRt2bQ5C1D5j7PAt6Ba4BsObAfNe4JvLrTF8KqS76txZtfjtTWQ8C0BRTev-S0XHZunR1fHGeQar-XO3S2BLtBjA3azu4p7Zti4U1_79-AbNoaCsMs_3xyIN8roDIj9B5z42maN3OaZg8dni4lyxLD3c_WApDmsJRLMKm_TDAGfDpU_uNGUNrOoY8l70oF2JoSqHcStLDCPMveV693L-W3V69iWxqAAwbrk1ML-AUUCaxHzXR_8Nb3KdjqG-fbqJFKRoumwyB7xvGE7TV2uN1ghOS-j0DfS1wqU4Z-w3uxP2XDinZnl6jrpFwhpaFexPFMCBl49Fm7nBBhmpTRA-5yohFn4igXxVDGrSyjUfke78Bc1GYZtSDJ3acY4skoqwW8zqdoeJkIQp0U-__W25RFFFlV9Vtah-5m2HaBilb7wpWwR3e8Y2AScWAXxHAYKYB8JULmCMpP3PEgRqB80vQQyKLnmrBLRG0w26Le7cGg9i5UpwLpmTB8Jtz2M4lJ4SO5k9WzA41silwKlFG4ScCnuzYXT033kbUUDsJNSwMPWAuahLI4L-2HqZhvI3dBhb-z-bzUaXwIhMPmmTkZ2VWjpivhy9mtlJWExpOf2uhVXdSjVHZoYfUgjf3xwDUiI
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CA5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:37 GMT
expires
Sun, 29 Sep 2024 04:19:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 0CA5 		3 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
e39a073ca78f3a0c3c3d9a8158f45a92d1fc89cf253a39f3d326b88d070a243a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 04:00:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Sep 2023 04:19:38 GMT
css
fonts.googleapis.com/ Frame 50F7 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 03:54:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Sep 2023 04:19:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 50F7 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 05:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
80381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 05:59:57 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 50F7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 05:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
80693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 05:54:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 50F7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 05:55:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
80624
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 05:55:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F732 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

age
78072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 06:38:26 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 06:38:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 50F7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 06:13:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
79597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 06:13:01 GMT
l
www.google.com/ads/measurement/ Frame 50F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR863X1kJlTs-QSV_kuQufP6nLm_gnFtQ1hPMF7GvQfzDu9jdKLZMuJRuja9FCbhDS00lW1L_rE4CyfCS-uAYcmy36tOw
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50F7 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:19:38 GMT
fda82c26911938d9c7ca79f9220f8b0c.js
www.gstatic.com/mysidia/ Frame 50F7 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 05:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15328
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 05:48:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 0CA5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 05:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
80618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 05:56:00 GMT
more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0CA5 		233 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 05:40:35 GMT
x-content-type-options
nosniff
age
167943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 27 Sep 2024 05:40:35 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0CA5 		205 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 05:53:37 GMT
x-content-type-options
nosniff
age
167161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 27 Sep 2024 05:53:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0CA5 		604 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 05:43:13 GMT
x-content-type-options
nosniff
age
167785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 27 Sep 2024 05:43:13 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 44AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstn4Tp9-bPg0gTTPnEt6n42B_g1v427fVlXTLSw34Z4fBtSZQ7Hlx9DUl7952AOkIh0nNWC8iOxxWjP4egS8Uh9gj6s3ZNIUHkj8OPRfcLFbBfWSJKUDsbbtoYQEOzZKf9TQQj6DdSe4JVL-J7X38P0IsXP1ldR_jCWhumx0TYiZRKIJzaLX1Pfbt-Tw4BRkBACcVX2JvGCWP4_nYYIPeMoT-OqazMbG-j1XT5sSmga8_jKYLrZWCdHOYW-QTE3-Z5uxzS5WtkmmoQGpc7VRpuuhwXPXU0X0qQ8WBnbx-SzRNgCidQkDnouuE3V72haG1Sj_RaKq0-7dffvgufeygrDCycbobQWITK2mTFf97cI1K-fXsXpPhnrw87Yif3GR4vs-IaOiSptVsSs6csgS-w6Jrpj0LrvmZ4CmeEu-naFGTPmyTRX6LeqwF1vUKHTTINEu4o4b9JB0m7Eb4pQA5-zoVw6SNzefSkNOltkRtDv4Fru3ukrSL63bDQoB5p6A-rxprpWmgwOTVPVUWGurPxM6DHRl1oiVX821wI2zSszbvLjYnSr-KJxaamuzB2WmBnXGLdHRwbZUFlS8Br7f--QETdH-8cSE9i_T9Dbk2iylqrXhQM50X1R3uceSfJJZkHfEHQT-Td0JNalSsa480tOsHcRqkI0q7Cw8kgJZqE1Z5bDYCx8mevdFDSoOAkdrCSlpmsDXPv43MeTiwFclqu-QwLGi77DQ41_QibDg1NqTsZ6Nn_PI3xhpzsKWnPkGbAeJ_AZXIlzB73YG51-lhc_lx366ST1kq5KeTJaGZFSbKIOKcOucyoc_uG3bu5BhM3ZzxeCIj04zwqR38JA3DUgDLuAFq4ZWVcKEHvroXN-80F90palRtmMZ6WoD6G-4iocdhQYBCX8EbKdNNi0jQhz1NxFPvF9K--YbMkGKjSeV5TAVGLrw_luZQmWMUQBCRNhc_pTE5JSiGjLE9mwyNGSJcvVhPjga8u2hcdoqkFJgDHoXTw7gtjqDRibDvCcol8zGnCiXMg3qpmqi9D1m67OnVCkoqBtozvS76U4pyl6P-mx2fbhcyj5nS9H1YhqG7mTVzrFL9CiW4X8VVD9lFfSnFvkJ829JYmZ_fTD_BfcBh-6ka8JtKUOHDKQrT6Cea1P1rtgFCZ-KLO5SHygLeAj-xuAVs2lYhl4AcX58wrRBItvdwLIlB3SbyJjaGf6nux-B8P6HRN42DjMFGa_M-FKKwpHXYXUu0QF6cCdFmSlg6pFCuTfEKHKntHE0xIYMLDamFgSusEek98CoiozY3OkUV6m-dmVNyvYZh-lp6G8JlYE7LNJ6np7ip5a-bdIpuixLEEi-KHXyFuarAA2sBbXvvSR4AFZVavrgulO2gyQP5yguDAafPaSigeH7Tz7ZHO1Rmsmw2YyfM70JG0zfgptUqsCcu8kXknrDvLCOLmB_NlA2VJ-ftNmnlLtoKGbNGMGzd2R3FDRdMb-TB7emQ-VbwdetBxpfdQYTDkorhHhKmb1AsTf1U9dQPaj0HlUgdCIEw&sai=AMfl-YQXGmF76Jt0Etyvw4t7IL-w6Dx7mlzyxR84fqPW4e3NvEEPZazoIPwqQdKfI-8zqwpFBgSvMWGOXYkYL3bGEohCgoRzX7vFrHov5ryhLBX2s5tRJGOSamqD1_aMjZmKcPI6FS8zUPsaXsuziH3GsTM8pNcLmsyta3oNeS65QB3GEQYTQ5pmqMPmObosCqt-3QU1ane9SyUDzTbwq9luU6UUk5eI8KsWgRA8CvJsLtaDAR7HTkKQnSYw-gMA4h9JgSfP&sig=Cg0ArKJSzDq4JgoxQsaxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=391&vt=11&dtpt=390&dett=2&cstd=0&cisv=r20230927.54978&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5pZ-cslbRnK5c4VN5P1uZyv9g_u3G3yPGURMyYzQ3371HXi-1FPlV9bTfzc6uOpZtW928P2vVLLMp5rzrncXWZoMx9w&cry=1&dbm_d=AKAmf-Ap1WJe-xacydWV4w_MoWnFsKPqjsffXen-W5cUQL768b79MqVbUpkkp2kqcYQRUXlZw31bmuyYlm6wx88I7u5c5wIuWUvJQpRGaPhNKQGjZNcsX1utn0PSpQUph3qPZ_yC9n_h9LHRPMaL21JVIxfU421cEwRzlvPiwzJG1IxlBYr0Bp6yW3xq9qQxql1w8tKm0M8HxVFv-TgKspb80HXZCEl1yBsrj7BeMn4sHdfGeHNbyDEn1OkjGT8JQwMe495HcO2BVhIAXWWIR8Rd49bAO5Rv4Ns-dKcE7io24tSR8M-cRLy-ksKWqOHacR_TF9_6wZXjA4sKhLAcB18DlBK_6z3VJaSOVYJkr5x9SS-ZGAhjNecQu02tFMAWLwBaNTqlwOdWAylvFZ6hFj9sjZ52UU631ki4pL6N5HNR8CHoCcrivshgEKDkws-trGf5XvizAh81blFtqbQNo9vCE6EmsvsN0BgG0hBvoYW2-P0M6AgbBwHfq3Y1L4JnAjeTQCgi3jLXaMRLC2cqzEpmSjJRc1wAr0jSYw6h-xe5w_PRHAuy4rOgYBHlSJz7HS9Dayi27ajhzJneWQD-duOu5TKq3s3Wxqa6RVG7B31fQxIhkhKSwta5BGFdQBVfCyH9QB3vXm9kbd3d1VtrE98ALJyjta_O1ZZBeX7SujfgVbluilp4UiG9sTRzPyIM2OLPhvYr8ssrnlYSZfEaacTGnr4N_oBq7_zHuvffRiMNGvkBaTW7cmU_X0fPl-3lKeZkDuRCazTKjApp9LMvpaNaSmodrW_PkxRs9ZOXqsv3KB4B06ZVhwIMh6B-wpYVI5LppvbSdpPkYGAB7bUzFPWlcYzCL5gz4hZP4u0bdVraJFaUix5YYB0aQ67hDzBY5ZrLwJYB5phscqhTkUoqhaD4B7Lw4DxcZyh2CSwBhhDbLH140p9wNi_-z4lLnzb4YgHMe0Vf3zXYKe91alLGI7rtde6f-VtlFnhrhkm-LBO7GfBxARY-64K6PgbSX4xFl2tfCHER4H4LfAdCKdhnfGDWD896KMMXpTFDtERq0Z1_d9pZ4hNWpOIsb2q-_MCfIXuPZWzJ32xWyRekInskz4Lj7iRPs-OFsl7jNgAvxRWCZX-EvEs8TPiGKkV9hGiHBxPZs5yhple7IjH6L88m_ccP_qzGTEDRYOqyaILGDoJ2y8a0V7rhq2ngCJtL5R5yddeuiJf9o5Y62glkHMI-DoQu6MB74eorkIycFChlG2T-MfxXT7TUUM6WQshpkU_sDOItyP6930zVbxZUsolHxRanr4DzZLcSc-Ye44lJLDrELJo3bYSHYqu0c6sTL1YrsFzvnCD3vMPTMHqWCHb8HzV02Dj-8GdOLs4Gn_oLYtyTGS2GZ6wcekI4Btf15zdImweaz-fA_M4EI4l4Lgc27CLvmU7mU5QZoMuKxaDPJCL22LOTCMq-cHP0B9P8t9UJVhNKb0UQ3fQa-rlxGiHnqm9tXQLIsO088DcB5idvVjGBvme1Cq6bPIzydoh6ZhOazfgfymc0m68esMdmx4DtmrTwL6OLwzE6RzlSsgTVct4n8MDCuZbGi2ev-9Dbto_wmNGGpfWI7gHZJW-BhtdoBpDyOhif2D6vgE7ICL-24fFBY0xBM17C5vzpEsgrnqscTRpMGf3ckaJdGe_q5hr7OrVOEYEIF0E8rNwwT6Gjfc6MUq4JswFRD_qkGNDWh3X9uZs40Bffq7Ze7-hYA4o8sVeeuvgnvyl1pX6GYVZK3AbyHzy9M1N50GNichIV4fwJorRYtfrD-ovR7KJfWhmW2n3Uw1p7KGfAt5iOXc4DwdZZpvQRWqHlTjPazzNaVbxwS8rygfoI-Dpl-zDH2CgRhpqBI1cYnjvzkes1skvh1iodPVjm_kDx6CaTBUSd-ubZfwyFZR2LSTr05_-ApQhfh3eluSGPPFVrty8Mn2DXQqvxjX6EBwrUY6m24ASbmvb_2yeKTYydPYv9qwxg1iyO7E8w8qTmoIFJ5PNcxuo54HyqpFbbDIj-FCmbryv2yZGvIXxqluX-GlnhJ7bFO-8ttFk6uV2zqCPWf-0ahG-5kx5TYCFA309MAa3CWAME78uEIUAP1OTliUn4Pe_MD2-P2XV3r5Ix3Y_xAJNmhnERtGDGpnDvW9uBcVL6RBVX02KsR14ezJydaVmI6JkWTBTN36pZXPyF6cYkRuecI-bWJefxviSGz3fY2usWxsxiFxMDmDjyJNDz9YRIN0WCM0P2QkQQ-OY1OjUlsyr5akBathFUEmjEGqfC2spwr90SYyzxTanesD73McuIBqmaCSREOXhQQRa5Ow4lnGQ73OhUR_5XF2bJtQSJJJaYvIEf2zBza7BIZ7JMPx_HJOX2-xxi5nJ6JTZWrtisizrxZAozmQb2zLlJ5X4qYoNM3J9HWgqvu3fQ2FleVIJO27ig2muYgg1Q1SGkTIk4R_Y8VTFbkmh8GrMRmu7VsFRScJfseGbkgawXQZONPGRalpOdV45UgAshHS_OOtet2KssZ3NAl2KHtj9VuOx8JSOi-nlpQwQzEMa7k4LJ7211E8gdO4djIw4ZGJcWw6Nc66iBd_2EB6uuAb4kU4hZnBjTmlgzWP-qzOTicSQzZrISfw4ggctgUOSeFFbkm2q9vj2Fwru_iSVJCrK2ScMKSBiNQKspMyooxpJN6rHb3fPD6-Ti3RlNQ3ZRDXGZ2pOFK6Hp0uK2vgH_p_2lpfyBi4rUl39NmgoRzxKDWRUKuu28QRc8C1xXzsv-FPLC2Eqo5ms4MLBKwelXpMW_sdf_U06wKtBkVKWV_xdYO2DJSDgHvuCuFiesSGkr0WLpXwQCyP0roRsVEeJP5lznY18upgTGzeE0wT1rtsyS3TItFnXArNYpK9XKnTEJr4e6y2RKOzZDBbWYnXZxQsFx4hvh40Qcwmgn_KGoMqgP-YfEJvkMgJy9STTJ7EplTexdbWDVwO2EIEKfY02dI9vCyyHyV-zLLWGIk6rQxc9QdfOXpPDXcNE3tdqTx9c9rMVljVYuWNHAssLo9F9Es5Q1x2_CB6SiOCUhNiI-27n8q-GkGroZ2iigCWaU1nyEj8C9sHyMdlDIjumyz1NWgL_f9_ncHkJsMaajKFrezarZCEEz7waQMqNNOtaex4pHUk7Lier19y9enx7FIUaupRj_RQyKlh8aOmcRzC2EFfqR2pWVM0mindaSfXfHzY6Xi6K1zh2A6zxtBl-nlCRrrjJYU-Bl8GSgtNnwosayG6pB31DF3RtgU45_Uz4Re-zdK6QI7xpB045-ZOnrdC6uCJTRLNgcVNRM7wp60sdVdJbVcX0UlarJI8ULI--mLpC6NCARhNHqCD_JuMJ1vbbpXHagroApQJlgd95HpXi9j6rhSxIG5ilaiVDKvv0k5ikGPYay4prkpr9_xpUntxNNUthZ807cffZlzjpK1I8npN2a3WSsGP0iPBzfr_f6llevGkpuibcZMo-YglIrKcgaqGbzycsfLat_dpZkVMdiQ6tA0Vs2N35uPvVbNmXPqy49kDaC4D6txIc1olVIOV3CpDHinCoLHRrTJ2JM02bEeL6T00A8UEhMadktwecXcXVwl3A65IPY01Uc2WUpXu8YoUAFFBDNHgMiNF8_pS7x9E87Xb0YupMb0Qf9sbnsrJyiBnB-ft_0NKl526dWQWnD95uCdEZVe8akCVmC0eucBmlvODCOxS-GolvYJMQmKdXqXJTUvtAzCyJmcEwL7doYnh9JzTYOKOjdX96rfNwH9NIX_870D9rkn8daPhfVPYSZQex5hECQjKbTKj5skaEpOIgGjFjiSKIun6aneONVSth7r586wheALuRfCfi-hA8TmFcT7OcroagI9afQNZyrNsaJTBUQ7t43Kds8uf6V2SHFWrYVssFbQqaP9nhHL9ADNZtKbSl3fE4t0hr_p2g8FkePqdPGfS9AC5dqyBeqJTQIUMfTuoSC&cid=CAQSOwDICaaNDf5nEYJ4TJcYcyGdnvyG8n0UpoOdi48JSvI1Ko4W7ScMCDdY-D3SbPM4Ka1EO1quXRGW2BsnGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.letsbeardown.com%2F&ds=l&xdt=1&iif=1&cor=12499470603616885000&adk=1964084972&idt=104&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F732
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEL2gKLynaMMcaeUwdvT0Ij4&google_cver=1&google_push=AXcoOmSjisyHoJM1xllwISJHqZCbZHZM4xwbqsO7yZunBKDzFrOsya46EexzGPyj-wbQhacTLY4zxIY1zLomid0lct_10fZ294RDq0D_...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTU2MEJEMkNDRkEwMTRCOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTU2MEJEMkNDRkEwMTRCOQ==
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTU2MEJEMkNDRkEwMTRCOQ==
date
Sat, 30 Sep 2023 04:19:42 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
CookieSyncAdX
rtb.adentifi.com/ Frame F732 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEBlJKbDeQJzdj92EvhTXGKw&google_cver=1&google_push=AXcoOmRqDU4Zf5xR5uHg8LGzjdkOGq0iI92PJiC7EFfld6mfzGwt_VXsr3-vPDP9BFUJN2km1T0urDmeq31d8lwo7vawhC_xUikO-u4rWx8g2T5ZJZydVC9UA4Jg5WlRffwtNlKv-d9lx0E
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.12.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-12-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:42 GMT
pixel
cm.g.doubleclick.net/ Frame F732
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDrlcJr6CLVDwL8F5JuIZbI&google_cver=1&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4OSdQFS...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDrlcJr6CLVDwL8F5JuIZbI&google_cver=1&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4O...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNzczMjY2NzY0MTAzNTc2&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4OSdQFS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNzczMjY2NzY0MTAzNTc2&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4OSdQFSD-GNQ-OvehEppILV2bYaKKlWu7xy7E9VLhbJp94wzlOTEpbpBhLpi9syUMytPo0
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNzczMjY2NzY0MTAzNTc2&google_push=AXcoOmT7na9-Y_vvKATb9Ik90j4l4guFsirCbblmgGS7Q6emI96cM0YJVqWeABZYikTRdff6I4OSdQFSD-GNQ-OvehEppILV2bYaKKlWu7xy7E9VLhbJp94wzlOTEpbpBhLpi9syUMytPo0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F732
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELAOyKchp054VjWdIzc1sOI&google_cver=1&google_push=AXcoOmRQ2RHCdpU6_raFYjFP75yMvKonXRAtUITip6ug7aeVa1jUY-CeyOUUP2WcglWFdud8JUn...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhYM1QtUS02RFJJ&google_push=AXcoOmRQ2RHCdpU6_raFYjFP75yMvKonXRAtUITip6ug7aeVa1jUY-CeyOUUP2WcglWFdud8JUnY-1qzrcSPa9FOiepBjtE6ph2WgO1vL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhYM1QtUS02RFJJ&google_push=AXcoOmRQ2RHCdpU6_raFYjFP75yMvKonXRAtUITip6ug7aeVa1jUY-CeyOUUP2WcglWFdud8JUnY-1qzrcSPa9FOiepBjtE6ph2WgO1vLZbDSvrHCmCeAorL7_dAE64fXWTA89ubcBA0uSE
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhYM1QtUS02RFJJ&google_push=AXcoOmRQ2RHCdpU6_raFYjFP75yMvKonXRAtUITip6ug7aeVa1jUY-CeyOUUP2WcglWFdud8JUnY-1qzrcSPa9FOiepBjtE6ph2WgO1vLZbDSvrHCmCeAorL7_dAE64fXWTA89ubcBA0uSE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
cm
ius.ctnsnet.com/int/ Frame F732 		0
0
google
sync-dmp.mobtrakk.com/match/ Frame F732 		0
0
pixel
cm.g.doubleclick.net/ Frame F732
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEG5nw189_BwCEV8GehHE6Tg&google_cver=1&google_push=AXcoOmTXFpYdc9Hr2_AIn0-H6ZZEN2w1nqp29hgN2eNErqDNXZjqGxPDoV77S5YETmx...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTXFpYdc9Hr2_AIn0-H6ZZEN2w1nqp29hgN2eNErqDNXZjqGxPDoV77S5YETmxvmmmcx5epnysrzjQAVp_Vx-WCJRgC9HEYZQGgWg8AOF0wp0V_DPxTLBzT607...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTXFpYdc9Hr2_AIn0-H6ZZEN2w1nqp29hgN2eNErqDNXZjqGxPDoV77S5YETmxvmmmcx5epnysrzjQAVp_Vx-WCJRgC9HEYZQGgWg8AOF0wp0V_DPxTLBzT607zzylQ62NLG-o9U-0
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
233ea30a
date
Sat, 30 Sep 2023 04:19:45 GMT
x-bytefaas-request-id
202309300419453A4D637C26F8511B40F3
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-78-78-154.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=10
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202309300419453A4D637C26F8511B40F3
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTXFpYdc9Hr2_AIn0-H6ZZEN2w1nqp29hgN2eNErqDNXZjqGxPDoV77S5YETmxvmmmcx5epnysrzjQAVp_Vx-WCJRgC9HEYZQGgWg8AOF0wp0V_DPxTLBzT607zzylQ62NLG-o9U-0
x-bytefaas-execution-duration
4.44
access-control-allow-origin
*
access-control-allow-credentials
true
x-origin-response-time
10,104.78.78.154
x-tt-trace-host
01b7cdb27e92b109212105b97e93a85339f03b489946207ef046c35139ab982fbbe413c37c073d2e147117a6a47b51d208cec60bfcac5eddea886ed58e75b67cd5cd74318d3404e0832bb93a4fba4240f4d45f582eff9eba1b988835c4e40c0639
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 30 Sep 2023 04:19:45 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F732 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHPeQFd6NzMOG90ryx7LlB0JlEcnYkrvpRmSS8_ehnGsAkwEYOGUPECIL_v6Jhw1O_Dedq86V7
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
proxy
am.contobox.com/v3/service/ Frame 6AC9 		1 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/v3/service/proxy?url=https%3A%2F%2Fdee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fmraid.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
PHL51-P1
vary
Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
access-control-allow-credentials
true
content-length
1
x-amz-cf-id
8nBmmsp2_pW6hpaNGS-1tso_8W8Lx9jwJzgZ2-WlTNSSJslun7evuQ==
300x250_header.jpg
cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/ Frame 6AC9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/300x250_header.jpg?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-65.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdcca3049169219957ad45c3dd3781c943ddd5d8330347306a2246695ff2e231

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
UeiN8HQ1oivgEyBYRc2GL.slaP1ao8ch
Date
Thu, 28 Sep 2023 08:29:21 GMT
Via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2
Age
157818
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1691
Last-Modified
Mon, 18 Sep 2023 14:48:59 GMT
Server
AmazonS3
ETag
"1501eb9ec7b81152041356e3f1d8c129"
Vary
Accept-Encoding
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
gRtYfEFtl6vguLED4Ul2zt1-ewFRhEVKothns3NoYCgmr1E45qH4WA==
300x250_bg.jpg
cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/ Frame 6AC9 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/300x250_bg.jpg?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-65.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65589d5781455659638973c64fcbbc7fac84f75847a5eede37389b36fa0a4b02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
PCPyUDIudGBN80yFiUCC5FmSz5Etu500
Date
Thu, 28 Sep 2023 18:00:08 GMT
Via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2
Age
123571
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
54994
Last-Modified
Mon, 18 Sep 2023 14:48:59 GMT
Server
AmazonS3
ETag
"2ac660c99ba71dce5013c9f61e0344cc"
Vary
Accept-Encoding
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
1AVDREEooDfNsn0yzBImnGG8ZIqzagWXVbLyyS4XuOfs6DDxI2PeWA==
300x250_cta.png
cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/ Frame 6AC9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/300x250_cta.png?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-65.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b80a890bd60b6f527cb7cbc7ddc04ba4040fb7ea57885c7e7882f538264f2ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 28 Sep 2023 10:44:11 GMT
x-amz-version-id
pR9BzqMfpt_NoySoK2FLjWvjGokAPKqo
Via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Sep 2023 14:48:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD89-P2
Age
149728
ETag
