onlinehikes.com Open in urlscan Pro
2a05:d014:776:a63f:551c:5660:31da:fe01 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.onlinehikes.com/
Effective URL:
https://onlinehikes.com/
Submission: On April 24 via api (April 24th 2023, 11:02:55 am UTC) from FI — Scanned from FI

Summary HTTP 458 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 75 IPs in 13 countries across 69 domains to perform 458 HTTP transactions. The main IP is 2a05:d014:776:a63f:551c:5660:31da:fe01, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is onlinehikes.com.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time onlinehikes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:2ef1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
74	2a05:d014:776... 2a05:d014:776:a63f:551c:5660:31da:fe01	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e4:... 2606:4700:e4::ac40:a702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	99.86.4.122 99.86.4.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
4	2606:4700:e4:... 2606:4700:e4::ac40:a821	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e4:... 2606:4700:e4::ac40:a602	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.192.83.3 18.192.83.3	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
54	2606:4700:303... 2606:4700:3032::6815:55f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:3c00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.33.52 104.18.33.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
3	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	54.246.170.47 54.246.170.47	16509 (AMAZON-02) (AMAZON-02)
2 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.208.115.43 34.208.115.43	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	18.213.43.223 18.213.43.223	14618 (AMAZON-AES) (AMAZON-AES)
3 29	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	139.162.78.222 139.162.78.222	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7 7	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
3 6	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
30	2606:4700::68... 2606:4700::6812:ae65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 3	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	54.72.22.153 54.72.22.153	16509 (AMAZON-02) (AMAZON-02)
11	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 6	18.194.221.34 18.194.221.34	16509 (AMAZON-02) (AMAZON-02)
2 2	63.32.87.212 63.32.87.212	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:211... 2600:9000:211e:d200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2800:3f0:4005... 2800:3f0:4005:407::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2 2	54.247.79.230 54.247.79.230	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.171.31.74 54.171.31.74	16509 (AMAZON-02) (AMAZON-02)
5	2a02:2638:3::6 2a02:2638:3::6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	52.212.164.179 52.212.164.179	16509 (AMAZON-02) (AMAZON-02)
4 4	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2	8.2.110.114 8.2.110.114	46636 (NATCOWEB) (NATCOWEB)
1 1	95.101.54.217 95.101.54.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.72.161.227 3.72.161.227	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	64.233.184.156 64.233.184.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:8::7	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
458	75

1 2606:4700:3037::6815:2ef1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.onlinehikes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 2a05:d014:776:a63f:551c:5660:31da:fe01 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

onlinehikes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a702 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:70 (United States)

ASN13335 (CLOUDFLARENET, US)

app.convertful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a821 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a602 (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.83.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-83-3.eu-central-1.compute.amazonaws.com

videosvc.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700:3032::6815:55f9 (United States)

ASN13335 (CLOUDFLARENET, US)

streaming.humix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3c00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.52 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.170.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-170-47.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.115.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-115-43.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.43.223 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-43-223.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1558-222.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.191 (United States) 7 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.252 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700::6812:ae65 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.228.23 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.130 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.22.68.131 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.72.22.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.194.221.34 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-221-34.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.87.212 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-87-212.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:d200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2800:3f0:4005:407::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.79.230 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-79-230.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.31.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-31-74.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.164.179 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-164-179.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.45 (Castricum, Netherlands) 4 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.217 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.72.161.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-161-227.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:8::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-5hneknee.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	onlinehikes.com 1 redirects www.onlinehikes.com onlinehikes.com	683 KB
69	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 pubads.g.doubleclick.net — Cisco Umbrella Rank: 377 bid.g.doubleclick.net — Cisco Umbrella Rank: 986 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	301 KB
54	humix.com streaming.humix.com — Cisco Umbrella Rank: 39431	3 MB
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177 ade.googlesyndication.com — Cisco Umbrella Rank: 317	401 KB
30	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 9000	890 KB
24	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686 bidder.criteo.com — Cisco Umbrella Rank: 803 ssp-sync.criteo.com — Cisco Umbrella Rank: 1388	19 KB
16	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
12	smilewanted.com 1 redirects prebid.smilewanted.com — Cisco Umbrella Rank: 7054 csync.smilewanted.com — Cisco Umbrella Rank: 6291 static.smilewanted.com — Cisco Umbrella Rank: 14565	17 KB
11	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 942	1 KB
11	google.fi adservice.google.fi — Cisco Umbrella Rank: 284190	2 KB
9	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	39 KB
7	zemanta.com 7 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 813	4 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198	116 KB
6	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	3 KB
6	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	1 KB
6	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 520 fonts.googleapis.com — Cisco Umbrella Rank: 119	801 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 322	110 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679	5 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3166 google-bidout-d.openx.net — Cisco Umbrella Rank: 3148 rtb.openx.net — Cisco Umbrella Rank: 1886	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	195 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	19 KB
4	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 7151	7 KB
4	convertful.com app.convertful.com — Cisco Umbrella Rank: 123493	1 MB
4	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 12820 g.ezodn.com — Cisco Umbrella Rank: 15904 basher.ezodn.com — Cisco Umbrella Rank: 13245	196 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 875	2 KB
3	media.net 3 redirects cs.media.net — Cisco Umbrella Rank: 2272	3 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	71 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323 id.crwdcntrl.net — Cisco Umbrella Rank: 2256	12 KB
3	creativecdn.com 2 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083 creativecdn.com — Cisco Umbrella Rank: 682	2 KB
3	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 373 gcdn.2mdn.net — Cisco Umbrella Rank: 1407 r2---sn-5hneknee.c.2mdn.net — Cisco Umbrella Rank: 376428	2 MB
3	ezoic.com videosvc.ezoic.com — Cisco Umbrella Rank: 42068	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	172 KB
2	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 3732
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2547	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 825	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 35205	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 5438	1 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2474	24 KB
2	rfihub.com 2 redirects a.rfihub.com — Cisco Umbrella Rank: 3974	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	966 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6958	647 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	17 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	315 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1478 pixel.quantserve.com — Cisco Umbrella Rank: 1327	9 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1180	82 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 319	1 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 777
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 829	616 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955	481 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1341	434 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 883
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293	402 B
1	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 4186	305 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 5148	559 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1005	476 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052	45 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11316	287 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 14941	554 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 6708	614 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	265 B
1	connatix.com capi.connatix.com — Cisco Umbrella Rank: 3474	330 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3353	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1291	634 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	30 KB
0	richaudience.com Failed sync.richaudience.com Failed
458	69

	Domain	Requested by
74	onlinehikes.com	onlinehikes.com
54	streaming.humix.com	onlinehikes.com
30	c.bannerflow.net	9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com c.bannerflow.net
29	cm.g.doubleclick.net	3 redirects onlinehikes.com 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
25	tpc.googlesyndication.com	onlinehikes.com 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
20	securepubads.g.doubleclick.net	onlinehikes.com securepubads.g.doubleclick.net
19	pagead2.googlesyndication.com	onlinehikes.com 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	bidder.criteo.com	go.ezodn.com static.criteo.net
11	ads.yieldmo.com	go.ezodn.com
11	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
11	adservice.google.fi	securepubads.g.doubleclick.net imasdk.googleapis.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com onlinehikes.com
8	pubads.g.doubleclick.net	imasdk.googleapis.com
7	csync.smilewanted.com	1 redirects go.ezodn.com csync.smilewanted.com
7	b1sync.zemanta.com	7 redirects
6	x.bidswitch.net	5 redirects
6	onetag-sys.com	3 redirects onlinehikes.com 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
6	gum.criteo.com	2 redirects static.criteo.net go.ezodn.com
5	ssp-sync.criteo.com	static.criteo.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	csi.gstatic.com	imasdk.googleapis.com
5	ssum-sec.casalemedia.com	5 redirects
5	www.google.com	1 redirects onlinehikes.com 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com tpc.googlesyndication.com
5	9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	prebid.smilewanted.com	go.ezodn.com
4	www.googletagservices.com	onlinehikes.com 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
4	imasdk.googleapis.com	onlinehikes.com imasdk.googleapis.com
4	api.fouanalytics.com	onlinehikes.com api.fouanalytics.com
4	app.convertful.com	onlinehikes.com app.convertful.com
3	ade.googlesyndication.com
3	sync.1rx.io	3 redirects
3	cs.media.net	3 redirects
3	id5-sync.com	cdn.id5-sync.com go.ezodn.com
3	q.stripe.com	onlinehikes.com
3	www.gstatic.com	onlinehikes.com 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
3	static.criteo.net	securepubads.g.doubleclick.net go.ezodn.com static.criteo.net
3	videosvc.ezoic.com	onlinehikes.com
3	www.googletagmanager.com	onlinehikes.com www.googletagmanager.com
3	js.stripe.com	onlinehikes.com js.stripe.com
2	creativecdn.com	2 redirects
2	us.ck-ie.com	csync.smilewanted.com
2	ads.betweendigital.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	r.scoota.co	2 redirects
2	image6.pubmatic.com	2 redirects
2	ads.avct.cloud	2 redirects
2	script.4dex.io	go.ezodn.com onlinehikes.com
2	a.rfihub.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	d5p.de17a.com	2 redirects
2	mug.criteo.com	onlinehikes.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	esp.rtbhouse.com	onlinehikes.com
2	oajs.openx.net	1 redirects onlinehikes.com
2	fonts.googleapis.com	9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com app.convertful.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	basher.ezodn.com	onlinehikes.com
2	unpkg.com	1 redirects onlinehikes.com
1	googleads4.g.doubleclick.net
1	r2---sn-5hneknee.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	ib.adnxs.com	csync.smilewanted.com
1	match.sharethrough.com	csync.smilewanted.com
1	ads.stickyadstv.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	ap.lijit.com	csync.smilewanted.com
1	static.smilewanted.com	csync.smilewanted.com
1	lb.eu-1-id5-sync.com	go.ezodn.com
1	id.crwdcntrl.net	go.ezodn.com
1	id.hadron.ad.gt	go.ezodn.com
1	id.a-mx.com	go.ezodn.com
1	rtb.openx.net	9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s.ad.smaato.net	1 redirects
1	ssbsync.smartadserver.com	9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
1	s.uuidksinc.net	1 redirects
1	a.c.appier.net	1 redirects
1	fksnk.com	1 redirects
1	match.adsrvr.org	9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
1	m.stripe.com	m.stripe.network
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	capi.connatix.com	onlinehikes.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	pixel.quantserve.com	onlinehikes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	s0.2mdn.net	imasdk.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	onlinehikes.com
1	code.jquery.com	onlinehikes.com
1	g.ezodn.com	onlinehikes.com
1	go.ezodn.com	onlinehikes.com
1	www.onlinehikes.com	1 redirects
0	sync.richaudience.com Failed	csync.smilewanted.com
458	102

This site contains links to these domains. Also see Links.

Domain
twitter.com
humix.com
www.ezoic.com
ghost.org

Subject Issuer	Validity	Valid
onlinehikes.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.fi GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.ezoic.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-11` - `2023-05-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 50 frames:

Primary Page: https://onlinehikes.com/
Frame ID: E81F199FFB8F102B3C842868B61FBE84
Requests: 276 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 2DCA718924ABCA52DFB437785EC26163
Requests: 1 HTTP requests in this frame

Frame: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7788B9FB268066DFF2D686043C898A95
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html
Frame ID: A4DF1122D5BEF7C470FB8A330624BCDB
Requests: 29 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html
Frame ID: ABA62EDEB1107EF17F8D29CAC4134B52
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html
Frame ID: F553CCDF22108F99BA3ED681B56C2718
Requests: 1 HTTP requests in this frame

Frame: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C966F269C6181E262A93CC67926031BD
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F7D4DAA8F7A58C55F007FA6017E25AD4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: A587AD4B743D7AC134B8B9B58137C966
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=onlinehikes.com
Frame ID: 47F3C298B5081ED149E6C1EF2A49EDAA
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 115B97DEBA1CD1F9EDBEF4997F83D64E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D7799499A60DEA275172CC7B0132E884
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8051F8E710F5FD429AC831C6FF9B87CE
Requests: 1 HTTP requests in this frame

Frame: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8EBBEC248244281413941558E0FF4E2B
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: E6C9B7E2FC3C6073E0803AE9A3D74F42
Requests: 1 HTTP requests in this frame

Frame: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F86CADE9CA8A6C84EF738BC757E7508
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23771B7858C9EBD2FD413BE9F5DF9ABB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B51D1CB8CAFFD3885A8A90CA23505FE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5043B467C63C487E3E27FBF715686DB9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6796F08B711F584DA5AF7CDAB1C4A61A
Requests: 2 HTTP requests in this frame

Frame: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 89C1942160FBBDD4611931FAAAE23574
Requests: 17 HTTP requests in this frame