"5452533b856c11908eab753543db312a"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4886
X-Amz-Cf-Id
z7Jg2le2MloF2ykY3rqAYe3_NaRshLDMFAltd116ZIv9poAs6UT9eg==
logo.png
cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/ Frame 6AC9 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/logo.png?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-65.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ceba625fe8956207881980b8a4529bf13f84c08623cc056581e336eb8fcfbb25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
8T..ObkLOqnkNe72_xJrELiYtNZeixji
Date
Thu, 28 Sep 2023 08:29:21 GMT
Via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2
Age
157818
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5449
Last-Modified
Mon, 18 Sep 2023 14:48:59 GMT
Server
AmazonS3
ETag
"458b2c6b9e8fc74c94d8a0f29836fa69"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
_jNnpEty9Dv-Aly2UwIZ-aMQgRYZS3KUzcbR47GQt2YyjPvHtc-Meg==
300x250_copy_header.png
cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/ Frame 6AC9 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/300x250_copy_header.png?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-65.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d765bbbec96de405abdb7df6790328ad4fbbc6b589ccba8aa73168fde53addbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sun, 24 Sep 2023 12:44:18 GMT
x-amz-version-id
0f0Y4ZeDpSDyfKed1vpAlKk38ynS2T.m
Via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Sep 2023 14:48:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD89-P2
Age
488122
ETag
"0da9a61ccefbb023b304ee33936998ff"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72198
X-Amz-Cf-Id
vyg-NiWRDJLzwT4tnriW48Ts6gofXPwlqtHWsxBgB8y29xvF6dFk8A==
HelveticaNeue-Bold.woff
am.contobox.com/cbdata/fonts/HelveticaNeue-Bold/ Frame 6AC9 		199 KB
200 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/cbdata/fonts/HelveticaNeue-Bold/HelveticaNeue-Bold.woff?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da3959967954f65109ef58a00893a4308f28d9cf7b70be19dd1c80d4a7935944

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Origin
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:39 GMT
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jul 2019 19:52:55 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
etag
"d7f69ae9ebafd506c2b63db1a6a4444b"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
203880
x-amz-cf-id
t0h_at9K6boHT_pElAsi-s-yb8fHkkA-FuDyIpriJaOenm8D9nBVbw==
HelveticaNeue-Roman.woff
am.contobox.com/cbdata/fonts/HelveticaNeue/ Frame 6AC9 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/cbdata/fonts/HelveticaNeue/HelveticaNeue-Roman.woff?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9578fa3dafa5207b612a55bb0d512c53f9c50299a402e53ac7da33fb2cc3f8b6

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Origin
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:39 GMT
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Nov 2019 07:39:36 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
etag
"4a5c08cc9d3ae9e1c509d40f6c671c21"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
13400
x-amz-cf-id
RZA8ZfP1tnz-sM_9bnW8eXOnoVFhF40tFezITv7d8Na3Nu4sxu-8fQ==
viewload.js
am.contobox.com/v3/frontend/creatives/ Frame 6AC9 		87 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/v3/frontend/creatives/viewload.js?ad_id=145335&campaign_id=19637160449&cookie_id=vSqIKwPRzd3z&domain=letsbeardown.com&dsp=DBM&event_type=impression&exchange_id=1&rd_iframe=iframe&ip_address=86.48.15.114&l_type=2&network_id=472343291&rule_id=52917&sid=71194ce419244902ab196245f97ac9b6&site_id=171470878862&zone_id=140322&fromurl=https%3A%2F%2Fdee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&cboxid=145335&lid=a_DBM_!!_c_19637160449_!!_e_1_!!_n_472343291_!!_s_171470878862&layout=mobile&clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCCC2w2aEXZa6lHKGnoPMP_qSLsA79uNzrcoaIzvP1EJrV95-_ARABIN3J4H5g_aCZgegDoAHGy5TAAsgBCakC0b0OXZi2qD6oAwHIA5sEqgSuAk_Q9paNaiRz_qKT2dyz10dZzFW8SimfyFu0yhMdEAo9-D3k89lS4XaBqgYT0oO3u93rMZslTMX55AYwqEwZfiFVOrB8mz3-AeP2hjTXfvqLgYckW8mCEgQrJW8R9E-XfAOVhuCe2ZUqgOBU3QVBgKjNCGYiqKX4xavGa-JZ81kyWGzXaTmqD-IR4f94SWQj5wBq_7lzU6p3ta8yNeMmjLag9RYaO2OULTnGvxmXV43ZU1rRNbkQ9r6kEM9ukIlHZnazyWd5K1eATomVgd1UjJpPont_msdsYhrjpiMNJAWmm5ezDepVwINpCC5_F5COV5OJHCGofIasFfr2GfdrwJJQRHmy5wb2LavXb_946snQovLYLqFrzcu_xz4IJvcjTZ99ycLBPHzOnYUExwgUwASJhbjklgTgBAOIBYGU3ZNJkAYBoAZN2AYCgAeitOu_AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCICwpQSwCALSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNByA0B4g0TCOmygMu90YEDFaETaAgdftIC5rAT_ofzFNATANgTDYIUFhoUd3d3LmxldHNiZWFyZG93bi5jb23YFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMI7vWBy73RgQMVoRNoCB1-0gLmEAEYASAAEgKgr_D_BwE%2526num%253D1%2526cid%253DCAQSOwDICaaNzbOARm-VOycHUyo3ThKovRxUZbKeXASw1zhF8-twpttto_dJ7qxA5CyLM8z36nJ3E3SWRf1EGAE%2526sig%253DAOD64_0eE8PfMhafd7jCw2bpHH3tDNOyyg%2526client%253Dca-pub-9647836942103656%2526dbm_c%253DAKAmf-CK5yIQSZoBYHCX8iTBRRMTzReuuQJpSLCpLKYlNZf6yGQsgmRLd2RkZdu9slOHB-Na2-UngagrOc-NDbN0d6Ubxs1pPlHAklAbhWCJIeG5D83Cuio7RW30FYLpuS4vcNal2su2f08FZqfiFLYwx9B_DbTEw04jaoSNY_L95x43jEW1Vuk%2526dbm_d%253DAKAmf-A83Iohyp50Z9_JAN8u35aYf4S3-p2qdlO9-lhUOKsq57LpT17zZp3eAJmgxU4r68L2cCu5bmSZH6JJ1hxYfq7XX7H3futqd-9h8Gi5fv3j70CM7_P1wdnIBcBV9YkO853oTbA1ZAestBgEhc6k42mVweN_2kwryi4rP3Ol0ebcmahE-Mp2hWNoZnF0dFgeCnyEECcqVxH6Hsi8US5ucW9kqoJEWX3DEpCDD_U6_H3Ib3g3qothDs7YYblZqm7Mzq7i0ywE0mJEKt8NjQy_H4mSUrwMVLvYgsHFx0Ixc2WeCthMFVH5ueniZr7eTxb_eeMBwOYlM5KnAwicTtVffj26Be_gzxRBbEau96oTvEt_f43avGAYbrjT9deavNJ8WYogtQDE-fubTqXKM3qKQ4bY3whiaN-PvnIHNiOrHn2A8pbHZWBQy4UJuCmYQ4Kv7aUzk-bQXUhXJ0ZXItQ0TtCwC-jTHdils_Sn3cBwP7BrsF6DU4ahFwKZ2wOy27dkxJVCwtbEsnyfR9zl95BJgf4G1GpluubJyp9vHU9rcDV33oFETn4%2526adurl%253D&http_referrer=https%3A%2F%2Fdee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com%2F&ltype=2&resolution_width=1600&resolution_height=1200&env_type=iframe&position=above&ifr=1&iframe=yes
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
/
Resource Hash
f89b5073a0b8bff7506c2af940feed37961701609d66a74d07a88b70f30d018c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:38 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
vary
Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
63mtXUU44No1KWDTxPHZbiIF0cdp4upjgtu8LIZsLyDYV5g4_Ac1cA==
content-length
87
1001725606.jpg
cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/ Frame 6AC9 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/2023_blended-appliances-alwayson_vf_nat_en_d29a_dis_prodcarousel_ao-fw31-orangetageventrefresh-1/images/1001725606.jpg?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-65.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99027100b2c3972a0998e599ec43cdb66476a675eb53f543eba0dd3cb1aa9bc1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 28 Sep 2023 13:21:48 GMT
x-amz-version-id
Lb2Mt.2Pokj7xpBZj2RgE3frrWnjVArK
Via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Sep 2023 14:48:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD89-P2
Age
140272
ETag
"5de16eefeb1829dadc060ab83dbdb421"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58523
X-Amz-Cf-Id
0X72lQTNQ21WAbt12-oigUycMJygvq-OTFmkERSF5SCsc2ex4MmAzw==
products
shoppable-api.contobox.com/ Frame 6AC9 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://shoppable-api.contobox.com/products?gallery_id=5997&cb_user_id=vSqIKwPRzd3z&exclude=desc
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-126.iad12.r.cloudfront.net
Software
/
Resource Hash
7622c7ba8dc2b4038bdc037e4070a27af49a9f95139818dea0e5b3eaeaed2407

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:40 GMT
content-encoding
gzip
via
1.1 33aa60037dccf2345c8ade9dffbf1192.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2
vary
Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
access-control-allow-credentials
true
x-amz-cf-id
5GfIy7ZeR8PzuEb-X5hpBQq_IhTUguha9TTwBqJwZU7oOvTT0YgatQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F8E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5hGSUA2h7XwgcwBxum29o4OwPrbEVd6BeFoK4hw77VORKDgXE_53HV2nZgmSk5YpyteUa03fQHnYUUaF6ISzhnSw-TpNnkBPoCkOYRkoxnqg_Z6IiQ8ZerUrDc0Glq-2qJVbbifNw-A&sai=AMfl-YROG1SgeXTcb1jOesMNy8MTS-iUcol0vjLwGsPSVllKkx-7xuI3yl90lVtOxPPuSia1xEJ6lBE9MgOzfTZWrUGAccnB-1jctROGTYxcnY7mAKJLhLTWe0-_mTY&sig=Cg0ArKJSzGp6HcKJjdLAEAE&cid=CAQSOwDICaaNzbOARm-VOycHUyo3ThKovRxUZbKeXASw1zhF8-twpttto_dJ7qxA5CyLM8z36nJ3E3SWRf1EGAE&id=lidar2&mcvt=1000&p=751,449,1001,749&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1299203841&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696047577842&rpt=364&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8C2XWZXZ5F&gtm=45je39r0&_p=891389481&cid=990885962.1696047577&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696047579&sct=1&seg=0&dl=https%3A%2F%2Fwww.letsbeardown.com%2F&dt=Chicago%20Bears%20NFL%20Football%20News%20%7C%20LetsBearDown.com&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C2XWZXZ5F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.letsbeardown.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 44AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-7VEgSZUimWEJNhqKVOixv7hlm-wfx1njHpCf-nHZua_EAl--r2WHwNxvhfNpc7Iyrg_d0vqqDrmdenBeT3a6uyHc-W3LoUAQqZCn0kPPd5vHbTL8orlkZC9twoGcebgTkcPhpZTc1Q&sai=AMfl-YRkZMivfgo7aGH2JWSKzlJWOBf0O57WFSbEHDsFJtmHMdjxMLZ-Yg2YZlOeF54hKMTiX2EF3Yv6jt3x4VOri4d45XUomACta7RUPx71JZ28yD-kksvlZFk2deY&sig=Cg0ArKJSzGVNzLeJE1h0EAE&cid=CAQSOwDICaaNDf5nEYJ4TJcYcyGdnvyG8n0UpoOdi48JSvI1Ko4W7ScMCDdY-D3SbPM4Ka1EO1quXRGW2BsnGAE&id=lidar2&mcvt=1000&p=300,1049,900,1349&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=574139835&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696047577899&rpt=718&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
pagead2.googlesyndication.com/bg/ Frame D9D0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 28 Sep 2023 06:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
165307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14650
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 06:24:32 GMT
viewstart.js
am.contobox.com/v3/frontend/creatives/ Frame 6AC9 		84 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/v3/frontend/creatives/viewstart.js?ad_id=145335&campaign_id=19637160449&cookie_id=vSqIKwPRzd3z&domain=letsbeardown.com&dsp=DBM&event_type=time-attention&exchange_id=1&rd_iframe=iframe&ip_address=86.48.15.114&l_type=2&network_id=472343291&rule_id=52917&sid=71194ce419244902ab196245f97ac9b6&site_id=171470878862&zone_id=140322&fromurl=https%3A%2F%2Fdee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&cboxid=145335&lid=a_DBM_!!_c_19637160449_!!_e_1_!!_n_472343291_!!_s_171470878862&layout=mobile&clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCCC2w2aEXZa6lHKGnoPMP_qSLsA79uNzrcoaIzvP1EJrV95-_ARABIN3J4H5g_aCZgegDoAHGy5TAAsgBCakC0b0OXZi2qD6oAwHIA5sEqgSuAk_Q9paNaiRz_qKT2dyz10dZzFW8SimfyFu0yhMdEAo9-D3k89lS4XaBqgYT0oO3u93rMZslTMX55AYwqEwZfiFVOrB8mz3-AeP2hjTXfvqLgYckW8mCEgQrJW8R9E-XfAOVhuCe2ZUqgOBU3QVBgKjNCGYiqKX4xavGa-JZ81kyWGzXaTmqD-IR4f94SWQj5wBq_7lzU6p3ta8yNeMmjLag9RYaO2OULTnGvxmXV43ZU1rRNbkQ9r6kEM9ukIlHZnazyWd5K1eATomVgd1UjJpPont_msdsYhrjpiMNJAWmm5ezDepVwINpCC5_F5COV5OJHCGofIasFfr2GfdrwJJQRHmy5wb2LavXb_946snQovLYLqFrzcu_xz4IJvcjTZ99ycLBPHzOnYUExwgUwASJhbjklgTgBAOIBYGU3ZNJkAYBoAZN2AYCgAeitOu_AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCICwpQSwCALSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNByA0B4g0TCOmygMu90YEDFaETaAgdftIC5rAT_ofzFNATANgTDYIUFhoUd3d3LmxldHNiZWFyZG93bi5jb23YFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMI7vWBy73RgQMVoRNoCB1-0gLmEAEYASAAEgKgr_D_BwE%2526num%253D1%2526cid%253DCAQSOwDICaaNzbOARm-VOycHUyo3ThKovRxUZbKeXASw1zhF8-twpttto_dJ7qxA5CyLM8z36nJ3E3SWRf1EGAE%2526sig%253DAOD64_0eE8PfMhafd7jCw2bpHH3tDNOyyg%2526client%253Dca-pub-9647836942103656%2526dbm_c%253DAKAmf-CK5yIQSZoBYHCX8iTBRRMTzReuuQJpSLCpLKYlNZf6yGQsgmRLd2RkZdu9slOHB-Na2-UngagrOc-NDbN0d6Ubxs1pPlHAklAbhWCJIeG5D83Cuio7RW30FYLpuS4vcNal2su2f08FZqfiFLYwx9B_DbTEw04jaoSNY_L95x43jEW1Vuk%2526dbm_d%253DAKAmf-A83Iohyp50Z9_JAN8u35aYf4S3-p2qdlO9-lhUOKsq57LpT17zZp3eAJmgxU4r68L2cCu5bmSZH6JJ1hxYfq7XX7H3futqd-9h8Gi5fv3j70CM7_P1wdnIBcBV9YkO853oTbA1ZAestBgEhc6k42mVweN_2kwryi4rP3Ol0ebcmahE-Mp2hWNoZnF0dFgeCnyEECcqVxH6Hsi8US5ucW9kqoJEWX3DEpCDD_U6_H3Ib3g3qothDs7YYblZqm7Mzq7i0ywE0mJEKt8NjQy_H4mSUrwMVLvYgsHFx0Ixc2WeCthMFVH5ueniZr7eTxb_eeMBwOYlM5KnAwicTtVffj26Be_gzxRBbEau96oTvEt_f43avGAYbrjT9deavNJ8WYogtQDE-fubTqXKM3qKQ4bY3whiaN-PvnIHNiOrHn2A8pbHZWBQy4UJuCmYQ4Kv7aUzk-bQXUhXJ0ZXItQ0TtCwC-jTHdils_Sn3cBwP7BrsF6DU4ahFwKZ2wOy27dkxJVCwtbEsnyfR9zl95BJgf4G1GpluubJyp9vHU9rcDV33oFETn4%2526adurl%253D&http_referrer=https%3A%2F%2Fdee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com%2F&ltype=2&resolution_width=1600&resolution_height=1200&event_target=1&time_spent=0&event_action=inview&label=Time%20to%20completion%20(s)&event_component=Tab%3A%20Products&event_component_id=381105&event_component_order=0&tab_id=381105&tab_name=Tab%3A%20Products&event_label=Time%20to%20completion%20(s)&event_value=1
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
/
Resource Hash
28db542a67cfc4ae17be75efc2a73df125491488d50f23a933779be6361a2ea0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:40 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
vary
Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
xP9Cfok6ywjwq60sRHc9-lSzMrl157afZaEvDhO7xsTb40USSiUGFg==
content-length
84
HelveticaNeue-CondensedBold.woff
am.contobox.com/cbdata/fonts/HelveticaNeue/ Frame 6AC9 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/cbdata/fonts/HelveticaNeue/HelveticaNeue-CondensedBold.woff?ac=1691650753
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dc1151b79543604e857a63f6d2021182255a40f2b7f12c88cc2421ff848d8cb

Request headers

Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
Origin
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:41 GMT
via
1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jul 2019 19:52:56 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
etag
"10e55445d25dca55871e793a7520ef42"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
49612
x-amz-cf-id
bOQpUzv8avNvAstWXd3XZ4-4dDyJUrvoyyUXkEM7yjrcsI8SkwEzSg==
eco-en.png
am.contobox.com/cbdata/cbox_assets/custom/thd/ Frame 6AC9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am.contobox.com/cbdata/cbox_assets/custom/thd/eco-en.png
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
668a39e07be23f3fcf19b02509b3eb6a7f4efbacd69ddea04f60f9d7fe6b5346

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 21:06:51 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 20:07:27 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
65983
x-amz-server-side-encryption
AES256
etag
"f21adca5c050288fa03f684c61667f87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4475
x-amz-cf-id
uZU3ipqCv2ArkatoPnxew08xF7K4Y98M_Sy9LvPIGqGUJ1ereemQpA==
p_1001539032.jpg
images.homedepot.ca/productimages/ Frame 6AC9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.homedepot.ca/productimages/p_1001539032.jpg
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.192.65 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-192-65.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d881b633e6dc5c1f0203ad56c886a000958c4b2ecdef1c4c3d1a982651885558

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:40 GMT
last-modified
Tue, 11 Oct 2022 20:20:34 GMT
server
Akamai Image Manager
etag
"422b63ed79ae9de7c6d7386383000ae6"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
4242
expires
Sat, 30 Sep 2023 16:19:40 GMT
p_1001296351.jpg
images.homedepot.ca/productimages/ Frame 6AC9 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.homedepot.ca/productimages/p_1001296351.jpg
Requested by
Host: dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
URL: https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.192.65 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-192-65.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d76d2f5ee050a3b33f73d1d8fe8786083bde741440dc440150521c0dd79657f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:40 GMT
last-modified
Sun, 25 Jun 2023 11:23:07 GMT
server
Akamai Image Manager
etag
"83592fb84aabbfa8fb3c50d9425fa6ac"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
990
expires
Sat, 30 Sep 2023 16:19:40 GMT
c.gif
c.bing.com/ 		42 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=STMS_pd&uid=dd3446a2-a821-4803-8421-ca3c81fc167e&gpp=&gpp_sid=
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:42 GMT
last-modified
Wed, 30 Aug 2023 19:01:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 15B9A1335EFF420EBC3CCAB0C0F73DBF Ref B: YTO01EDGE0818 Ref C: 2023-09-30T04:19:43Z
etag
"3f4a4a7474dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=dd3446a2-a821-4803-8421-ca3c81fc167e&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&gpp=&gpp_sid=
  • https://t.pswec.com/bsw_sync?ssp=sharethrough&bsw_user_id=
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=sharethrough&bsw_user_id=
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=a188fde1-f28c-481b-802e-31d7567a2dc2&expires=3&user_group=1&ssp=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=53d5fc28-828c-42bc-91a1-23062d736a47&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=53d5fc28-828c-42bc-91a1-23062d736a47&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
34.237.90.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-90-245.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=53d5fc28-828c-42bc-91a1-23062d736a47&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sat, 30 Sep 2023 04:19:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
34.237.90.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-90-245.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:43 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=
date
Sat, 30 Sep 2023 04:19:43 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough&gpp=&gpp_sid=
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iO...