Frame: blob://https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/381f7478-95c6-41fe-93e7-006294efe9ed
Frame ID: 6283F869024CD828D889FE849B6748A8
Requests: 1 HTTP requests in this frame

Frame: blob://https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/1fb06df5-0e78-479d-b126-48c4cab0e9e1
Frame ID: FC2DBCB484C5988B1AA1F997458C8FE9
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F773f4aa2-0591-4669-85ed-d97f9a04f1e4.png&w=88&h=74&q=99&f=webp&rt=contain
Frame ID: 0043713613A047E2B96B76A680AD2067
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F773f4aa2-0591-4669-85ed-d97f9a04f1e4.png&w=117&h=133&q=99&f=webp&rt=contain
Frame ID: B6CE80690D9533A3BD17F31811226814
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/1db72228-51f6-46c8-928b-381151bc5a02.jpg
Frame ID: 6C2E6C06C4B2F26C975FEF5CEE92930B
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/a838c4cd-24d3-4553-8e5d-4e631f297a4a.jpg
Frame ID: 0051C2EDF611C2D74B13821AE6070991
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9A5C7DD4B14D2B848BD0E73477A02A9E
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 6F207AB450392292457A89AA023F33F2
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=onlinehikes.com
Frame ID: 9B73D904FBE5E798AC685E303ED09803
Requests: 2 HTTP requests in this frame

Frame: blob://https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/2d546169-83de-4b85-a584-20affb5088d2
Frame ID: 2F9CFC6B14B047A60334937C05176307
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 4D43BF4F727F62793D80C570D2411F55
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 1D2366DE86914F1FA26AC9CE4407CCC6
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 968B62F04E5F6F969DE93F34BA34407D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/?us_privacy=1---
Frame ID: 0B651C31F8F556DF8D3A79BDAEC2A72E
Requests: 2 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 89FB4D00C3D0287DF6FF900CFF03D078
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F773f4aa2-0591-4669-85ed-d97f9a04f1e4.png&w=117&h=133&q=99&f=webp&rt=contain
Frame ID: 693E35A0E2DA3A50C2890C122A335DFC
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/1db72228-51f6-46c8-928b-381151bc5a02.jpg
Frame ID: 5E372828C378B62E2579DCC2DFD919D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: ABB453AD1AA6C4EE6F0A1174708BCD9E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: FF0C8B80CDB83603E9BB8CFA1B28F2DC
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: C360AC03C7A19A0C52A8656CEFF963B0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003
Frame ID: 69B61865143C3544AA536A4DF15DCB41
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/582baff5-17d1-5272-b2ed-d852d6abb984
Frame ID: 00F88C8DEB5294F1FEC59EEBBAD431EA
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 2CE0D1357DE27605C8542BDAA34151BB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/35ea5ccb1d7cf646d71f91ff6b2ebf8a?gdpr_consent=&gdpr=0
Frame ID: F3584B9F4908271918B074A09B481CE2
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 5D7630D37F1070C740A23438117C0197
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 60CE060711E911A31DC49C413CDF574A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/jh9108M8WmOcxqvKpd8d?pi=smilewanted&tc=1
Frame ID: F117DC15C7573BB79F872CFB8DF24838
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=987bca91c0a849270284d484199c0bf9
Frame ID: 337D7D14E5803BDB0740849419A3D8E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E442E720B7E70AABB8C6173B4F3C220E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Hikes

Page URL History Show full URLs

https://www.onlinehikes.com/ HTTP 301
https://onlinehikes.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

458
Requests

90 %
HTTPS

48 %
IPv6

69
Domains

102
Subdomains

75
IPs

13
Countries

10833 kB
Transfer

18411 kB
Size

84
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/onlinehikes

Search URL Search Domain Scan URL

URL: https://humix.com/redirect?url=https%3A%2F%2Frafalreyzer.com%2Fhumix%2Fvideo%2Fd25a05cf68e93b1000e2d560de5bb742d7a5b2a21a60de6d5c2d3a8e7f638b2e
Title: YouTube for Entrepreneurs: Tips and Strategies for Success

Search URL Search Domain Scan URL

URL: https://humix.com/redirect?url=https%3A%2F%2Ftravelcontinuously.com%2Fhumix%2Fvideo%2Fbeacc75e843fa4051e80e6305441db18ade38b25a7dc97b76401f8144cf66bc2
Title: Zero to 1 Million+ on TikTok in 4 Months - Growth Hack for 2020

Search URL Search Domain Scan URL

URL: https://humix.com/redirect?url=https%3A%2F%2Freviewify.co.uk%2Fhumix%2Fvideo%2F372aa753204e733ac6a708310ead959726a6bad55ecb91676da2d906e34aac8c
Title: Editing Videos Online with FlexClip

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Powered by Ghost

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.onlinehikes.com/ HTTP 301
https://onlinehikes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://unpkg.com/@tryghost/portal@~1.4.0/umd/portal.min.js HTTP 302
https://unpkg.com/@tryghost/portal@1.4.7/umd/portal.min.js

Request Chain 153

https://oajs.openx.net/esp?url=https%3A%2F%2Fonlinehikes.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fonlinehikes.com%2F&rid=esp&cc=1

Request Chain 174

https://gum.criteo.com/sid/json?origin=publishertagids&domain=onlinehikes.com&sn=ChromeSyncframe&so=0&topUrl=onlinehikes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=0hWu03xUdldzM0tPMkVVRmxWYVZ4TFJ3Z2l6djJubndsaU5zNmpDNXFRTkJETGtCaC92dkpWSWZRY1RwZzUyQ1dmOUdXaXBsWnc4N1ZQTDR0TUxaMUl5ZU1IdEZtNTRyaGk3QlI3aHN3QWQ0Zm5LY2xHQ1FNRDZ6aUlwaWZxbDhzMGJXYk1mL2pHOTgwWlpLMVM4KzVkK1JXQWJTS204UDUvcXNlL25GalBXN3NmcWU5ZDBvWWJrSHpHQUMycHJnN2h4SGdGNTdoV1daUSs3UGdPNnRuSkJ1SlN4STVyWXVCL3JqK3Jha05kNWprWm1rd01wY3VtNDRiaDFuZ3VIUGZGcmtLamVYZ0tmdmV3OUFUYUR4ZmtaM0tOTXU5TytRcm92c05XTlI0RGYya1NHOD18&cppv=2

Request Chain 178

https://fksnk.com/cs/google?google_gid=CAESELcwYqmZMy1v6gHPsCmx_L8&google_cver=1&google_push=ATf1kGNQwnpivY8ZeddXVA8Rx4FxEP8ZvPPOe48jiWfmfUJQDgfzwiHuXFt5nx3WbzmeiiydBu4ZxxFpgZkuz7Rb5PrKcW9FBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTU4ODFFN0MzNzZFMDI5OQ==

Request Chain 179

https://a.c.appier.net/gcm?google_gid=CAESEKZrbB6XlaPbWgzA6WzwKco&google_cver=1&google_push=ATf1kGOdOO8t0hO_EZWYxjL7RY-hnlMDOiQLdYRSAHMaFtj2wCcqwYfiJQnMJKjTKOpiASO-bVPetsQWJiS0msXDWs3jnnHTKA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW81T3hveGJBQld6YV9UdjBtRkdaQQ%3D%3D&google_push=ATf1kGOdOO8t0hO_EZWYxjL7RY-hnlMDOiQLdYRSAHMaFtj2wCcqwYfiJQnMJKjTKOpiASO-bVPetsQWJiS0msXDWs3jnnHTKA

Request Chain 180

https://s.uuidksinc.net/match/47/?remote_uid=CAESEIV-XJPdhFnFa8a_gQAuMjI&c_param1=ATf1kGPoDvCkwoh5DoQGMkb6multt8X66Jy7XFUFxxZhrnUTIGIvKV6rkcsyDxncGGYp23_F8lXpm6Nhqnlczr1cjBBCsC4oYTU&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPoDvCkwoh5DoQGMkb6multt8X66Jy7XFUFxxZhrnUTIGIvKV6rkcsyDxncGGYp23_F8lXpm6Nhqnlczr1cjBBCsC4oYTU

Request Chain 181

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDPtTtA_cC4RpBY7Q HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDPtTtA_cC4RpBY7Q&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDPtTtA_cC4RpBY7Q&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=

Request Chain 183

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4AT_V1dOCS-0frgy5rC-A&google_cver=1&google_push=ATf1kGMIYj67qOGqqTDJ9FF8ZrLqukPOd7_zBgplI5kpFq9DGm52uYq8aKLouPkF9LLjpaV9EaCRn2lqlyzQekB0Sb-yySFqQYKD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMIYj67qOGqqTDJ9FF8ZrLqukPOd7_zBgplI5kpFq9DGm52uYq8aKLouPkF9LLjpaV9EaCRn2lqlyzQekB0Sb-yySFqQYKD HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 212

https://d5p.de17a.com/cookies/google?google_gid=CAESEGvkey7sE_m4F9CgM4boFGI&google_cver=1&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7DjRCdqDB3 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGvkey7sE_m4F9CgM4boFGI&google_cver=1&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7DjRCdqDB3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7DjRCdqDB3

Request Chain 213

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8xhTG7ZIKKCMGTto HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8xhTG7ZIKKCMGTto&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8xhTG7ZIKKCMGTto&google_hm=R2FmNmZ5OWRDYVhnN1RJQUJZWGo=

Request Chain 214

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAQraC9NX9f9TTxkhMVDWKQ&google_cver=1&google_push=Aer7DvLTVVrAMhpQrX2EVUJM4v5Tmf8mAom7xOV-xlvDDSAAOIP5AEvkkXjHhwn1ENwKx2i31b1p1IBt9fcxKO16tqkIkpm9_si5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSFotMVQtN1Q3NA==&google_push=Aer7DvLTVVrAMhpQrX2EVUJM4v5Tmf8mAom7xOV-xlvDDSAAOIP5AEvkkXjHhwn1ENwKx2i31b1p1IBt9fcxKO16tqkIkpm9_si5

Request Chain 215

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_cver=1&google_push=Aer7DvK6n0JnWlrIKMEg-S8IqILaKHxveELib3Qaxf9oe4eav6mmnOgfM9E0Mr1e5R3eV7ThRFA1mJpuJIdkx6_u1ud75MtEMMY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_push=Aer7DvK6n0JnWlrIKMEg-S8IqILaKHxveELib3Qaxf9oe4eav6mmnOgfM9E0Mr1e5R3eV7ThRFA1mJpuJIdkx6_u1ud75MtEMMY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvK6n0JnWlrIKMEg-S8IqILaKHxveELib3Qaxf9oe4eav6mmnOgfM9E0Mr1e5R3eV7ThRFA1mJpuJIdkx6_u1ud75MtEMMY

Request Chain 216

https://cs.media.net/cksync?type=g&google_gid=CAESEFgMM7tclNfHosrwWQ7J-8Y&google_cver=1&google_push=Aer7DvJdWwy5oAQgPbojBWpUxSFXUWIUWslYcerWdmQYREL_7PNY_nPFHMvSX3_IIlXnV3sDtOwoERzi8_VbmOE87hZetkquqH9N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvJdWwy5oAQgPbojBWpUxSFXUWIUWslYcerWdmQYREL_7PNY_nPFHMvSX3_IIlXnV3sDtOwoERzi8_VbmOE87hZetkquqH9N&gdpr=&gdpr_consent=

Request Chain 217

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEp7adscx7FJ0HC2eiNu8hg&google_cver=1&google_push=Aer7DvJXMsP0nFnF6voMcfUzX0DF2lJNQ3Weml3sc4j2Ok8qGnrEiyJeq2KmAIBkl7RB2Dws1--3m0xYiry672fSbU-zG2HuvLIWYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJXMsP0nFnF6voMcfUzX0DF2lJNQ3Weml3sc4j2Ok8qGnrEiyJeq2KmAIBkl7RB2Dws1--3m0xYiry672fSbU-zG2HuvLIWYg&google_hm=ODc3NTA4ODQ1MDY0OTc0NDU3

Request Chain 218

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4AT_V1dOCS-0frgy5rC-A&google_cver=1&google_push=Aer7DvKAvybb2JGvF_f0AtS2UkSwaecMJTcjzrd39P3uz4HRL1qP75nailD72g78XHU3oGhursBqVAROtuZ89mSpdrQipQznW9lXag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKAvybb2JGvF_f0AtS2UkSwaecMJTcjzrd39P3uz4HRL1qP75nailD72g78XHU3oGhursBqVAROtuZ89mSpdrQipQznW9lXag HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 232

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI9clFmrdJmzSdSiHTzKtEo&google_cver=1&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC42BpYLzCn-7EicEy3Zxhy3DORQX1fHJ1WdPSLTVOhKe4391GmkRzb_1NI HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI9clFmrdJmzSdSiHTzKtEo&google_cver=1&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC42BpYLzCn-7EicEy3Zxhy3DORQX1fHJ1WdPSLTVOhKe4391GmkRzb_1NI HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=5c3c05b8-d8a2-4755-87b9-9a1107d80457&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC42BpYLzCn-7EicEy3Zxhy3DORQX1fHJ1WdPSLTVOhKe4391GmkRzb_1NI&google_hm=8sHWcmtDQveBl8hfGVeOqw==

Request Chain 233

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8wHMYoVHvxzFJMh6_0tIYTsUPwmkT57gC-DmkQweyCmvqXKd9YdZD12lBZR6 HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8wHMYoVHvxzFJMh6_0tIYTsUPwmkT57gC-DmkQweyCmvqXKd9YdZD12lBZR6&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8wHMYoVHvxzFJMh6_0tIYTsUPwmkT57gC-DmkQweyCmvqXKd9YdZD12lBZR6&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=

Request Chain 234

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENfQQSqQOzXioHQtPnl23bM&google_cver=1&google_push=Aer7DvK9KT5uL6VOnZO8nnyi3K7wq5FWhtqLBjVkHc2Oi3flfsePNR9N5danosUNCZ5smCBFGpSoWXbV-J_1B0ORdKOqKt8ncv-tFBW_vkh1lWIX-U5fKklPhhGkGQ-sWBtFEc4cybYR78x1 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENfQQSqQOzXioHQtPnl23bM&google_cver=1&google_push=Aer7DvK9KT5uL6VOnZO8nnyi3K7wq5FWhtqLBjVkHc2Oi3flfsePNR9N5danosUNCZ5smCBFGpSoWXbV-J_1B0ORdKOqKt8ncv-tFBW_vkh1lWIX-U5fKklPhhGkGQ-sWBtFEc4cybYR78x1&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=opUau8BrQVyFO6T4bLgGwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK9KT5uL6VOnZO8nnyi3K7wq5FWhtqLBjVkHc2Oi3flfsePNR9N5danosUNCZ5smCBFGpSoWXbV-J_1B0ORdKOqKt8ncv-tFBW_vkh1lWIX-U5fKklPhhGkGQ-sWBtFEc4cybYR78x1

Request Chain 235

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAQraC9NX9f9TTxkhMVDWKQ&google_cver=1&google_push=Aer7DvL6_3QA4o32IJHGqzYYqrI24HZoQgrumGCjhd2c_2zJB9HMfrOzGwLxyuDwiVVzdj6cMqZ7oEtfWCwnbC1exIVzEn--XuoVg3V2t4L6o75tWyuLDCC-lfv8uEKnlXE1qlHfxFK7DHUh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSlAtMVEtQ0NCUA==&google_push=Aer7DvL6_3QA4o32IJHGqzYYqrI24HZoQgrumGCjhd2c_2zJB9HMfrOzGwLxyuDwiVVzdj6cMqZ7oEtfWCwnbC1exIVzEn--XuoVg3V2t4L6o75tWyuLDCC-lfv8uEKnlXE1qlHfxFK7DHUh

Request Chain 236

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_cver=1&google_push=Aer7DvKRDcsLrZsLlGIb7U5_ECNSfchzLU8Y_WIyPNhd_Y0dsgqhJIOxSrUkJ2t6K3aWT-MRef-LgqU3k5MW-0SyxvlN0JRw4wM8Siic0ohRJgIaGgxTV91fcNsY7wE9rxMop5UbG61AQOk2 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_push=Aer7DvKRDcsLrZsLlGIb7U5_ECNSfchzLU8Y_WIyPNhd_Y0dsgqhJIOxSrUkJ2t6K3aWT-MRef-LgqU3k5MW-0SyxvlN0JRw4wM8Siic0ohRJgIaGgxTV91fcNsY7wE9rxMop5UbG61AQOk2&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvKRDcsLrZsLlGIb7U5_ECNSfchzLU8Y_WIyPNhd_Y0dsgqhJIOxSrUkJ2t6K3aWT-MRef-LgqU3k5MW-0SyxvlN0JRw4wM8Siic0ohRJgIaGgxTV91fcNsY7wE9rxMop5UbG61AQOk2

Request Chain 237

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMywDD2IZkRXAUHBOQ6per8&google_cver=1&google_push=Aer7DvLE7i-_OnArZnxlxshWDVQGs30mOgumuGisYCV5uxdUAuSgmWic3JmXzC47QooAKlApQ8wsirexjg8K-IQk1eaPcfZbH3gau8j-wGuumgK6BKJueV9MhglPTgaYFu8toVdoxOVQwkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLE7i-_OnArZnxlxshWDVQGs30mOgumuGisYCV5uxdUAuSgmWic3JmXzC47QooAKlApQ8wsirexjg8K-IQk1eaPcfZbH3gau8j-wGuumgK6BKJueV9MhglPTgaYFu8toVdoxOVQwkE

Request Chain 238

https://cs.media.net/cksync?type=g&google_gid=CAESEFgMM7tclNfHosrwWQ7J-8Y&google_cver=1&google_push=Aer7DvLPkFsMyYepx8Rh-OdYw42qE47NDKUvPDxHobqcMryV1KiRcncuhbF8kNtKN55qPSDO9pZMPvoUAUUSBhJt2YSzoNJGsolgbzZLN7iv3-extAPm8biX_QZ1pmiriJ1ZtgAd3jrmTIL7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLPkFsMyYepx8Rh-OdYw42qE47NDKUvPDxHobqcMryV1KiRcncuhbF8kNtKN55qPSDO9pZMPvoUAUUSBhJt2YSzoNJGsolgbzZLN7iv3-extAPm8biX_QZ1pmiriJ1ZtgAd3jrmTIL7&gdpr=&gdpr_consent=

Request Chain 316

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI9clFmrdJmzSdSiHTzKtEo&google_cver=1&google_push=Aer7DvL8poxuCv9YM0Ov0S12TFjISwwA0pTxLzmZ9vYJ8dK_6uikRXzOOqqKYQPGSVw63sYGi63UW0FPTsCnHqcx4suPn7yd_VKAPnvLqQ_PDmm6OWsobzqOqbN54gW8O1LTbZjfZoz1Itqz HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=35865027-ad7e-4af1-b842-6a2016ca28b8&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL8poxuCv9YM0Ov0S12TFjISwwA0pTxLzmZ9vYJ8dK_6uikRXzOOqqKYQPGSVw63sYGi63UW0FPTsCnHqcx4suPn7yd_VKAPnvLqQ_PDmm6OWsobzqOqbN54gW8O1LTbZjfZoz1Itqz&google_hm=8sHWcmtDQveBl8hfGVeOqw==

Request Chain 318

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=Aer7DvJ47uWKKffLO6kMAiR049o2xaQ7iRklxEdHGxk1gwaVM1DbXbWQkXtmBauwXrkpNWOuor-1Co60OqTfLEkKZg5zmmLVZK15QV3fcur8ZfJ9Q5DMXvW8cAmUqHpUzdHJW0hQsjNgb1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvJ47uWKKffLO6kMAiR049o2xaQ7iRklxEdHGxk1gwaVM1DbXbWQkXtmBauwXrkpNWOuor-1Co60OqTfLEkKZg5zmmLVZK15QV3fcur8ZfJ9Q5DMXvW8cAmUqHpUzdHJW0hQsjNgb1Q&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=

Request Chain 319

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_cver=1&google_push=Aer7DvJgzLZ11285bLAbmyvUpvSbYllCKlK6ceRkgJEZHUrqu_k27Bfnhoczf1kJNFCVtfgyMVcycdPzQPPbDFnpo5Jz5ptuYQt-Yxmpq-7Z5k32ATpyhb_Bo6Yj3RnvgNiWejz1EI6OFDs HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvJgzLZ11285bLAbmyvUpvSbYllCKlK6ceRkgJEZHUrqu_k27Bfnhoczf1kJNFCVtfgyMVcycdPzQPPbDFnpo5Jz5ptuYQt-Yxmpq-7Z5k32ATpyhb_Bo6Yj3RnvgNiWejz1EI6OFDs

Request Chain 320

https://cs.media.net/cksync?type=g&google_gid=CAESEFgMM7tclNfHosrwWQ7J-8Y&google_cver=1&google_push=Aer7DvLhkSuxSZcrjYIKSfVxSlAuyVYPxDUmxn6M53ELzgxSBv9K9dp7k4iLZfnJ3mh3wQ8Js1gI7j0lEb9gQTG-AKYBWHrIaZkxL6TTLYiQRhkJfoy6nHbR6UucqQZG_xhpkeeZXGi008hV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLhkSuxSZcrjYIKSfVxSlAuyVYPxDUmxn6M53ELzgxSBv9K9dp7k4iLZfnJ3mh3wQ8Js1gI7j0lEb9gQTG-AKYBWHrIaZkxL6TTLYiQRhkJfoy6nHbR6UucqQZG_xhpkeeZXGi008hV&gdpr=&gdpr_consent=

Request Chain 321

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEp7adscx7FJ0HC2eiNu8hg&google_cver=1&google_push=Aer7DvJtxsCMy6nc5-u88w5STZI5-NrXVzxCN0NBnLkx8hpJF3deX8rXbGFjhbDsuI0DNXmrqO2lF0sQGehxBnf3fs0BByimFWEFhsd7z8nDbI28WyFhVp8jwgeKqunrb8n3Ttxe8pSGobDNAw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJtxsCMy6nc5-u88w5STZI5-NrXVzxCN0NBnLkx8hpJF3deX8rXbGFjhbDsuI0DNXmrqO2lF0sQGehxBnf3fs0BByimFWEFhsd7z8nDbI28WyFhVp8jwgeKqunrb8n3Ttxe8pSGobDNAw&google_hm=ODc3NTA4ODQ1MDY0OTc0NDU3

Request Chain 322

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4AT_V1dOCS-0frgy5rC-A&google_cver=1&google_push=Aer7DvKVswZmlrxZW0i-1Sr_eptNJtb2EZ9HIvtzyVGZ2MpDDXs65yccxF2H_2ZUx3daZbbJpZFAm8ODrlRRZuKawgOLvjKj2Guk0nHH_QWKG9F6vzVq4xs6Nb2ET5mw8ElVWz29B01fPCp3cw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKVswZmlrxZW0i-1Sr_eptNJtb2EZ9HIvtzyVGZ2MpDDXs65yccxF2H_2ZUx3daZbbJpZFAm8ODrlRRZuKawgOLvjKj2Guk0nHH_QWKG9F6vzVq4xs6Nb2ET5mw8ElVWz29B01fPCp3cw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 346

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 356

https://gum.criteo.com/sid/json?origin=publishertag&domain=onlinehikes.com&sn=ChromeSyncframe&so=3&topUrl=onlinehikes.com&bundle=S4KAG18ycWtORTZqZXdXRkdKVW9FTnJyaUNlNWUlMkZMbnFvbW5YJTJCdTF3bm5aNSUyQmxBQXVaY0V6UVpNV0lEbmFQSko4MTdlSWNmS2cwMFMlMkJQY0d1UFY4eWpQWVNMTndRZGxNRDZJemVndzk1cVdrem5vMTdselNURU1SNUlnYUZ5cDI5VnNuVEc4NEtUZ083QTZ2Q2NYNiUyQm12VTZBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=p4_YK3wxdUROcTRjQjJlVkxKb0VqT1RyUDlLOVphT2ludThPOFhaTFlYUlhOTGVPeWZhZVpoNkJONDBnWnFYbDdhR0lFRWpTemI3RWp0a1h2MHI0NnYwZEVqSmlsT0dZS0JHV1JVUngrMFB3MnVjZmlwdkFvZXVLUGhqcGx6OUJKcmdCOGNVQW1PSUdGVEZSUURUeCs5YWxjV1p1d1NJaEFaWmZ5b3Y0Umh1MXBacnVZYWhzNk5MeG5zcSs0Y2N3QVRDRmFCR0ZTcGtNUFRLZkNlZ0tKOTViMlJUSVRhREV3aVd0OVRaaGF4aTd4MnFIYVgxM3hnUkNyUmVOM0VzR3hGR29PMko2cjVBaE9yNG92Q3JFcDFHRUJieG5valpHQ0dlTGJYc1dvS0tRaCtFWT18&cppv=2

Request Chain 394

https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3djwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy=1--- HTTP 303
https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DjwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE%26u%3D%24%7BUSER_ID%7D&gdpr=&consent=&us_privacy=1---&_bee_ppp=1 HTTP 303
https://ssp-sync.criteo.com/user-sync/match?p=jwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE&u=AACKOE7IjMQAACC_HI6pYg&us_privacy=1---

Request Chain 399

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1682334166424 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=2471167976 HTTP 302
https://sync.1rx.io/usersync/turn/3013302386049305321?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003

Request Chain 400

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/582baff5-17d1-5272-b2ed-d852d6abb984

Request Chain 404

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/35ea5ccb1d7cf646d71f91ff6b2ebf8a?gdpr_consent=&gdpr=0