  • https://ssp.disqus.com/match?bidder=29&buyeruid=of1VoYiW91jj&r=Cid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0MzYyNjc4ZjEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV...
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0...
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0...
  • https://ssp.disqus.com/match?bidder=32&buyeruid=e05ad052-164b-5311-b2a6-9be0d7b13a3e&r=Cid1YS1hM2U1MGUwMi1lYmE1LTNiN2QtYTY4NS1iODk0MzYyNjc4ZjEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLm...
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-a3e50e02-eba5-3b7d-a685-b894362678f1
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-a3e50e02-eba5-3b7d-a685-b894362678f1
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
34.237.90.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-90-245.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:43 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-a3e50e02-eba5-3b7d-a685-b894362678f1
pragma
no-cache
date
Sat, 30 Sep 2023 04:19:43 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558357&ev=1&rurl=https%3a%2f%2fmatch.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=%%VGUID%%
  • https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=GVIYBS4C8cfP&pid=558357
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=GVIYBS4C8cfP&pid=558357
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
34.237.90.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-90-245.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=GVIYBS4C8cfP&pid=558357
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b6f574bf6-nz4mf
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4141818151769&version=m202309120101&ct=77&x=1&cor=602172461534186400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1042795727034&version=m202309120101&ct=76&x=1&cor=12499470603616885000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ac
ww1772.smartadserver.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=332036742&out=js
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.letsbeardown.com%2F&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-147-135-119.us
Software
/
Resource Hash
f3f602f337563fe71807c0b4eedc29a4274c40bc55319274c552090da8edd22d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:42 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
x-smrt-i
7974420
cache-control
no-cache,no-store
usync.html
eus.rubiconproject.com/ Frame A1EE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.letsbeardown.com%2F&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Sep 2023 04:19:45 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 30 Sep 2023 04:19:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
server
AkamaiGHost
um
sb.freeskreen.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
  • https://sb.freeskreen.com/um?sa=9117547341720585190
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?sa=9117547341720585190
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
44.213.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-141-94.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:43 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?sa=9117547341720585190
pragma
no-cache
date
Sat, 30 Sep 2023 04:19:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
um
sb.freeskreen.com/
Redirect Chain
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://sb.freeskreen.com/um?tlr=1d6492d162034a0b9fe8024f5880f747
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?tlr=1d6492d162034a0b9fe8024f5880f747
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
44.213.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-141-94.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:43 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?tlr=1d6492d162034a0b9fe8024f5880f747
date
Sat, 30 Sep 2023 04:19:43 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
um
sb.freeskreen.com/
Redirect Chain
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
  • https://sb.freeskreen.com/um?ac=1f6c48ee-bb64-4515-8c16-aa593ff4562f
43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ac=1f6c48ee-bb64-4515-8c16-aa593ff4562f
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
44.213.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-141-94.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:43 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

Pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sb.freeskreen.com/um?ac=1f6c48ee-bb64-4515-8c16-aa593ff4562f
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
um
sb.freeskreen.com/
Redirect Chain
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
  • https://sb.freeskreen.com/um?ni=b37c9a311ab72b6d684d218a72bedd48
43 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ni=b37c9a311ab72b6d684d218a72bedd48
Requested by
Host: www.letsbeardown.com
URL: https://www.letsbeardown.com/
Protocol
H2
Server
44.213.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-141-94.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:44 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

date
Sat, 30 Sep 2023 04:19:44 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sb.freeskreen.com/um?ni=b37c9a311ab72b6d684d218a72bedd48
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame F6FD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: ww1772.smartadserver.com
URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=332036742&out=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Sep 2023 04:19:45 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 30 Sep 2023 04:19:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame A1EE 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
577ed2bc22ea1498673c3775edeca6d75877d9bc05e029ed4e831981e776ad26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 30 Sep 2023 04:19:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Sep 2023 14:51:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37881
Connection
keep-alive
Content-Length
10474
Expires
Sat, 30 Sep 2023 14:51:06 GMT
usync.js
eus.rubiconproject.com/ Frame F6FD 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
577ed2bc22ea1498673c3775edeca6d75877d9bc05e029ed4e831981e776ad26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 30 Sep 2023 04:19:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Sep 2023 14:51:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37881
Connection
keep-alive
Content-Length
10474
Expires
Sat, 30 Sep 2023 14:51:06 GMT
khaos.json
token.rubiconproject.com/ Frame A1EE 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
khaos.json
token.rubiconproject.com/ Frame F6FD 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
a83f2a96bd33982c4d3f4f1b66e50d92e65a85357310930f8853746a8a7f5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12109
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 04:19:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F5DE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
167351
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 05:50:34 GMT
expires
Fri, 27 Sep 2024 05:50:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BF2E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f106.1e100.net
Software
GSE /
Resource Hash
c8aed600ae0333589b1c3dc3e32f6f969079ea34c542de7b5c723a9533b98f8c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ad1H3cmR8qkvZYRQkvq8Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.letsbeardown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ad1H3cmR8qkvZYRQkvq8Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 04:19:45 GMT
expires
Sat, 30 Sep 2023 04:19:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
um
sb.freeskreen.com/ Frame A1EE
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LN5IXWVB-B-7MSG
  • https://sb.freeskreen.com/um?mg=LN5IXWVB-B-7MSG
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?mg=LN5IXWVB-B-7MSG
Protocol
H2
Server
44.213.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-141-94.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sb.freeskreen.com/um?mg=LN5IXWVB-B-7MSG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame F5DE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 29 Sep 2023 03:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
90744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 03:07:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BF2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=3609365273053077&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame F6FD
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LN5IXWWE-H-7WK3
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LN5IXWWE-H-7WK3
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LN5IXWWE-H-7WK3
Protocol
HTTP/1.1
Server
23.105.14.106 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Sep 2023 04:19:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LN5IXWWE-H-7WK3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0163a7456b0a5605e8b1fb1d4fba3e4d
Expires
0
pixel
cm.g.doubleclick.net/ Frame A1EE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE41SVhXV0UtSC03V0sz
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELAOyKchp054VjWdIzc1sOI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
setuid
px.ads.linkedin.com/ Frame A1EE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 11D9348B66D64D13BA7506FBA1533EC1 Ref B: YTO01EDGE0421 Ref C: 2023-09-30T04:19:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYGi9n2iqMMmiHXq/PiNA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A1EE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A1EE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
date
Sat, 30 Sep 2023 04:19:46 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame A1EE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S2PuJmMgnCVm6YoPOCzHQQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.AfHCQhE2oLZE8Gyx_FzFPGnQmbJ_oAlM5EgbQ--~A