Request Chain 413

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/jh9108M8WmOcxqvKpd8d?pi=smilewanted&tc=1

Request Chain 414

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=987bca91c0a849270284d484199c0bf9

Request Chain 442

https://gcdn.2mdn.net/videoplayback/id/d71314b50d487ee4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713870169/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/51E02BD6696407F3D07E5265F15FB54C3D17F9EB.80F6AD08AA9543B94B574002F167B8AE71DB07D6/key/ck2/file/file.mp4?cpn=MBb5vYCVwpguqmr8 HTTP 302
https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/d71314b50d487ee4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713870169/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61ED21DE80ADC4F8275D1E9B7DFBEC76DC218B98.53E6554C6609D84AE00D2F8E14DEED79D98A062F/key/cms1/cms_redirect/yes/mh/DU/mip/2a0c:f040:0:2790::3e/mm/42/mn/sn-5hneknee/ms/onc/mt/1682333761/mv/u/mvi/2/pl/52?cpn=MBb5vYCVwpguqmr8&file=file.mp4

458 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
onlinehikes.com/
Redirect Chain

https://www.onlinehikes.com/
https://onlinehikes.com/

190 KB
34 KB

711ms
567ms

Document
text/html

2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) / Express

Resource Hash

bee2628f7e2c17f64a87d5733d7c9870ed5a12d8b9e13ee1fd6b4b24fb4f20bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 11:02:36 UTC
display: pub_site_sol
etag: W/"c7e8-QvBN3NL6gjgAw8VuwF38z0vGz3s-gzip"
expires: Sun, 23 Apr 2023 11:02:37 GMT
pagespeed: off
response: 200
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-ez-minify-html: 9.04% 194310 / 213615
x-ezoic-cdn: Hit ds;mm;d2d805eb099792bd948068555b755ccd;2-273299-3;53faffff-7ff7-45f9-6320-54beb7b7e1f4
x-frame-options: SAMEORIGIN
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=0
x-powered-by: Express
x-sol: pub_site

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 7bcddadbaae209b4-ARN
content-type: text/html
date: Mon, 24 Apr 2023 11:02:36 GMT
display: staticcontent_sol
location: https://onlinehikes.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it0scK%2B1YV1fDAtkpL%2FvlW1fc1WB6Qzh%2F5PiT%2BrWWg2vyPa0e3w5%2BGvJfcGe4hNZKSVKc2G%2B1p981OeSBlwa7O%2FMoLXDxyV0FBGiRngSiQ22zGP13qxic1Skx%2BuQTQJS7v3P64Rs0quLuSg9W374eOq1"}],"group":"cf-nel","max_age":604800}
response: 301
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-ez-minify-html: 8.25% 178 / 194
x-ezoic-cdn: Hit ds;ds;a64db95340cdb2ae7f6e5edeaba595df;2-273299-3;a4f72ca8-6a27-4af4-4411-bf8cf7b75cc8
x-frame-options: SAMEORIGIN
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-origin-cache-control
x-sol: pub_site

GET
H2 200 publication-cover.png
onlinehikes.com/ezoimgfmt/static.ghost.org/v3.0.0/images/ 1 KB
2 KB 158ms
157ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/ezoimgfmt/static.ghost.org/v3.0.0/images/publication-cover.png?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: fbfbdcfc35eb13cf8bab789717ba94c308a40cc82189b898e09f1252dad6d175

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: b1ac352e-3748-4cfd-b743-fc2e37052b42
x-ezoic-cdn: Hit ds;ds;7796132a1a13f2e298eeccd5cad57741;2-273299-3;516690a9-d309-4eab-6ca7-045e2cc249ba
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cFAfFHc_IAMFpbw=
content-length: 1270
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637eadf9-636688480826de0e524ddf18;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 6a17fi8biFNERRkQ3XL4dUQOv5u3YDqXrhZXi5P-K1ECZYbTZt0VMw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 289ms
148ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdd44723401b3320d5cf27895641b666dae1fc5d8cd32e2ee941bfeb4b397369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Origin: https://onlinehikes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47623
x-xss-protection: 0
server: cafe
etag: 9276831546795305074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:02:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 256ms
116ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c272c1715dfaaea2f30e7f06029b07d50868b6251a4f802edff7b9bf88b5263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25085
x-xss-protection: 0
server: cafe
etag: 105 / 19471 / 31074079 / config-hash: 15625217941778994661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:02:37 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 660 KB
192 KB 157ms
67ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 23:18:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2202238
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84GL4R542iZNCLTvn%2FAJQpG9%2BEYJAFcChncuo1I%2B%2FUbs2%2FSj5obKLKuRjj0RjU5vVRlYbx%2B%2BOGX2ga4imNJC5rqsYgnirKbWoBm0pSa8ia6%2FAP%2FVXFaKOF362Quhj0zoNxx6AwjxIZqNGGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7bcddae2da3af14e-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
onlinehikes.com/porpoiseant/ 8 KB
2 KB 59ms
59ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/fads.js?gcb=195-0&cb=8
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 banger.js Show response
onlinehikes.com/porpoiseant/ 55 KB
14 KB 65ms
59ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/banger.js?cb=195-0&bv=214&v=74&PageSpeed=off
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 437aaab801f623ed2c7fc510f8547038c9c2b22a7ce1646576fb0f62746e0a79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 screen.css
onlinehikes.com/assets/built/ 28 KB
7 KB 238ms
238ms Stylesheet
text/css 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinehikes.com/assets/built/screen.css?v=1bdc5e1996

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) / Express

Resource Hash

f6e929d9f93ac649078b2bbc3b8cebef2f5ee76c1d8be36e19f7ff878c15923f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-powered-by: Express
x-ezoic-cdn: Hit ds;ds;45bc6a89cd5fdba0e4e88befb1ceb5dd;2-273299-3;2da6a22c-d507-4e1c-564d-4a762e2f5881
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6fef-17f5f9ff41c-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 Convertful.js Show response
app.convertful.com/ 56 KB
18 KB 122ms
47ms Script
application/javascript 2606:4700:20::681a:70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/Convertful.js?owner=239

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99475a603969ff00fb09bc2beec2e3f0cf66d8bea8f16f78719edb344ade2dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3882487
cf-polished: origSize=57216
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 10 Mar 2023 12:33:28 GMT
server: cloudflare
etag: W/"640b2398-df80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e50vqdBf7p1ca5wZdIZAUxZMlLgN9eyNTMnWwoAFCF4W58pPLSvnnlVU4Kcfo%2Byij64Gt4d9lyQT%2FDzRc2FrGHYtLZWC0U9dW9s%2Fw2qdLgPxfkERxx7gbqhbo7g7TAq1egEXt0xC%2BogeoUl9%2FVmj1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7bcddae388b0d96b-HEL

GET
H2

200

portal.min.js Show response
unpkg.com/@tryghost/portal@1.4.7/umd/
Redirect Chain

https://unpkg.com/@tryghost/portal@~1.4.0/umd/portal.min.js
https://unpkg.com/@tryghost/portal@1.4.7/umd/portal.min.js

323 KB
82 KB

2777ms
2776ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@tryghost/portal@1.4.7/umd/portal.min.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb203da91b3fee59f83138992e73681d4c74baa97fbabe103a81185edcb105f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 01 Jun 2021 09:07:26 GMT
fly-request-id: 01GYSEW2X004SRPNN4W1555QTF-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: cloudflare
etag: W/"50aae-Brn8Q0FAczlj/lNbFW0j4tH+IuE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bcddae5a8f0fe54-HEL

Redirect headers

date: Mon, 24 Apr 2023 11:02:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
fly-request-id: 01GYSEW2JKM04D1R9N6P7HW1VT-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@tryghost/portal@1.4.7/umd/portal.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7bcddae38e29fe54-HEL

GET
H2 200 / Show response
js.stripe.com/v3/ 463 KB
111 KB 202ms
71ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6ac48a7c704eb512addd8690ff165f87f9757f986d2ecf6b3f12c2ff077cecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 11:02:23 GMT
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 16
x-cache: Hit from cloudfront
last-modified: Fri, 21 Apr 2023 20:38:04 GMT
server: Cloudfront
etag: W/"8fda7e60cbb19842ca19415aa6b29ca1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: T07R0RzCxBgWDOlYYA_BKlzCm5StM5_hHqR8jB7cRVDnbhVoBnWMmw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
39 KB 213ms
76ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TC76KM9

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe9589b8f223094e638bd6f550f77006121760878b777b9eafb9dee43f45595e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39162
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 11:02:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 230ms
93ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126691063-1

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b2a42a0ef5d28aca6939b7701ef798c0d8776416716ad35beb454ff237cb3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61876
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 11:02:37 GMT

GET
H2 200 ezvideojscss.css
onlinehikes.com/ezvideo/ 41 KB
10 KB 92ms
91ms Stylesheet
text/css 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/ezvideo/ezvideojscss.css?cb=57
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: fdee3a3a36ac0545d4e302737dc029e4ab4c3370da8d11d7ee86feca140ee550

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 ezvideojspluginscss.css
onlinehikes.com/ezvideo/ 14 KB
2 KB 72ms
72ms Stylesheet
text/css 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/ezvideo/ezvideojspluginscss.css?cb=57
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: a5242d2e5d2b87110d894c303a479b0a7a94662e21979e27d565a92d43f4ed29

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 ezvideocss.css
onlinehikes.com/ezvideo/ 12 KB
2 KB 78ms
78ms Stylesheet
text/css 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/ezvideo/ezvideocss.css?cb=57
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 08f9966298220687808afbc8aafdabec798180d8dc44438bcd07b6273a595283

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 v.js Show response
g.ezodn.com/cmp/v2/ 5 KB
2 KB 72ms
63ms Script
text/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 19:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5236910
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZmRYiqtWERNUOa06FxplMYYx3uBRSQjE%2B6rcSxjjFnYz4x1iF7in6PhViZLGYlY6VqbfZqPnfln6d5c11I3CjKouhuD9r4G1yukRXrVW9Yxg2P7fh3qfltg9b8dvQ5%2F7P2htsWwd%2B90PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7bcddae32a6ef14e-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 134ms
41ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://onlinehikes.com/
Origin: https://onlinehikes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1682334157.dop067.sk1.t,1682334157.cds205.sk1.hn,1682334157.cds208.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 casper.js Show response
onlinehikes.com/assets/built/ 3 KB
1 KB 217ms
211ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinehikes.com/assets/built/casper.js?v=1bdc5e1996

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) / Express

Resource Hash

40ce09d06c81a221a73b8fb5b99aec7e77d3040a7fc2cc4c171b2a0bea03d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
x-powered-by: Express
x-ezoic-cdn: Hit ds;ds;b66776557501c5fd88566fe69ae7c0cb;2-273299-3;dfe35530-5361-4bd1-791a-b8e387090506
x-middleton-display: staticcontent_sol
x-middleton-response: 200
content-length: 1104
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"c38-17f5f9ff41c-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-ez-minify-js: 1.12% 3093 / 3128

GET
H2 200 augusta.js Show response
onlinehikes.com/detroitchicago/ 2 KB
993 B 63ms
58ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/augusta.js?cb=24
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 958

GET
H2 200 init-1632lqsy2s4fklqsvsii.js Show response
api.fouanalytics.com/api/ 318 B
745 B 335ms
240ms Script
text/javascript 2606:4700:e4::ac40:a821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c03ab66542cca583defd0c369e098ee4cc364a1eeaa0de7ccdafbe5281691df

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IGspEAqTZ4Jzy4B8WJCeg6ZPLQD1GDl0TJ1LgsLUrdAnZhNiW1CCrzEtwZaZdi7HAhP1KdXtAp0JkcZUQJuxgL6ZvfahkwRpi8%2BAbwGci0IdI9vCYSUd2JZFTi1%2F6Nt5Ae0L0hVWUVJ51XA5Rk8ad%2BVPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7bcddae3b9ae09a8-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 cmbv2.js Show response
onlinehikes.com/detroitchicago/ 914 KB
238 KB 76ms
72ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 6682a9413abbfc3521276d752a35ec7be74245228e33f46850d5941e5cb2fd19

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f779cb15b5d3053757898dfb57b747b8a0eff10554d426c1e588559b8b8816f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d61cfa7979eb5c12a8b5dfb4d11cca4bfdfa0fbca11ee38eaca0a819762ddb9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd3e5220e9eda0e6982e9b3e3c1c3168e9c26e43a3b6662ace2f03dde6e217d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e19b1f4221e6d0540a35aa0c7771dbcfb0913176e199d5ec30c68ed342cb1a6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d5dc98f8fcc90d2c6db9f621b2441523be518c0be537aa8a7afda440b863487

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 133ms
48ms Preflight
application/json 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=273299&bf=100&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://onlinehikes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://onlinehikes.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7bcddae449359938-ARN
content-length: 0
content-type: application/json
date: Mon, 24 Apr 2023 11:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVHd2f1VTPsZZYIq6hA5D%2Bw7eAuwYYsGg1sOG7kEJeYkoClkNUbfZntNfdvCOw2PZ6LxikhXZ7qrG1UJTyV9iPt%2F9Z935qOZDLtAXjRiuW%2BLnm5L%2B2lBpR6%2B6%2FsOkxTnyIzfN995UGAR6EThGT9%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 / Show response
basher.ezodn.com/ 2 KB
1 KB 55ms
54ms XHR
application/json 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=273299&bf=100&dc=1254144
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/porpoiseant/banger.js?cb=195-0&bv=214&v=74&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48142db38e1b9560e206d1bd0d480656c912a41a165df1dffaed5a8a0818db5f

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://onlinehikes.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJO%2BRGIgOutOkdhthSaH7444ksWZLgFbArLR1OVkrYnt5z7U3%2FhHfkyA9bne4DShe7WwS9OQNWFBMXVfmtvohrbQJO9n5vt4bMu6ZMyEfm2n7g7uimygMNdf60iDR4GcqvsK0POG3Et1J59uHNet"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 7bcddae499a69938-ARN
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 nmash.js
onlinehikes.com/porpoiseant/ 21 KB
6 KB 112ms
112ms Other
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/nmash.js?v=214
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 6ec8689f0579f760ee7d27651532bfc948f159d97b09b866d778186fd7e40697

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=0, public
x-robots-tag: noindex

GET
H2 200 export Show response
app.convertful.com/api/widget/ 400 KB
141 KB 272ms
271ms XHR
application/json 2606:4700:20::681a:70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/api/widget/export?owner=239&domain=onlinehikes.com&subscriber_uid=null

Requested by

Host: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.25

Resource Hash

694b47afce1ce6fb118454a061c95624d8e738717bce39930c40ce19954e8504

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"ffb8d7b8e6ea092afdddea9fb899e1f4f79f2d1f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://onlinehikes.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7CaZIPTJjXLQGZcjeccJJCZgQVLF%2F2BtDPjM%2FJ%2Fb%2F6J9se8IFBqOByVyRiVbYU5OzICBcY9YzOMv30MlLEdcrONWED3XiGoflP9pYKYOeV1BNbb%2FLP1U2zbb0BsRS4cTeCgjsB9ILbyulYOFwLbsg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: ETag
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7bcddae3e9a3d96b-HEL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, ETag, If-None-Match, Cache-Control

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 400 KB
124 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 11:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84397
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127052
x-xss-protection: 0
server: cafe
etag: 14196522953641333499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 22 Apr 2024 11:36:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 803 B
393 B 234ms
96ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eff98a45b4e751ca45b72aa191b2597969901162c8bcba469d0c59febb000e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
x-xss-protection: 0
expires: Mon, 24 Apr 2023 11:02:37 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
121 KB 210ms
71ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123415
x-xss-protection: 0
expires: Mon, 24 Apr 2023 11:02:37 GMT

GET
H2 200 kenai.js Show response
onlinehikes.com/detroitchicago/ 3 KB
1 KB 59ms
58ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/kenai.js?gcb=0&cb=5
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1058

GET
H2 200 portland.js Show response
onlinehikes.com/detroitchicago/ 29 KB
9 KB 69ms
69ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/portland.js?gcb=0&cb=2
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 sidebarwall.js Show response
onlinehikes.com/detroitchicago/ 9 KB
3 KB 69ms
68ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/sidebarwall.js?gcb=0&cb=19
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

POST
H2 200 imp.gif
onlinehikes.com/detroitchicago/ 43 B
239 B 65ms
64ms Ping
image/gif 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod46%22%2C%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C39%2C38%2C5%2C1%2C4%22%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Helsinki%22%2C%22country%22%3A%22FI%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A273299%2C%22domain_test_group%22%3A20230801%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1121%2C1122%2C1975%2C1976%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2220624c51-d2a0-45be-6bcb-107e740ffeef%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%2200380%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A51176%2C%22response_time_orig%22%3A3%2C%22serverid%22%3A%22i-089763422283549a7%22%2C%22state%22%3A%2218%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1121%2C1122%2C1975%2C1976%22%2C%22t_epoch%22%3A1682334156%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fonlinehikes.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1639%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://onlinehikes.com
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type
content-length: 47
expires: Sun, 23 Apr 2023 11:02:37 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 205ms
56ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 01 May 2023 11:02:37 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 cmbdv2.js Show response
onlinehikes.com/detroitchicago/ 41 KB
10 KB 76ms
75ms Script
application/javascript 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5y62-22&cmbcb=136&sj=x03x0cx1cx62&abt=Banger
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 26496fcfef2da9ebfaa80d8afb005688ebde40bc77f3f3f68c3c2c94872afdaf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ohlogo-big.png
onlinehikes.com/content/images/size/w600/2021/03/ 7 KB
7 KB 167ms
157ms Image
image/png 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w600/2021/03/ohlogo-big.png?ezimgfmt=rs:458x55/rscb1/ngcb1/notWebP
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 8a0de0cc1a598ea51e03622da3ba3894955d574274be6fd2fce5c0bf03a52d8f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: cd98bbe0-a4a3-48c1-b98e-8f3c29184484
x-ezoic-cdn: Hit ds;ds;2c05e39f7eb962a64c15cff0c4efc2e2;2-273299-3;27d42054-98fa-41ba-564b-e2e1c1230ce7
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cD9_vFLIoAMFW8g=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637e4397-11ea2c9260a5fc7d16c2b438;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/png
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 8PEhza8cMpsrkV9mMoRUTg8Op8QnrCdB_Tt6v8AiRM3_1qxTMYXXqw==

GET
H2 200 IH2f4ZyD_400x400-1.jpg
onlinehikes.com/content/images/size/w100/2021/03/ 776 B
1015 B 234ms
216ms Image
image/jpg 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w100/2021/03/IH2f4ZyD_400x400-1.jpg?ezimgfmt=rs:36x36/rscb1/ngcb1/notWebP
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 95fddd05f6ed8292c1dacadbbdbcc5debea42bd04c7d3dba3eca5a71f371e8cc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 36fdfefc-71a4-4b67-af9d-43d2cc146e6d
x-ezoic-cdn: Hit ds;ds;4fb0b96b34d011387fab7ea2d545bd52;2-273299-3;96968a71-e12d-4c5c-76f2-46c83530f307
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cD9_vEKjIAMF_aA=
content-length: 704
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637e4397-29a37bc0572a63a2465b4b30;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/jpg
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: SB8KMJA6ZUEpNqh1Rmp_gfLV0YMXP5NMJKumC57UI6Hm_UX31-Atrw==

GET
H2 200 YouTube-Upload-Defaults.png
onlinehikes.com/content/images/size/w1000/2021/08/ 31 KB
29 KB 204ms
194ms Image
image/png 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w1000/2021/08/YouTube-Upload-Defaults.png?ezimgfmt=ngcb1/notWebP
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 6931e33d83824263b3d1129193d4d145bff943a65b126c84e0f43de01192cb05

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 276522a1-a8e5-4c2c-ba81-6e994652b998
x-ezoic-cdn: Hit ds;ds;d27456a5fd592f0857ab45ca7081cff2;2-273299-3;961b4af0-a2f1-4eec-5502-030278a469ec
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cFAfMEhuoAMFRHw=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637eadfa-403b25ae6eb075c42859b885;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/png
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: MmtyIK-j20B5AMgP-3MPBCQgoskUo0jerIjQFzxPx1MFDpOZWD9REA==

GET
H2 200 YouTube-Upload-Defaults--2-.png
onlinehikes.com/content/images/size/w1000/2021/08/ 60 KB
57 KB 270ms
260ms Image
image/png 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w1000/2021/08/YouTube-Upload-Defaults--2-.png?ezimgfmt=ngcb1/notWebP
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 5b6e344101d75e8d56ba0182c8a91f8b337635d0229baee8319fc30eb4a66397

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 056f05b6-93d7-406b-aa11-fd799ccb6d6f
x-ezoic-cdn: Hit ds;ds;8fb632e460715a05f6c4b9cd0f02335d;2-273299-3;8bbf26db-15e0-4f6d-5239-88087e5f0a85
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cFAfKFs0oAMF7gA=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637eadfa-1bc55c9064ac44740b9ab6f8;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/png
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 8aUzcFy_77qDVxPAdzwDd9lX529RzSpuRNCHSO9mkxlaiUtCq7Ffqw==

GET
H2 200 YouTube-Upload-Defaults--1-.png
onlinehikes.com/content/images/size/w1000/2021/08/ 60 KB
58 KB 189ms
180ms Image
image/png 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w1000/2021/08/YouTube-Upload-Defaults--1-.png?ezimgfmt=ngcb1/notWebP
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 67cad45cafdc3c1f5cd60efcc6ad2a46481a03389a96129a9d447e40c9810a6e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 UTC
content-encoding: br
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 80a8da04-79c2-4faf-bab4-765595f95e81
x-ezoic-cdn: Hit ds;ds;d22b44ea1ba75ab9d2a3b2c40a8e8cb7;2-273299-3;45e31ed7-f5d1-43b3-53e1-ac0635087c2a
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cFAfMGhhIAMFemw=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637eadfa-15810e3b53de1118355d3720;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/png
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: vG5lmMOI4nLiP6fn4XR7DCg-E8_VevghCgGyHfJ-mnBawPFekdKckA==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 2DCA 10 KB
5 KB 192ms
61ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 5479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 09:31:18 GMT
etag: 2378337311435320485
expires: Mon, 08 May 2023 09:31:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 46ms
46ms Script
text/javascript 2606:4700:e4::ac40:a821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65f277119572469457505c574167e34d60ade9b7145fdc37e6fa428e4715303a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 18:23:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2542
etag: W/"64418333-3a4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QHOPvIeH0L%2B8jBDdpOORG4SxZoVqo2g6BixZfEe1SZg8MuXDoV0EQopa2Ff%2B%2FeuEw1QoJONfVVTCQ8DLrv4xVpWcVrtNoYWwum8lTA5leB%2BAZ1tCtOZWcpBruIzYMtL%2BlhJdTvIs9dOrA3jbOjNNw5VsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7bcddae56c4609a8-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
531 B 228ms
70ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 207ms
70ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LX9X88H2DE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126691063-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42c61068bd173843fd9acbb57e9952f3f992b5cae3b7e7303dc71f4308445849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 11:02:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 190ms
60ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126691063-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 10:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2093
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 12:27:45 GMT

GET
H2 200 IH2f4ZyD_400x400.jpg
onlinehikes.com/content/images/size/w100/2021/03/ 428 B
705 B 166ms
165ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w100/2021/03/IH2f4ZyD_400x400.jpg?ezimgfmt=rs:36x36/rscb1/ng:webp/ngcb1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 64dd1748937ebb38b49b0ebfc019a0124bda5b1f52bdf815695c9c494fd2a18d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 UTC
content-encoding: br
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: c934e426-0dac-46d7-85a0-1b16e1869443
x-ezoic-cdn: Hit ds;ds;58907ea3b306bd7fa1494f3319af07b3;2-273299-3;ab561b20-54ab-4bf7-60c6-c8c6e9c17149
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cD-ADGzRIAMFuKg=
content-length: 432
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637e4399-6486f210325565fa37c7e3c2;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: P8xsNuhdxogVVTf7gxv_hrWqInHqZ9HiIuR4uP0zkdd_t-WiWVV2CA==

GET
H2 200 IH2f4ZyD_400x400-1.jpg
onlinehikes.com/content/images/size/w100/2021/03/ 428 B
687 B 193ms
193ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w100/2021/03/IH2f4ZyD_400x400-1.jpg?ezimgfmt=rs:36x36/rscb1/ng:webp/ngcb1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 64dd1748937ebb38b49b0ebfc019a0124bda5b1f52bdf815695c9c494fd2a18d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 UTC
content-encoding: br
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 71ce0855-7296-4d96-be42-33041bfc493d
x-ezoic-cdn: Hit ds;ds;4eeaa8512372512dbfee42a83af9e5dc;2-273299-3;a2595808-5b1f-439e-5ef3-02dbe8b56888
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cD9_1GLHIAMF6bA=
content-length: 432
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637e4398-781238e744ceef117d7d9947;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 1dobFAaFcV7SJeLHzvQVJSujnE4_4NtXr5Z-Q-aCHl7D2g8bHD-bgg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
688 B 927ms
926ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=3801804945704975&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=3188901710&didk=686522671&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D6420057874562681%26eid%3D6420057874562681%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Donlinehikes_com-edge-1-6420057874562681%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682334157930&lmt=1682334157&dlt=1682334157147&idt=523&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