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.AfHCQhE2oLZE8Gyx_FzFPGnQmbJ_oAlM5EgbQ--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.AfHCQhE2oLZE8Gyx_FzFPGnQmbJ_oAlM5EgbQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A1EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A1EE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2YFFdJl5QuicnrPzcLo26g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2YFFdJl5QuicnrPzcLo26g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2YFFdJl5QuicnrPzcLo26g
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NTBDM5WD213RP14GDKZQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2YFFdJl5QuicnrPzcLo26g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame A1EE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=out3yzYCSbOoIudcrm-WeQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=out3yzYCSbOoIudcrm-WeQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=out3yzYCSbOoIudcrm-WeQ
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GSCES4MRRYF3DG1E61T8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=out3yzYCSbOoIudcrm-WeQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame A1EE 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.168.32 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A1EE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4f611b87-1c59-4f3d-9fd9-fed741d60c2b&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4f611b87-1c59-4f3d-9fd9-fed741d60c2b&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4f611b87-1c59-4f3d-9fd9-fed741d60c2b&expires=30
Date
Sat, 30 Sep 2023 04:19:47 GMT
Connection
keep-alive
X-CI-RTID
ccbba5a1-4ef6-4abc-8605-06e6b8db81ae
Content-Length
144
Content-Type
text/html; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/ Frame A1EE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
hb.yahoo.net/ Frame A1EE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN5IXWWE-H-7WK3&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN5IXWWE-H-7WK3&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1aQ3NpZk50RTJ1R0V6dkVDSFRtcGVObXdoeEg2RE1yR35B&ovsid=LN5IXWWE-H-7WK3&dpid=58160
53 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1aQ3NpZk50RTJ1R0V6dkVDSFRtcGVObXdoeEg2RE1yR35B&ovsid=LN5IXWWE-H-7WK3&dpid=58160
Protocol
H2
Server
23.204.152.160 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-204-152-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 30 Sep 2023 04:19:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 30 Sep 2023 04:19:47 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1aQ3NpZk50RTJ1R0V6dkVDSFRtcGVObXdoeEg2RE1yR35B&ovsid=LN5IXWWE-H-7WK3&dpid=58160
date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generate_204
tpc.googlesyndication.com/ Frame F5DE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?myJstg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F6FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE41SVhXV0UtSC03V0sz
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELAOyKchp054VjWdIzc1sOI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41SVhXV0UtSC03V0sz&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame F6FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S2PuJmMgnCVm6YoPOCzHQQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dg9iG89E2oLKpUUoJHbiBXOTYklITl19yYBnvw--~A
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dg9iG89E2oLKpUUoJHbiBXOTYklITl19yYBnvw--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Dg9iG89E2oLKpUUoJHbiBXOTYklITl19yYBnvw--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame F6FD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B348LIh6RJeVHD0WysfPRg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B348LIh6RJeVHD0WysfPRg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B348LIh6RJeVHD0WysfPRg
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R541MQ080BKP1TE5ZJ63
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B348LIh6RJeVHD0WysfPRg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F6FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Q2YjQ0NWUxYWVjYmRlNzY2NWYyNTI0Y2VlM2ViZTczMjk4N2QzZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F6FD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=004160ae-4766-4bad-8aee-20a9b836ef0d&gdpr=0&gdpr_consent=&expires=30
date
Sat, 30 Sep 2023 04:19:46 GMT
server
Kestrel
content-length
289
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F6FD
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2Moqd8VVSBWgOvYoC9pLjw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Moqd8VVSBWgOvYoC9pLjw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Moqd8VVSBWgOvYoC9pLjw
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3ZJRS0AXZRZ3XK8RQ2RA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2Moqd8VVSBWgOvYoC9pLjw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame F6FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8DD7DB8F07BC44658044B3088568402E Ref B: YTO01EDGE0421 Ref C: 2023-09-30T04:19:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYGi9n2jzB8MQEJYmJ3hw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN5IXWWE-H-7WK3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F6FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPc6RR7daXMqblSqAd-IPGU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp
match.prod.bidr.io/cookie-sync/ Frame F6FD 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.168.32 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
Date
Sat, 30 Sep 2023 04:19:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame F6FD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN5IXWWE-H-7WK3
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LN5IXWWE-H-7WK3
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LN5IXWWE-H-7WK3&ckls=true&ci=BSBXThvFfo&nc=false&trid=12216973
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LN5IXWWE-H-7WK3&ckls=true&ci=BSBXThvFfo&nc=false&trid=12216973
Protocol
H2
Server
52.85.132.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-68.iad50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:47 GMT
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
yhCC6z9eghYnLh43IecU2_-thyPZY6TnZ975FgOKzoh280RfI58Obw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Sep 2023 04:19:46 GMT
via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LN5IXWWE-H-7WK3&ckls=true&ci=BSBXThvFfo&nc=false&trid=12216973
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
bycpQfI1sKhjti6XRMTkZ22lATU4kDsZ9ZIs7upseRiH4_tWi7Pk6Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F6FD
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1535596f-7a5b-4afa-8ffc-dab7eb7e5891&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1535596f-7a5b-4afa-8ffc-dab7eb7e5891&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1535596f-7a5b-4afa-8ffc-dab7eb7e5891&expires=30
Date
Sat, 30 Sep 2023 04:19:47 GMT
Connection
keep-alive
X-CI-RTID
fc75598c-9d86-45ab-9571-4d06ee02f752
Content-Length
144
Content-Type
text/html; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/ Frame F6FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 30 Sep 2023 04:19:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN5IXWWE-H-7WK3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=3609365273053077&bg=!sLOls_zNAAYEJRtnJCU7ADQBe5WfOFVSLn5lLEhJAUXFX8dHugx8KG_-PwFpYh3FcRPgG3ejFHEjev3_-v7-qp2bNH16AgAAAEZSAAAACmgBB5kCvvFyTzUtwgkvA58ttlOUUgZ-FZosF2xeuo5jcjtYpWi8R-mmVfp_K2e_qxe22pAH8oPSqowMOcDz1BqnwMmjR9flPHswi5op-tF0LHHAxROKhdWYh_xrQo8uquRenqnrh_uUStQllgHhJYJXwv3T30CWYwYjg26DOnTh5TjNQdX-QcvurzJOvz3gHvN6bVvCxLie27bOH3KvrowtdZROvUsiWzu6IAGL0Gpd5PkYqeL41Vei3x5x1poNYM9_CLt1_U3bRZ4pfURRcM4NZP-lR6Bx2xFvs08MJRGEqkUsNZXYx9s7w1palFm4HslshvBAKgInGLKCpHj-5Ws9W6iGiy9_lahq3ky9YqFf9Rj08QgPwx8x3UrhH6EMt9GoDnQuqUEyG05EDZ7FMWUX4MK-mZjqwuNJ6-e0aXQoNQhsyztEkoynQ-iEXdXXYI_ihR_JQuz4GbAGYXBNsA6JF84tWzBXe89JQNEDt5xpyKY4o61KcoKhLcoAsPOve-XOK9sBVCmUTmzs_kjude8MyD5fcy3dhnBTtlUTrC00zWc8U5H-QMZ1dzSBz17NlSIooS04zUlKHsSFnZhNfcysmoKatqN0LpkpxoC6V_0r25gJZUksse9ZP6EpuQXs1AmMt1saVG_Mw2YM-HDJZIilHY1UXKiaciFiYFDENgYTJIJGUV2jhX2BQDMI2WoAUS9-X8k36SvxyuhnrXS5grawbuj6yLbUYLPDrpw4G3UTAf0kVw9tmbXY57AsgCAFCAu__dZbCBhMYITGVHSK1EX-ZV0WwWMkXhGEKAoIVL8HFZAx5jbfBVV3q8gQbZSfb7y1TELr-pYam9najxG7lz1lvyqt2DoQKfX1k90ibNVSzt65fxJWE0J1WxFfg-1nNqb7M7doOHZwWPdLv3GK3R_dSGlRiXDfMA257KTh5d6Ak8PYcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.letsbeardown.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/api/config/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23394&site_id=500722&zone_id=2984242&size_id=15&alt_size_ids=2%2C16%2C31%2C39%2C55%2C57%2C79&eid_pubcid.org=e5e1016a-0d25-4fd0-ad01-a1e9948b6392%5E1&rf=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.domain=letsbeardown.com&tg_i.page=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.pbadslot=div-gpt-ad-3176421-1&tk_flint=pbjs_lite_v8.15.0&l_pb_bid_id=875c61a358be9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4338973876501313
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23394&site_id=500722&zone_id=2984242&size_id=15&alt_size_ids=2%2C16&eid_pubcid.org=e5e1016a-0d25-4fd0-ad01-a1e9948b6392%5E1&rf=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.domain=letsbeardown.com&tg_i.page=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.pbadslot=div-gpt-ad-3176421-2&tk_flint=pbjs_lite_v8.15.0&l_pb_bid_id=9b16fda22934f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.41880947611982045
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23394&site_id=500722&zone_id=2984242&size_id=15&alt_size_ids=2%2C16&eid_pubcid.org=e5e1016a-0d25-4fd0-ad01-a1e9948b6392%5E1&rf=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.domain=letsbeardown.com&tg_i.page=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.pbadslot=div-gpt-ad-3176421-3&tk_flint=pbjs_lite_v8.15.0&l_pb_bid_id=102479d1c1a0e75&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6689782959416875
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23394&site_id=500722&zone_id=2984242&size_id=15&alt_size_ids=2%2C16&eid_pubcid.org=e5e1016a-0d25-4fd0-ad01-a1e9948b6392%5E1&rf=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.domain=letsbeardown.com&tg_i.page=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.pbadslot=div-gpt-ad-3176421-4&tk_flint=pbjs_lite_v8.15.0&l_pb_bid_id=1108c4773ba46cb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8252574294770225
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23394&site_id=500722&zone_id=2984242&size_id=15&alt_size_ids=9%2C10%2C16%2C67&eid_pubcid.org=e5e1016a-0d25-4fd0-ad01-a1e9948b6392%5E1&rf=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.domain=letsbeardown.com&tg_i.page=https%3A%2F%2Fwww.letsbeardown.com%2F&tg_i.pbadslot=div-gpt-ad-3176421-5&tk_flint=pbjs_lite_v8.15.0&l_pb_bid_id=122b84520e73c55&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08533864369161082
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CURPE8U4
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDvyfEgA_ADLa30gQY5_s4A&google_cver=1&google_push=AXcoOmQQoeq206N5TzZmRyRtp6ivEafLpgjOXhIpfvd8m-SiJokpp5R_LuPCUD-k4O0wyiwQ1R7w8gSwBc5h_Mnmf0ZvRC_rUws
Domain
a.rfihub.com
URL
https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEFA6azzc0JI3o6wOCanxU-Q&google_cver=1&google_push=AXcoOmSVD525g5hsFpGEu36Be7pcZCIvNmY9fK4qpqmLkdPEeC2mJREc43WZCMq-z9diRjiVGRQNs51DS34PxcyqN5gcCVAlq7sAag
Domain
s.uuidksinc.net
URL
https://s.uuidksinc.net/match/47/?remote_uid=CAESEBqA92hDaA3NkLRwQe0d9-E&c_param1=AXcoOmSQfAibdtiTxwZa1jcDYvC8svUq3erCTJSG9s5ea9dB_P4lvmPoP1qFUE7QUs7yZfINIl9d67xe1lvDIkUvR3V3et25K-EP&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1
Domain
rtb.openx.net
URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIApM5NlA86TGP-6fMsJ2kA&google_cver=1&google_push=AXcoOmTQDSDqQyi5P3b_uuNcbuHm4oGLC9JPtIv85-guR9OlnXXq8chpOPY5kv77DKgcMDSefYnQqYEiQ2iUC02iezW4v_UaLdj-
Domain
ius.ctnsnet.com
URL
https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEM0B76FJbch97xC4B9VgiQg&google_cver=1&google_push=AXcoOmSzIh6dSskF0mi_ZlruJGyhwifvpd1tk0cURsiCrF5SvxNdAqKZNcMd_PL2DMfHK9EV4Sz5V5l6h-l3f8VvgCAV3qCww_ftVjUJhnRPYehT0D3lcaJ7f7ZxcvpGlHEZlEa_8BLfnIFQ
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKiRBIB9tUiUCKvZBGelGjY&google_cver=1&google_push=AXcoOmQPdzy0ecUZwJprpuWCtHKvd_WBaJljCYye3Z3FZlND2EsS-K2GccoUYGI8LLnN0d_O60wSf7y9nzPgusg7d7lNyIV7wgLbsTP8ZgbM1c-XMWHx9Tsi5hF0P0D2xa-M3IFDwPAkC2iY

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture function| $ function| jQuery function| fct_change_score function| fct_alert function| fct_confirm function| fct_tooltip_admin function| fct_to function| w3_open function| w3_close function| fct_menu function| lookupTop function| cleanTop function| isDate undefined| AdSlotAnchor object| AdSlot0 object| AdSlot1 object| AdSlot2 object| AdSlot3 object| AdSlot4 object| AdSlot5 number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| googletag object| pbjs function| initAdserver boolean| parentAccessible number| _timeout object| _vendors string| _gdprTimeoutConsent function| getTCFVersion function| getCCPAVersion object| fskWindow function| Sizzle function| fskLib function| FSK_parseDFPKV function| FSK_getExtraParameters boolean| FskHasLoaded object| _fskparameters function| _fskParseGetParameters undefined| fskffc undefined| fskcfc function| _fskInsertScript function| _fskProcessInsertGDPR object| as function| gtag object| dataLayer number| rebours_nombre_120 function| init function| fct_decompte number| rebours120 object| pbjsChunk object| _pbjsGlobals object| mnet object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager function| FskAds function| _FskGetCmpId boolean| _FskHasGgl object| _fskadsparameters object| _fskadunits object| _fskgeo function| _fskAddListener object| _FskAds function| FskRequestAnimationFrame boolean| isAllowed object| sas object| sas_snippets object| GoogleGcLKhOms

86 Cookies

Domain/Path Name / Value
.letsbeardown.com/ Name: _sharedid
Value: e5e1016a-0d25-4fd0-ad01-a1e9948b6392
.letsbeardown.com/ Name: _sharedid_cst
Value: zix7LPQsHA%3D%3D
.sharethrough.com/ Name: stx_user_id
Value: 5116702f-3784-4113-bb05-f97651bcd995
.lijit.com/ Name: ljt_reader
Value: HZ-DcBZHZcR9b_FAT-KAN0tx
.letsbeardown.com/ Name: __gads
Value: ID=34cd3b35d681c77f-227b251974e400cd:T=1696047576:RT=1696047576:S=ALNI_MYYo0hCKVt5CxXvbZzTbDs-13iFiQ
.letsbeardown.com/ Name: __gpi
Value: UID=00000d95f83a678b:T=1696047576:RT=1696047576:S=ALNI_MY3VnP7BxFESxW6k6Jg2BjzV-imDw
.casalemedia.com/ Name: CMPS
Value: 1423
.doubleclick.net/ Name: APC
Value: AfxxVi7HiZti7mn1uuYbFj2LV05BpwDspAaWnHN0xeg88tTMU4EWFg
.casalemedia.com/ Name: CMID
Value: ZReh2sG3tvF0XybYl2BPCwAA
.casalemedia.com/ Name: CMPRO
Value: 1423
.doubleclick.net/ Name: IDE
Value: AHWqTUlUT0OLM-9WLdKJk36fSsWqh4RADNop0MNVXlXvfKLbuc-hkjz4XEp1b5ppubM
.blismedia.com/ Name: b
Value: 6517A1DA929AEBF2528AD057BLIS
.contobox.com/ Name: ContoboxGetCode
Value: vSqIKwPRzd3z
.letsbeardown.com/ Name: _ga_8C2XWZXZ5F
Value: GS1.1.1696047579.1.0.1696047579.0.0.0
.letsbeardown.com/ Name: _ga
Value: GA1.1.990885962.1696047577
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 863773266764103576
.adnxs.com/ Name: uuid2
Value: 5004565173662668988
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GUhMMFXK!@wnfH8K6pQK`!5=E<*L5?%K/0r9z$2*Kqoa'#.Jms_UDc?1zR?[1!'LVrdt*bpRz*qF1`*b_i?*>-zD
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-a3e50e02-eba5-3b7d-a685-b894362678f1
.owneriq.net/ Name: si
Value: Q7493339811289669061P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 64357859f59906b7
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_9402a772-5f48-11ee-9b88-1297b61989fd
fksnk.com/ Name: AWSALBCORS
Value: ZViFX2fRkxTteRmLV1CT6sOpNaWu4SRg5dUir24Di4ZmKKfVX4pLbPp+TKhmAo2BBu0+zGvh2W0hSM84qyACed4FqWrdINKUaGusQoPH24KBF+9ad9XAl+Fo+qlw
.fksnk.com/ Name: f_001
Value: 9560BD2CCFA014B9
.fksnk.com/ Name: g_001
Value: 1
.contextweb.com/ Name: V
Value: GVIYBS4C8cfP
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1n5b|7bs.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7a9ac2470ebab339
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: e05ad052-164b-5311-b2a6-9be0d7b13a3e
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZReh3gAO2MhSx74M3DRNHglwdY_19t-ZcxpX6g==
.freeskreen.com/ Name: a
Value: NjA5ND0xfHw7
.bing.com/ Name: MUID
Value: 3C61C8C4DFAE62FE2D2FDB58DE8463AE
.c.bing.com/ Name: MR
Value: 0
.adsrvr.org/ Name: TDID
Value: 004160ae-4766-4bad-8aee-20a9b836ef0d
.bidswitch.net/ Name: tuuid
Value: 53d5fc28-828c-42bc-91a1-23062d736a47
.bidswitch.net/ Name: c
Value: 1696047583
.bidswitch.net/ Name: tuuid_lu
Value: 1696047583
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d23100%3b%24sw%3d720%3b%24sh%3d1560
.smartadserver.com/ Name: vs
Value: 104685=5650819
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314513856%3B%24ql%3DMedium%3B%24qpc%3Dm3h+6a7%3B%24qt%3D93_2124_19080t%3B%24dma%3D0&c=1&l=-1691405731&lo=-472414544&lt=638316443835885877&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314513856%3B%24ql%3DMedium%3B%24qpc%3Dm3h+6a7%3B%24qt%3D93_2124_19080t%3B%24dma%3D0
.tremorhub.com/ Name: tvid
Value: 1d6492d162034a0b9fe8024f5880f747
.smartadserver.com/ Name: pid
Value: 9117547341720585190
.tremorhub.com/ Name: tvssa
Value: 1696047583628
.admanmedia.com/ Name: admtr
Value: 1f6c48ee-bb64-4515-8c16-aa593ff4562f
.admanmedia.com/ Name: ac_r
Value: CS89
.exelator.com/ Name: EE
Value: "b37c9a311ab72b6d684d218a72bedd48"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHJ2DzZMtHY0DAxydwoySzFzMIkxcjQIhHISU1JMbFYXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0i1zpnFOXnpir45idl5qSuAMuEuQYtNjQ0W5JflJm%252ByNlxcVFKGsOikuJTwUeLNADRyyya"
.pswec.com/ Name: tuuid
Value: a188fde1-f28c-481b-802e-31d7567a2dc2
.pswec.com/ Name: c
Value: 1696047584
.pswec.com/ Name: tuuid_lu
Value: 1696047584
.pangle-ads.com/ Name: _pangle
Value: 2W6KS0f8yz40uoLOKx7yZijVUsP
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 9d5659b1-fc9e-41b5-a6b8-5b81fa473a74
beacon.lynx.cognitivlabs.com/ Name: ss
Value: LV3O3re%2BtcIpmqUuUnE%2BX3uuqg21r3SDLx1XkbnSfF0tl9GxfnDlrqSoWl3BK1h26JyS8Vv4gYfbTUiICH6f2A%3D%3D
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI8NiCltDdoDwQBRIWCgdydWJpY29uEgsI7qyNr9DdoDwQBRgFIAIoAjILCMTOy8Lm3aA8EAU4AQ..
.id5-sync.com/ Name: id5
Value: 6bbf0d08-9be1-765e-b192-e617acec2764#1696047586012#2
.id5-sync.com/ Name: 3pi
Value:
.rubiconproject.com/ Name: khaos
Value: LN5IXWWE-H-7WK3
.freeskreen.com/ Name: scmtid
Value: "dGxyaWQ9MWQ2NDkyZDE2MjAzNGEwYjlmZTgwMjRmNTg4MGY3NDd8MTY5NjA0NzU4MzY2OCZzY21pZD1oYmVkaWZoZWFnamdicVFqVXNVSVF0U3wxNjk2MDQ3NTgzNDE3Jm1naWQ9TE41SVhXVkItQi03TVNHfDE2OTYwNDc1ODYzMjcmYWNpZD0xZjZjNDhlZS1iYjY0LTQ1MTUtOGMxNi1hYTU5M2ZmNDU2MmZ8MTY5NjA0NzU4Mzg4NyZuaWQ9YjM3YzlhMzExYWI3MmI2ZDY4NGQyMThhNzJiZWRkNDh8MTY5NjA0NzU4NDEzOA=="
.yahoo.com/ Name: A3
Value: d=AQABBOKhF2UCEIT013_sbyi6lNWiOXNBam0FEgEBAQHzGGUhZQAAAAAA_eMAAA&S=AQAAAhDIjwXgyPztxslN79ushdM
.tapad.com/ Name: TapAd_TS
Value: 1696047586474
.tapad.com/ Name: TapAd_DID
Value: 04990fc7-d940-4df5-a34d-b42a24f7cebf
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.primis.tech/ Name: csuuid
Value: 6517a1e2a619d
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2e7g:19e0~2e7g"
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: BSBXThvFfo
.hb.yahoo.net/ Name: visitor-id
Value: 3390491879025808000V10
.hb.yahoo.net/ Name: data-mag
Value: LN5IXWWE-H-7WK3~~63
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1696047587168
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUckpLcFln
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 1445990258#1696047587165#0#1696047587165
.ipredictive.com/ Name: cu
Value: 1535596f-7a5b-4afa-8ffc-dab7eb7e5891|1696047587260
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3095:u=1:x=1:i=1696047587:t=1696133987:v=2:sig=AQEUhPnGKe68tbe4vXGPCK4dBLuQhYOR"
.linkedin.com/ Name: bcookie
Value: "v=2&fd915734-7b19-42f1-8d01-1c5d519460f3"