739e3e00ba1779d6bcbdabf5d9e5045f4de8cbb150424908d61da1ff94748d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 658
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7788 6 KB
3 KB 214ms
69ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:38 GMT
expires: Tue, 23 Apr 2024 11:02:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
617 B 884ms
883ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=3746863377196181&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3840644460&didk=1981406807&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D6465802780532390%26eid%3D6465802780532390%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Donlinehikes_com-box-2-6465802780532390%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D70%26br2%3D36%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682334157951&lmt=1682334157&dlt=1682334157147&idt=523&adxs=650&adys=139&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=458x250&msz=300x250&fws=0&ohw=0&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dbbfecf67fc311ea465148ecbf0fdc4bbe89bfd59ad1ef6792c3b9fa4c96d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
623 B 587ms
587ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=2819542863054607&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=3&adks=358549289&didk=4056883344&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D6126753706503792%26eid%3D6126753706503792%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Donlinehikes_com-medrectangle-2-6126753706503792%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682334157956&lmt=1682334157&dlt=1682334157147&idt=523&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ebc4b940b84e904bcf7849dcdf7e8f0a8a8f1e3f130e6e17caccf84b9e3d2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 593
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
627 B 609ms
608ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=4257609093162299&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=4&adks=3586627133&didk=686538070&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D3855632024510120%26eid%3D3855632024510120%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Donlinehikes_com-edge-2-3855632024510120%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682334157960&lmt=1682334157&dlt=1682334157147&idt=523&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fd6bb0ab026ddfbfedfe45b533388eefd7e831a753454095d745526526e8a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 597
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
634 B 209ms
59ms Script
application/javascript 2600:9000:223c:400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 10:31:41 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: r-7FCB3vLiOzT2FiZwmmmKGm4YAXmtH2kR6Pmq9uvNgxGtGLAxmSQQ==

GET
H2 200 play Show response
videosvc.ezoic.com/ 707 B
656 B 179ms
56ms XHR
application/json 18.192.83.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://videosvc.ezoic.com/play?videoID=d25a05cf68e93b1000e2d560de5bb742d7a5b2a21a60de6d5c2d3a8e7f638b2e&manifest=dash

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.192.83.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-83-3.eu-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

e88015657f68b0a20e6f685cf6612abf047345617d75c293a1d82e1ed3145f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
server: openresty/1.15.8.2
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type

GET
H2 200 play Show response
videosvc.ezoic.com/ 700 B
692 B 183ms
61ms XHR
application/json 18.192.83.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://videosvc.ezoic.com/play?videoID=beacc75e843fa4051e80e6305441db18ade38b25a7dc97b76401f8144cf66bc2&manifest=dash

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.192.83.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-83-3.eu-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

0fd02abc0d2510f9ddabfc2238b08308b7861fb341df462c3360199df3eb1835

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
server: openresty/1.15.8.2
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type

GET
H2 200 play Show response
videosvc.ezoic.com/ 699 B
688 B 181ms
59ms XHR
application/json 18.192.83.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://videosvc.ezoic.com/play?videoID=372aa753204e733ac6a708310ead959726a6bad55ecb91676da2d906e34aac8c&manifest=dash

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.192.83.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-83-3.eu-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

478eb7c753d917eaec1f96a0b86447e091229acfe3319377b240e03412be3e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
server: openresty/1.15.8.2
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 113ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LX9X88H2DE&gtm=45je34j0&_p=69658114&cid=1773331551.1682334158&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1682334158&sct=1&seg=0&dl=https%3A%2F%2Fonlinehikes.com%2F&dt=Online%20Hikes&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LX9X88H2DE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 x
api.fouanalytics.com/api/ 0
471 B 246ms
245ms Ping
text/plain 2606:4700:e4::ac40:a821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4N8MI1DQprPl%2FRzjGZ6%2FeX769j1CMZLEHhEWXYP5wmqMFqpZSNRss6dgXL2x7rDasIeunmIveMxZNT9gi7sqZseHfTCNaBOrldFGum1yi7Wa%2BnGcwWPog7oSnytk4Ge8YJdEoj%2FSj%2BLL90VOZ4dEpQUURg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7bcddae7cb4998fc-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=4,i

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 71ms
70ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=69658114&t=pageview&_s=1&dl=https%3A%2F%2Fonlinehikes.com%2F&ul=en-us&de=UTF-8&dt=Online%20Hikes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=131556850&gjid=868755169&cid=1773331551.1682334158&tid=UA-126691063-1&_gid=1320421169.1682334158&_r=1&gtm=457e34j0&jsscut=1&z=1975986398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 yOYignddahSMfuCW_j1677756446012-le7za8_t1677756549_base.003.jpg
onlinehikes.com/ezoimgfmt/streaming.humix.com/poster/yOYignddahSMfuCW/ 37 KB
38 KB 192ms
192ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/ezoimgfmt/streaming.humix.com/poster/yOYignddahSMfuCW/yOYignddahSMfuCW_j1677756446012-le7za8_t1677756549_base.003.jpg?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa57b70198baab2f7f95185f7002369b800d9202bd325beeb930d5b85bf808e7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 UTC
content-encoding: br
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-ezoic-cdn: Hit ds;ds;096aa1be6e59c968656248afe4b5ec47;2-273299-3;fbbcfa17-b3c8-4658-5c83-5b406016dde4
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: "6a5adab69e70e4015c83ed530ec77661-gzip"
x-origin-cache-control
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MWQE92Yzpq%2F9rEyBsPAIgyM2SR8%2Ff3%2BcOe%2FLZZtPDtm%2B9bctjaHZ18Kcs7ide4bdZTFywvlKiSL80wxvyff5rhB0oSTjuusU62v7HtlC09lDL5eeoOUHobgHFOG7VnmqVPEVKGv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 7a22b342cda79226-FRA
x-amz-cf-id: _VxFTAzOoN4_BK8Nk8Cpf-og0Sp6HfqSnR9CPBBpc3rrBt-f3HTHWw==

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ad6b4cd9fdd1156ea742d8806d7d22f787ac9570a365aaa3a4903e25fc820c6

Request headers

Referer
Origin: https://onlinehikes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 bridge3.569.0_fi.html Show response
imasdk.googleapis.com/js/core/ Frame A4DF 707 KB
226 KB 63ms
62ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e849e8e5c625e50fb7cb4e8d83324a1df27879012fd15888d3425c6752be7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 159778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231242
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 14:39:40 GMT
expires: Sun, 21 Apr 2024 14:39:40 GMT
last-modified: Thu, 20 Apr 2023 19:19:40 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 203ms
70ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Apr 2023 11:02:38 GMT

GET
H2 200 0e9788705da37749f02e9dbbf9fde50d_en-US.vtt Show response
streaming.humix.com/caption/yOYignddahSMfuCW/ 933 B
1 KB 651ms
580ms XHR
text/vtt 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/caption/yOYignddahSMfuCW/0e9788705da37749f02e9dbbf9fde50d_en-US.vtt
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d36140b823749ba56bdee43ebf48281c24eab18bdd65f1c1d68e9fbe99428d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
via: 1.1 007499d01faac26a60f04831409d062e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 933
last-modified: Mon, 17 Apr 2023 21:05:58 GMT
server: cloudflare
etag: "0e9788705da37749f02e9dbbf9fde50d"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-language: en-US
content-type: text/vtt; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPjGffo4MLd4H3W6Oy8hIYExcaupm%2FpUZbE1K77%2B3C12457X7O9YAOv5sqFq70spchFHyeqAWoWmLYCixiJHs5YlvUtiZ0Iq0qgDEOice%2FhlKw8SgV1RsN8KfeqI%2B4nissU%2Fi22tcfBcQcNAEhBmWpxs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7bcddae96debd90a-HEL
x-amz-cf-id: HqPWzHbYbE4YpXbk2He9IG4tA9-3Wjfpo3WKeXJOmkx8X00mFTD1Tg==

GET
H2 200 vid.gif
onlinehikes.com/detroitchicago/ 43 B
74 B 251ms
250ms Image
image/gif 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/detroitchicago/vid.gif?e=%5B%7B%22domain_id%22%3A273299%2C%22owner_domain_id%22%3A124077%2C%22url%22%3A%22https%3A%2F%2Fonlinehikes.com%2F%22%2C%22pageview_id%22%3A%2220624c51-d2a0-45be-6bcb-107e740ffeef%22%2C%22visit_uuid%22%3A%225da98512-be15-4855-6edf-47c0fbf8ca9f%22%2C%22template_id%22%3A134%2C%22video_impression_id%22%3A%2227073152-5533-4f96-8418-9582fc04b297%22%2C%22media_src%22%3A%22https%3A%2F%2Fstreaming.humix.com%2Fcontents%2FyOYignddahSMfuCW%2F1680116923%2Findex.mpd%22%2C%22player_type%22%3A%22HTML5%22%2C%22video_title%22%3A%22YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success%22%2C%22video_position_id%22%3A3996%2C%22is_autoplay%22%3A1%2C%22is_floating%22%3A1%2C%22floating_option%22%3A1%2C%22is_playlist_item%22%3A0%2C%22is_preferred%22%3Afalse%2C%22vab_test_id%22%3A%22%22%2C%22vab_test_val%22%3A%22%22%2C%22video_length%22%3A48648%2C%22content_id%22%3A%22d25a05cf68e93b1000e2d560de5bb742d7a5b2a21a60de6d5c2d3a8e7f638b2e%22%2C%22width%22%3A640%2C%22height%22%3A360%2C%22pos_x%22%3A480%2C%22pos_y%22%3A750%2C%22video_objects_count%22%3A3%2C%22video_objects_index%22%3A1%2C%22video_selection_type%22%3A2%2C%22video_match_score%22%3A75%2C%22is_blocker_on%22%3A0%2C%22video_source%22%3A%22upload%22%7D%5D
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 23 Apr 2023 11:02:38 GMT

GET
H2 200 372aa753204e733ac6a708310ead959726a6bad55ecb91676da2d906e34aac8c_SsWeUM.jpg
onlinehikes.com/ezoimgfmt/streaming.humix.com/poster/LCenqnvmcXQPRihj/ 58 KB
59 KB 196ms
196ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/ezoimgfmt/streaming.humix.com/poster/LCenqnvmcXQPRihj/372aa753204e733ac6a708310ead959726a6bad55ecb91676da2d906e34aac8c_SsWeUM.jpg?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 9f058d8771936f2b6729952bd7cca12634051931e1c56f2196814540d98731e2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 UTC
content-encoding: br
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: bbbbebbe-395a-41e8-a7ad-1babb7b233b5
x-ezoic-cdn: Hit ds;ds;41579b7e55adf1cb486793a23194f0ee;2-273299-3;7b1e9efb-ec20-41f7-40f9-f260b95f889e
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: fAyWQHtsoAMFS6A=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-63c9ca8e-2ba6b326614c47f30b3084bb;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Dozpox8KkLgKvsLPMZV_3u1wpnlewzn9kOBihzee9F60OleXLWoQwg==

GET
H2 200 bridge3.569.0_fi.html Show response
imasdk.googleapis.com/js/core/ Frame ABA6 707 KB
226 KB 107ms
106ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e849e8e5c625e50fb7cb4e8d83324a1df27879012fd15888d3425c6752be7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 159778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231242
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 14:39:40 GMT
expires: Sun, 21 Apr 2024 14:39:40 GMT
last-modified: Thu, 20 Apr 2023 19:19:40 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vid.gif
onlinehikes.com/detroitchicago/ 43 B
191 B 62ms
62ms Image
image/gif 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/detroitchicago/vid.gif?e=%5B%7B%22domain_id%22%3A273299%2C%22owner_domain_id%22%3A241122%2C%22url%22%3A%22https%3A%2F%2Fonlinehikes.com%2F%22%2C%22pageview_id%22%3A%2220624c51-d2a0-45be-6bcb-107e740ffeef%22%2C%22visit_uuid%22%3A%225da98512-be15-4855-6edf-47c0fbf8ca9f%22%2C%22template_id%22%3A134%2C%22video_impression_id%22%3A%22cb73b887-f615-4ca5-9cf1-5565293c407b%22%2C%22media_src%22%3A%22https%3A%2F%2Fstreaming.humix.com%2Fd0f93a402e52c327fe766dcb8d6d10ff%2Fout%2Fv1%2F5dcfb9108daa489db3bb4ccaee40c592%2F998631c4e774480a9b592c7e7f3b972f%2F87edf26a0c3e427e9a5db867b0e5f408%2Findex.mpd%22%2C%22player_type%22%3A%22HTML5%22%2C%22video_title%22%3A%22Editing%20Videos%20Online%20with%20FlexClip%22%2C%22video_position_id%22%3A3998%2C%22is_autoplay%22%3A1%2C%22is_floating%22%3A0%2C%22floating_option%22%3A1%2C%22is_playlist_item%22%3A0%2C%22is_preferred%22%3Afalse%2C%22vab_test_id%22%3A%22%22%2C%22vab_test_val%22%3A%22%22%2C%22video_length%22%3A475608%2C%22content_id%22%3A%22372aa753204e733ac6a708310ead959726a6bad55ecb91676da2d906e34aac8c%22%2C%22width%22%3A640%2C%22height%22%3A360%2C%22pos_x%22%3A480%2C%22pos_y%22%3A2970%2C%22video_objects_count%22%3A3%2C%22video_objects_index%22%3A3%2C%22video_selection_type%22%3A2%2C%22video_match_score%22%3A74%2C%22is_blocker_on%22%3A0%2C%22video_source%22%3A%22upload%22%7D%5D
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 23 Apr 2023 11:02:38 GMT

GET
H2 200 beacc75e843fa4051e80e6305441db18ade38b25a7dc97b76401f8144cf66bc2_SzvWgL.jpg
onlinehikes.com/ezoimgfmt/streaming.humix.com/poster/JsbEXUHbPLhIdFPV/ 85 KB
86 KB 212ms
212ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/ezoimgfmt/streaming.humix.com/poster/JsbEXUHbPLhIdFPV/beacc75e843fa4051e80e6305441db18ade38b25a7dc97b76401f8144cf66bc2_SzvWgL.jpg?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: df5b1c75167903b6b7ac21d651ce1052867767ce36258b85ff6f37799d4ca253

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 UTC
content-encoding: br
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 442cb89b-7967-4210-a96f-4c16e99af77e
x-ezoic-cdn: Hit ds;ds;f36cca282370b46bdd1cd85639676b5e;2-273299-3;7a1161ce-92fe-46b1-7853-c944465a2093
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: fAyWFGp8IAMF4cQ=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-63c9ca8d-0d017dc6391738b528c389af;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: vGiygzakZi-Swz44NAKR3XUkZyRPkAoMzOv437hRWcg04MFsxWpRBA==

GET
H2 200 bridge3.569.0_fi.html Show response
imasdk.googleapis.com/js/core/ Frame F553 707 KB
226 KB 133ms
132ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e849e8e5c625e50fb7cb4e8d83324a1df27879012fd15888d3425c6752be7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 159778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231242
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 14:39:40 GMT
expires: Sun, 21 Apr 2024 14:39:40 GMT
last-modified: Thu, 20 Apr 2023 19:19:40 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vid.gif
onlinehikes.com/detroitchicago/ 43 B
74 B 58ms
57ms Image
image/gif 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/detroitchicago/vid.gif?e=%5B%7B%22domain_id%22%3A273299%2C%22owner_domain_id%22%3A354245%2C%22url%22%3A%22https%3A%2F%2Fonlinehikes.com%2F%22%2C%22pageview_id%22%3A%2220624c51-d2a0-45be-6bcb-107e740ffeef%22%2C%22visit_uuid%22%3A%225da98512-be15-4855-6edf-47c0fbf8ca9f%22%2C%22template_id%22%3A134%2C%22video_impression_id%22%3A%22b3cd409b-8e4b-41f0-8be8-d2c6c06179a3%22%2C%22media_src%22%3A%22https%3A%2F%2Fstreaming.humix.com%2Ff1871d51972628df687afd6a76eef2cb%2Fout%2Fv1%2F23337d033131410f9debd26a039d4ff2%2Fda5b439859bc425f824ef83d0e0aac3a%2F2969ebd2cb134ccd8f79ea2b77d50a6e%2Findex.mpd%22%2C%22player_type%22%3A%22HTML5%22%2C%22video_title%22%3A%22Zero%20to%201%20Million%2B%20on%20TikTok%20in%204%20Months%20-%20Growth%20Hack%20for%202020%22%2C%22video_position_id%22%3A3997%2C%22is_autoplay%22%3A1%2C%22is_floating%22%3A0%2C%22floating_option%22%3A1%2C%22is_playlist_item%22%3A0%2C%22is_preferred%22%3Afalse%2C%22vab_test_id%22%3A%22%22%2C%22vab_test_val%22%3A%22%22%2C%22video_length%22%3A2365029%2C%22content_id%22%3A%22beacc75e843fa4051e80e6305441db18ade38b25a7dc97b76401f8144cf66bc2%22%2C%22width%22%3A640%2C%22height%22%3A360%2C%22pos_x%22%3A480%2C%22pos_y%22%3A1971%2C%22video_objects_count%22%3A3%2C%22video_objects_index%22%3A2%2C%22video_selection_type%22%3A2%2C%22video_match_score%22%3A75%2C%22is_blocker_on%22%3A0%2C%22video_source%22%3A%22upload%22%7D%5D
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 23 Apr 2023 11:02:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 202ms
69ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126691063-1&cid=1773331551.1682334158&jid=131556850&gjid=868755169&_gid=1320421169.1682334158&_u=YADAAUAAAAAAACAAI~&z=2071460510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 11:02:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 yOYignddahSMfuCW_j1677756446012-le7za8_t1677756549_base.vtt Show response
streaming.humix.com/thumbnails/yOYignddahSMfuCW/ 550 B
1003 B 525ms
525ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/thumbnails/yOYignddahSMfuCW/yOYignddahSMfuCW_j1677756446012-le7za8_t1677756549_base.vtt
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ef7d683e59de8ed362a4613f1d44a006e387b383d465aa0fb4221a734fc13a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
via: 1.1 bd29d18ddcad5397b0dff22184078bfc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 550
last-modified: Thu, 02 Mar 2023 11:29:11 GMT
server: cloudflare
etag: "71bac413558dd34cb7c86b350ac40146"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bn15Uri1Tnsq%2FgavQ1GByJE6Kuv0zcZGxlaVsNyaBDr4O5i%2FRjavLE1t4JBAiu2X6xBkrWIs9FFVrrjQrUrIUxLebsuPGZPR99rYioZtDuU6tFTs6x1EdQwqhZbSmZG3iCSsokSHCiZLQK9906LuT6vb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddae9ae68d90a-HEL
x-amz-cf-id: xEPD1L9o4PqUyd3wDwTzFZjQ8iXLz9QHFov5FN3TrgM9LgWGRh5Iig==

GET
H2 200 index.mpd Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 3 KB
4 KB 269ms
268ms XHR
application/dash+xml 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/index.mpd
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720e93cac39d69e7b931f74fbb57f470370069b9ea96c3f264b68bf28adbfcca

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
via: 1.1 547726f52324ef3a0c4ac01a3354e36a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3294
last-modified: Wed, 29 Mar 2023 19:08:50 GMT
server: cloudflare
etag: "dddfaa89ea7b4f0236b5bd3ca486c581"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: application/dash+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwFj8pxSorqcR%2BtLWCiblDcAabe2RmEPFrh2%2BEfidd819lh%2BPuO0L5qN%2Bc8OT7snX9yZyybYXdGgk%2Bz21OSifeLJ307HIdPZK%2BZiLnPDbTNWAjt9KbZT1i4DsP%2F6KO0QYSKMZ47h7EAVFv%2FjA3uaVq1g"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddae9be97d90a-HEL
x-amz-cf-id: 6eC0-mwv7_t9Xi34bTicynIpAMD8Qah5DsJokx9zHC7n-lOh76MVLQ==

GET
BLOB 200
OK 8202a650-d3e7-48bd-bbba-5b1214c1bafe
https://onlinehikes.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/8202a650-d3e7-48bd-bbba-5b1214c1bafe
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 2c7327c1-f3cf-4f45-ae96-ad02c6d62342
https://onlinehikes.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/2c7327c1-f3cf-4f45-ae96-ad02c6d62342
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
BLOB 200
OK e9e9dbd8-0b1b-4d3d-9855-f6980fa83c29
https://onlinehikes.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/e9e9dbd8-0b1b-4d3d-9855-f6980fa83c29
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
H2 200 LCenqnvmcXQPRihj_j1667382271984-o94n0h_t1667382925.vtt Show response
streaming.humix.com/thumbnails/LCenqnvmcXQPRihj/ 5 KB
5 KB 510ms
510ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/thumbnails/LCenqnvmcXQPRihj/LCenqnvmcXQPRihj_j1667382271984-o94n0h_t1667382925.vtt
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf8db3ac7109bc52b68f8049852dbb5dee3e39f24e399d7040144f87ee53be8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
via: 1.1 c0ee6c90b748e4d13d8e8a1cad2d9426.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5063
last-modified: Wed, 02 Nov 2022 09:55:30 GMT
server: cloudflare
etag: "443ab8139c1cb06e66b9570c0bd243bf"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xObZCsrVOB66C22MHkOklW%2BvkR1yAeAiycd58kmQX3qpdUJOvyRvGHaLy3ZhID4c3AMZtk8OMFLXIFlkZpS6zqba849kPK3hHSAWAcI4gae4zsnUULJZAXvG2rrxkWNuktO03j9gJoHdyu2qgDroZe%2FV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddae9eee8d90a-HEL
x-amz-cf-id: knEgUF9i-aAeRBgNuJCD2PKkqPYsEvLaJrEy39Em-ku6h-3AHy41MA==

GET
H2 200 index.mpd Show response
streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/87edf26a0c3e427e9a5db867b0e5f408/ 6 KB
7 KB 301ms
300ms XHR
application/dash+xml 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/87edf26a0c3e427e9a5db867b0e5f408/index.mpd
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18daf2a6cb3dfe9ececd611ad081f269ab8824a0c8c0b9b9a3f4a3b163863918

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
via: 1.1 5ffe5df2b6c8f15be82e79251546b54a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6585
last-modified: Mon, 24 Apr 2023 11:02:38 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EISWmGrtT3l6UWa2aD7W5qLt2Kzj8N5DzlBsNcFcFS%2F8r%2BtWFinTIQFt8XuYX9UVZljXMPrd5TnMzlkLymxbK5TwO0pXi2u8hrayXx%2FTRchwK0cwgy9B627T%2Bmi5ftKpkz%2BlWyImytNuaOYlr0yy89pR"}],"group":"cf-nel","max_age":604800}
content-type: application/dash+xml
access-control-allow-origin: *
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddae9ef00d90a-HEL
x-mediapackage-request-id: Root=1-644661ce-47e47e1803c825d009b4bacb
x-amz-cf-id: gWjh9FU7LCy9LOKBDEWHtyRXUMWPrTiWsFIyd_iPzJsA6sWJCCaqEw==

GET
H2 200 pixel;r=1895019801;labels=Domain.onlinehikes_com%2CDomainId.273299;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fonlinehikes.com%2F;uht=2;fpan=1;fpa=P0-302685860-1682334157966;pbc=;ns=0;ce=1;qjs=1;qv=93...
pixel.quantserve.com/ 35 B
372 B 70ms
56ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1895019801;labels=Domain.onlinehikes_com%2CDomainId.273299;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fonlinehikes.com%2F;uht=2;fpan=1;fpa=P0-302685860-1682334157966;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;us_privacy=1---;ref=;d=onlinehikes.com;dst=0;et=1682334158380;tzo=0;ogl=site_name.Online%20Hikes%2Ctype.website%2Ctitle.Online%20Hikes%2Cdescription.All%20things%20YouTube%252C%20coding%20and%20marketing%2Curl.https%3A%2F%2Fonlinehikes%252Ecom%2F%2Cimage.https%3A%2F%2Fstatic%252Eghost%252Eorg%2Fv3%252E0%252E0%2Fimages%2Fpublication-cover%252Epng%2Cimage%3Awidth.2709%2Cimage%3Aheight.938;ses=95c48c45-2ae4-4e5c-b8e6-fa1f1b239eb3

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 JsbEXUHbPLhIdFPV_j1662048007223-kbweew_t1662049686.vtt Show response
streaming.humix.com/thumbnails/JsbEXUHbPLhIdFPV/ 25 KB
25 KB 642ms
642ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/thumbnails/JsbEXUHbPLhIdFPV/JsbEXUHbPLhIdFPV_j1662048007223-kbweew_t1662049686.vtt
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce5dd47a0e09f8e275b457f87c2ad6479f41aca2abcd9380f14de820e1e0299

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 8e2fc74f111e14140c534c3cd41f10e0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25186
last-modified: Thu, 01 Sep 2022 16:28:30 GMT
server: cloudflare
etag: "e5667eeca339833fc0eee5e5e99c7dfd"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vy%2Fl5la8ciM1QagCNtHgG9P2YASx78JCAPJgB3zLBFkQRiixjwT4t4SdMNAcLSo1vX3ZLs0Cj4iwRyvhy9WrMiqgntsGbE8dncFTxxhYwM6bPbmflilReTFyBfWmraaWBoZWZHR5jqJXCkXATdj0%2FQxA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaea8849d90a-HEL
x-amz-cf-id: 4dxh4sukPNmCnkogdQg7AqrUkPChn19mG1sAEnK9_9fWK0Nc9Cuy9g==