.amazon-adsystem.com/ Name: ad-id
Value: AwCni4SFDU0mr6NmcW8kni0
.rubiconproject.com/ Name: audit
Value: 1|G+J9ylbiAbib6TtiBrmYeJNBRTuLqrmcTldLQBo1dK4hGZT+DLU/uzFR2s6aNUUOqZ60XzbDZXQiZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542527489535740&output=html&adk=1812271804&adf=3025194257&lmt=1696072776&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fwww.letsbeardown.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696047576482&bpp=4&bdt=610&idt=135&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1545367369835&frm=20&pv=2&ga_vid=990885962.1696047577&ga_sid=1696047577&ga_hid=891389481&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078200%2C44798934%2C31078320%2C31078301&oid=2&pvsid=3609365273053077&tmod=1509486628&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
aax-eu.amazon-adsystem.com
ads.betweendigital.com
am.contobox.com
analytics.pangle-ads.com
ap.lijit.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
btlr.sharethrough.com
c.bing.com
c1.adform.net
cbmedia2.contobox.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
cs.admanmedia.com
dclk-match.dotomi.com
dee6acb00f08eb3220e81760af8dc47b.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.yahoo.net
i.markerzone.com
i.marqueur.com
ib.adnxs.com
id5-sync.com
images.homedepot.ca
ius.ctnsnet.com
live.primis.tech
loadeu.exelator.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.media.net
px.ads.linkedin.com
px.owneriq.net
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
sb.freeskreen.com
scm.publishers.tremorhub.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
shoppable-api.contobox.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.freeskreen.com
sync-dmp.mobtrakk.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.smartadserver.com
sync1.intentiq.com
t.pswec.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
ww1772.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hetlmedia.com
www.letsbeardown.com
x.bidswitch.net
a.rfihub.com
eb2.3lift.com
fastlane.rubiconproject.com
id5-sync.com
ius.ctnsnet.com
prebid.media.net
rtb.openx.net
s.uuidksinc.net
sync-dmp.mobtrakk.com
104.102.115.151
104.17.25.14
104.18.27.193
108.138.85.126
13.107.21.200
13.107.42.14
13.224.214.16
13.224.214.26
13.224.214.89
142.251.16.106
142.251.16.132
142.251.16.139
142.251.16.94
147.135.119.115
151.101.129.229
151.101.130.137
162.19.138.116
172.253.115.148
172.253.115.156
172.253.115.95
172.253.122.156
172.253.122.94
172.253.62.132
172.253.63.154
172.253.63.155
172.253.63.97
172.64.174.36
18.238.4.110
18.67.76.65
184.25.127.90
184.29.130.170
185.167.164.43
198.148.27.131
20.127.253.7
213.19.162.90
23.105.12.172
23.105.14.106
23.192.31.127
23.200.0.203
23.204.152.160
23.66.192.65
23.92.190.74
3.225.218.10
3.226.142.250
34.111.113.62
34.205.126.186
34.227.12.45
34.233.239.154
34.235.214.237
34.236.127.74
34.237.90.245
34.96.105.8
35.170.132.10
35.211.178.172
44.213.141.94
44.238.141.43
52.202.64.188
52.206.108.195
52.223.40.198
52.46.151.131
52.85.132.68
52.94.222.140
54.159.168.32
68.168.112.242
68.67.179.166
69.173.151.100
8.18.45.140
8.39.36.141
80.77.87.166
96.46.183.20
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
079ec5342ae21cb4c239a79896e2db74d37877995da7922c9280c5f8e4016085
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0f2e242b01e1d051c2d7d6025d21e37bb64d31933577b6e7795aa375effaf5
0d6aaac889cacf6ca8674fb653954d26e30e31e411deef3e80e5546aa44835b5
0da0895d436994f90660cb477b233758ee0c7656a62982dabbad37331869f206
0dc12dea8574b37d4ca562aaa371b9bde2f402502bd6cf9145c460f8c7c9a269
0dfc9e7bab66cfdf4358f3cd17589aacd7e4875fed3ef29d3df54573f166812e
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14778e8cf9e9d5c89a9f5828837be5a13943ae8df4e4c33f5ffd99b626eb1f0c
15cb0def46c2aba14c42320504c43499f4ee0a7ca04d0e08962f87dd9cd96618
194402684f6a65ee2573ef5ca709c112a13bbed554dba85b669ce50c063677b4
2013f2b4b0adcfacc2e150ade507273dc56db054a992774f6f6e68306afb90de
202400ae1999494068b41dee6ff769771869af456b37ef1eb2792edc0d37880a
25f7de18456f8651da6b52f51c4d53e4c36f1d27d2e73757a6ea8ae7e705c693
28db542a67cfc4ae17be75efc2a73df125491488d50f23a933779be6361a2ea0
2b80a890bd60b6f527cb7cbc7ddc04ba4040fb7ea57885c7e7882f538264f2ef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42bfa22673471da4706a87857a4e35a3053ff5fa6b3a12f13d9b3d9ff6a8a2ee
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc1151b79543604e857a63f6d2021182255a40f2b7f12c88cc2421ff848d8cb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e4e384614ce3a5a811987f39ac22489edfd14d6c7aca83971c82f66c5650d8
51ec93b9fb1491ccc1bb582cefbf62dd0d9d5be7def1b7cc480cb29b9597b7df
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577ed2bc22ea1498673c3775edeca6d75877d9bc05e029ed4e831981e776ad26
5863de83de86bc9d0c9ca7c8a788a62ee645e6ca5a8b7ca2039464dda56832b6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61129dc0126d5ac7fd4b374f3966021fcaffd5105f6e14cf2232d2d5e2cdee48
61a41c0b6ce42dc4eadf7169911fb1dfdef4e0de19f6440f62b099ee674326dc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65589d5781455659638973c64fcbbc7fac84f75847a5eede37389b36fa0a4b02
66780d9c252dbe704f2cb616e10c1624f1d1cade23e14eb2812c762c39126cb9
668a39e07be23f3fcf19b02509b3eb6a7f4efbacd69ddea04f60f9d7fe6b5346
67cc8037f604770f627561fee645f433e7376ae396035885d7057f025a0586b2
6b2e8cdb95b950cd8645c769dc6caf9958e3e223d9372ccae776286b7b44b989
717b10593d54204f670e8962fbe282f51357d361b0cec4ec5b979429fe08f86e
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
7622c7ba8dc2b4038bdc037e4070a27af49a9f95139818dea0e5b3eaeaed2407
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83572aadd1e2df35bc88ff0897d21208aaeee93b2566bae1a1483f6e2bba35f3
83870583abadeefc02653eea60e93a24a7845fc2ef14a7d3de1ab9e2987fcb75
8893fb4b876d1baa9d9f2c0e2c48e2b644caa0bf63890bfdbbb57c8de8d43e83
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c5098d55718ef77198d850ac39f6eebaee857b6bb311a39cea1a0fb1a9c56e7
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
92c877164210ac336c5bde8e0a9d12e3a9a5379299784241489c65ce1719ed8c
9578fa3dafa5207b612a55bb0d512c53f9c50299a402e53ac7da33fb2cc3f8b6
99027100b2c3972a0998e599ec43cdb66476a675eb53f543eba0dd3cb1aa9bc1
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c3845d4dd8d78733663853bf765f4478e628ba16af69aed4ff83f715b097c30
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a712add12c2aef523f34bafb5e73fa5a595c1656f2d2b2ad690f84a92b644bf1
a83f2a96bd33982c4d3f4f1b66e50d92e65a85357310930f8853746a8a7f5693
a8502a6a0c17656490145cf014b905ddb494eb5c0bc71079576eb25a625f84a8
aa42aa0f9e28e0e6948932432a41c4b2588b1f53b0f7dfa3cf427fa1d96129d7
ae7e484017dd2528378ab17a66740095f9087f4489efefe16d295ffd01c125a4
b0cbdfb3b821a07f673744cd4d3d20a67712a161e897d170bb2ed5897c003ed3
b0e1b217818b5fb03aa740115f3133d7e38f527a77e4059eb73ce6852314db3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2595d7538b004d12ee6afbcee1b34e5e209d178515c9995129888823581c800
b28ff9c30b36f667fcff20ba95a3eff71335c901c855e0ca5e50f057d0f7aa3a
b495aa0e5fed4d5b40f3c25dba67eaa14e8346389f0cd6e46fd973858163963b
b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f
b655378edefec880f4a04f926f8b17e4ebff9e35f2c5b51ace7bfc5c2d1e7070
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b83bcaff73aa4c71deff5473c106c68d45ef9ed05adadb03d866d824314093b1
bb8c34012fba5143653013ef74900fc346dc115bc642b51859811df54354c141
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
be2a7c7cddb27661d4a10427fe4ea9d5074e8613573b8c8dd98a878f54cdea0d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c59eeedd897a679af574c86f0f5a7ac24aefc9a6069294f582f97822ceb8d4fd
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
c80cac907a7bd1e6e9108422f277023d41967a4b4935f1946186e32ca64ce327
c8aed600ae0333589b1c3dc3e32f6f969079ea34c542de7b5c723a9533b98f8c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdcca3049169219957ad45c3dd3781c943ddd5d8330347306a2246695ff2e231
cdf75f75d11b1874bb255aa0d5633d2528eef0650d55b18051ab223c53c53cc3
ceba625fe8956207881980b8a4529bf13f84c08623cc056581e336eb8fcfbb25
d365d712fb1627bddd0366d23ff4c427e71c404d9587bf6085ab921f239bcd8d
d499e6ea1906782f11dcd21f8c968e1c1ef1846ee5a9ef9e63ac00dd18733e73
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
d6f60200124a7e70d4f57c1e7a6aadd8456d8862f1f3fcdf6a4f4494890938c4
d765bbbec96de405abdb7df6790328ad4fbbc6b589ccba8aa73168fde53addbc
d76d2f5ee050a3b33f73d1d8fe8786083bde741440dc440150521c0dd79657f7
d881b633e6dc5c1f0203ad56c886a000958c4b2ecdef1c4c3d1a982651885558
d94f916f26a0d583c9950e00454d770fe75fc4fb429059b3c4462d4decefd746
da3959967954f65109ef58a00893a4308f28d9cf7b70be19dd1c80d4a7935944
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd00b3856690c2bac674f6a8b4aea53679103f40d2e7e58a8d1ed8065903a6c3
dd6e6051d8a72522d1ad39abaa68eb81781d3364cdaf13532eb3133ab1f7ae46
e03515f92eb3f9da1542fda3aba456d358b7f77abf96502e315139ffb898ae6d
e070e3f23c6a6e5b7f163b25eae68ae56cbebe169447b87b714f2c9d4205c4c4
e0a0de4f7cacb142865b2b6de94d66632f05e06bb3d966d4a04ff7a37f228765
e1b7cb1503dd34e3746b9bdd714871a24ea2336b0b3724458ce1206d23b655e2
e232846bb1f93ad35f2423d7ec39f59300dbf4564ae05653b9950d52f49cbed0
e39a073ca78f3a0c3c3d9a8158f45a92d1fc89cf253a39f3d326b88d070a243a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e452999b9522408471506fd88525509af4a8afec5bdefee7f32c1b5a56fe7339
e55a10086153fee9f6320930360e6bc7677444e998ba8eee76da94a7a66da076
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
ea24f23e3904d8725fe2429924bfe5720279f477856440be7a208bee4609049d
edf40f11c44a39989aa8b6e0519d7ebc827cad99a553f1cbbb08aab7cf0f40c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f602f337563fe71807c0b4eedc29a4274c40bc55319274c552090da8edd22d
f57d3edf067e78a76f7436be8d0d5e99f1e297195c145443e304149f48742df2
f58f49b4e5bf6ee6b172f1267e640e42654c6df777566bd510146a3bf8b02ad7
f65c9334d6bd21e62dacbdfcae4e9b1e14f941b73cc49fa25dd619561f1f7420
f89b5073a0b8bff7506c2af940feed37961701609d66a74d07a88b70f30d018c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e