GET
H2 200 index.mpd Show response
streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/2969ebd2cb134ccd8f79ea2b77d50a6e/ 19 KB
19 KB 668ms
668ms XHR
application/dash+xml 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/2969ebd2cb134ccd8f79ea2b77d50a6e/index.mpd
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1f56f4887b08941278f0b72350649741e96c70999e6033fb4e2aeeb638bf24

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 c418ea866520d52fb3d0a50002762664.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19246
last-modified: Mon, 24 Apr 2023 11:02:39 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65VzLb%2FYN4pfOyUhnl%2BzqvNfn7QSIvaSzpIlYaeojZMPprQzOf8CbR%2FWdWZqv3MT9FZLO2jFPJbU28iKJbyaNtJ36CoZaXby5b29m5taMv2dL2377kuuVhDzH3h2smbGPyCRV7gZHFKlb8%2BVHHISq8xA"}],"group":"cf-nel","max_age":604800}
content-type: application/dash+xml
access-control-allow-origin: *
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaea884bd90a-HEL
x-mediapackage-request-id: Root=1-644661ce-6ca416fd016a2c7a677e1750
x-amz-cf-id: wcNa0AKGsoiMuMOyl3X_FqausMNtm9NEwl1RKRoH6ovHAyOFXCdd3A==

GET
BLOB 200
OK a2e95311-ac93-4399-9f46-3cbbb465cbc7
https://onlinehikes.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/a2e95311-ac93-4399-9f46-3cbbb465cbc7
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 594db661-0bae-421b-bb00-28609d96ff88
https://onlinehikes.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/594db661-0bae-421b-bb00-28609d96ff88
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
BLOB 200
OK 7323f4da-037d-4781-ac49-e12ac691847b
https://onlinehikes.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/7323f4da-037d-4781-ac49-e12ac691847b
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
BLOB 200
OK 36b75a09-67ab-45a8-8f2b-d4c1407f04c5
https://onlinehikes.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/36b75a09-67ab-45a8-8f2b-d4c1407f04c5
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 7b9ebb61-4f31-453d-ac23-0547673a73d9
https://onlinehikes.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/7b9ebb61-4f31-453d-ac23-0547673a73d9
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
BLOB 200
OK 37f93ee2-3036-4642-8bde-6c0c1d92054d
https://onlinehikes.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onlinehikes.com/37f93ee2-3036-4642-8bde-6c0c1d92054d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
165 B 73ms
72ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 71ms
70ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 144 KB
44 KB 1705ms
1705ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=1674626896726509&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=1280706309&didk=2198039137&sfv=1-0-40&ists=1&fas=8&prev_scp=iid1%3D6114777960538019%26d%3D273299%26reft%3Dn%26br2%3D70%26bvr%3D8%26ap%3D9999%26br1%3D100%26ga%3D2497208%26bra%3Dmod46%26ic%3D1%26ezoic%3D1%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26tap%3Donlinehikes_com-pixel1-6114777960538019%26al%3D1006&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682334158707&lmt=1682334158&dlt=1682334157147&idt=523&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6334ceb12d67c20263fcf14d4359519789b55246d876bfb634897d6fe2c77798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45022
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 33 KB
12 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl_page_level_ads.js?cb=31074079

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b51237a514c8362d64d43c17abd3d4fd2e3a586c8a55c32bfde0c0e1c114aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 11:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84394
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11860
x-xss-protection: 0
server: cafe
etag: 7680045872876739953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 22 Apr 2024 11:36:04 GMT

POST
H2 204 greenoaks.gif
onlinehikes.com/detroitchicago/ 0
87 B 58ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTU0OCJ9XX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:39 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:39 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
57 B 58ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjE1NDgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:39 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:39 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 57ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxNTU3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:39 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:39 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
74 B 57ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTIxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjE2NzgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:38 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:38 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 57ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxNjk2In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:38 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:38 GMT

GET
H2 200 t1677756445_01_640x360p_30Hz_800Kbps_init.mp4 Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 840 B
1 KB 526ms
525ms XHR
video/mp4 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_init.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0d654f743c9321fa231c5bfddd26df8293c658f73b44e17eba86beb838856d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 033ed92c09627372dcaf2c27f57f2f76.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 840
last-modified: Wed, 29 Mar 2023 19:08:52 GMT
server: cloudflare
etag: "ae7a68d4bedecae323c1efaf006fdd5b"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC3khyJgENnVkzndaX5B0%2FKtS9IlIbDae8P75y4RaioVQDrIv08kUpd%2BPFOswWjuysPbha5mQfu%2FPz6hU4rD%2FQyLPE0LWARlxe0zoNRZuxRkzFWv0FEQKU74NMmFOmy3VVqxxcLeIXXsED%2FUuN6NOy6y"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaed7f54d90a-HEL
x-amz-cf-id: ZSVg-7mn_zplEqJtMYtRq_4vU9QAAO2qoxhsqfPcyCSpjW_kyeQWlQ==

GET
H2 200 t1677756445_01_640x360p_30Hz_800Kbps_001.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 114 KB
114 KB 742ms
741ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_001.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b0fd93dcc3bdca19d91ca1c1ace0b8c063d65dfa683d06f584592ec22b96d32

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 3ba9c8c432edc6e444a1eb80907e1602.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116512
last-modified: Wed, 29 Mar 2023 19:08:50 GMT
server: cloudflare
etag: "357de93bd0cd9bd96e88b48e637a8620"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxFwZl9oI9MprT3Pik%2Bdv9pEVpW8jb66dKY27HapDTOIpRmJEYi31SXf2fhYozCnKosruABrUHD%2BrHPr%2BW11xYFPZS3oQ2O372EoawVvFbWGkNgfrHNHDDWrxAzp49qezGJ2KXOmDeS9hYQCI7L3Hpl%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaed7f50d90a-HEL
x-amz-cf-id: 9cmg7LaXqlsoclaZE4fbMUET2CVw275GMbu3Q2S-o3l_ApufglEq2A==

GET
H2 200 index_video_4_0_init.mp4 Show response
streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/ 750 B
1 KB 283ms
283ms XHR
application/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/index_video_4_0_init.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ebdf4cd37f38ba09bd4cb87c832d8321e0c9a232f2eefb66b497884cb776f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 07c325e1e193f25e3673c49cf7dde57c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 750
last-modified: Mon, 24 Apr 2023 11:02:39 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAfN0YwQToKgBmYlrQByuts1K3itUmx2Q0zMqNeyERmrJGwsokeG%2FrmzxtlNx%2BKt4lNyR5t8Op%2FQ0U5LKRYU%2FXEnZPH8BrfpB0KWSt6UAIqqnNsnTYEut1QDjI%2Fo4%2FrirodmvO3XonalKGQ8iylJ1veN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaed8f7cd90a-HEL
x-mediapackage-request-id: Root=1-644661cf-4d0e3f100a9bf8f80a441fcd
x-amz-cf-id: mtmCjwJZvVXQFTqFLZUB3j6nL3a8lN080X7bTMxeu7ipS6rMbGdPhQ==

GET
H2 200 index_video_4_0_1.mp4 Show response
streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/ 46 KB
47 KB 1004ms
1003ms XHR
video/mp4 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/index_video_4_0_1.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 844f927aa74d164ccbbed08e7f24cc8aa952188afde943e26ca79ce51b1268e6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 e524b8092e2dda964664df0dfa35341a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47449
last-modified: Mon, 24 Apr 2023 11:02:39 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHJqZjUYyNkpTATeYw2Y4NWOYmRN6jBBwq7SzwyI68DTqTKTof%2B2EeDwcGAwwyw4HL3gBhhSGnisO%2FGpNBqgZFKHVEnLFzlsEzsPF8lwlVmIjG6fyM4U0lqAmY5J3Eg2jVuBPLOesMkdyAv52FWcBU8z"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaed8f82d90a-HEL
x-mediapackage-request-id: Root=1-644661cf-657e6b9435f2eec56850f79d
x-amz-cf-id: VT9FJhLBGz51dFm-h4hOs_BlVxrT-haPuUKO-xydZ7gKdiyGv40hog==

GET
H3 200 audio_init.mp4 Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 826 B
2 KB 245ms
245ms XHR
video/mp4 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_init.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44e3af2cace163bf2dcde9d45a3d566c9204bee21bdfd552389a7b07349f1f4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 eaf02c7c2410dbc30b47d1b4091ab004.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 826
last-modified: Wed, 29 Mar 2023 19:08:50 GMT
server: cloudflare
etag: "6beca5005ad08e6ccd3d6a9cc9ca6a02"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvuNaJh%2FFGuNIWZEPy9MmPFomo6AwtY5nYcYvLWXH75MYq0T24cE5%2BfP9tgdzH%2FNU1LW5UHxstlSo1sw%2F8y36Hdi10joe7GpLrB8BOwXQJ2bBRgRHMNSSOSBFGz2OGa0JXPi0IOEqiDIXx%2FC7O1OrBZ7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaee9ef4d943-HEL
x-amz-cf-id: czK4sICutbEELtGhtk5vSrxdgGjXNso6JlucfcNzScIjb4hmkWhvzg==

GET
H3 200 audio_001.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 41 KB
42 KB 633ms
632ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_001.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c4b65d4faa76172d62c4a181350c5a0afc5a334844535f0432239f667bab6a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 0a32af04492da569257fec584d243082.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41848
last-modified: Wed, 29 Mar 2023 19:08:48 GMT
server: cloudflare
etag: "ef934c0112654a7422aa0c13a52ebc59"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ3XOERRrenI%2FOSY%2Bq%2BhLQgK1dmY5fcTnYIdV%2FEm66IT6bk7N2Ew0kvKvGI%2Bw4nIs2AKNGjEey9eTWlNkCsy13F3uI47Wrln5Unc970xz5j230uaatY%2B%2Bk%2FsZtvGuRl2gU2iANgL0CQBJCixRV7QujNT"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaee9f09d943-HEL
x-amz-cf-id: uBTwTJMfBfrgADqi0AP6Af3S1JHzHJTPLZne4-dxgiwPofRlYBZyLQ==

GET
H3 200 index_audio_2_0_init.mp4 Show response
streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/ 638 B
1 KB 257ms
256ms XHR
application/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/index_audio_2_0_init.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff5e3211a286bc29c854a3f5d5d07cb92f30af3a0258291305f851353ae64ea6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 c0ee6c90b748e4d13d8e8a1cad2d9426.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 638
last-modified: Mon, 24 Apr 2023 11:02:39 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuFq9jVWa140jjdBFdh2T0HRjHyxSX3JDVTtf9NLLXEDlU6fGE4QKuyHqOfqRrUkgRS3j505fpvWUNV%2BzM0xAblWVNy2O7Dyz%2BgagU5XK4ujq9GQt6KbDEY2pFHa5VCefLjC%2FVKVZyb%2BdL6uwIx2OmX5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaeeaf2ed943-HEL
x-mediapackage-request-id: Root=1-644661cf-192708d0533868dc490b5dcd
x-amz-cf-id: V1EdQvzyYB0m-HMBQTK2YbmrikyrCex32yNUGfFiVWailR7Q8zV20A==

GET
H3 200 index_audio_2_0_1.mp4 Show response
streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/ 43 KB
43 KB 1056ms
1056ms XHR
video/mp4 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/d0f93a402e52c327fe766dcb8d6d10ff/out/v1/5dcfb9108daa489db3bb4ccaee40c592/998631c4e774480a9b592c7e7f3b972f/a488b421bcb54e93affaeed629a0e0ff/7ff3dd1c70a4465e8ee62dbdfc473a42/index_audio_2_0_1.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea8d55947cad12ee2eaa41e305389090b076a49d6823cd14bc6d7edde5ea706

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 3722e3fae8beaa8b858515be7ea93916.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43791
last-modified: Mon, 24 Apr 2023 11:02:40 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdU2%2BgIHdT0ALkYaaajsOn7EkklUlliSppsWr6wrCwWh8jl%2Fw6JEA5idC4YtXi1Htm6%2BfDCj4Vs0m1eXZUDBqANx0idbalvyLwVtouwsEOF8nrQE3VpaLyB3vGUTebqlEN7li4NlyW8X89gWTK25n%2BJK"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaeeaf36d943-HEL
x-mediapackage-request-id: Root=1-644661cf-0a8b274f7a0281a03c81e2d2
x-amz-cf-id: zp8uaZfn5w2nFRm7_FhOy0teYWuL1f3UtKHbyKgb_Cby1b4Gjc8crg==

GET
H3 200 index_video_4_0_init.mp4 Show response
streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/ 750 B
1 KB 474ms
474ms XHR
application/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/index_video_4_0_init.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ebdf4cd37f38ba09bd4cb87c832d8321e0c9a232f2eefb66b497884cb776f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:39 GMT
via: 1.1 50f8df1bd48d77c6aa66214d7e928e72.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 750
last-modified: Mon, 24 Apr 2023 11:02:39 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96Yuh7GTwBwr7DlBRflKh7xfwmsgnKivrB7%2FsR9MPk0uQ1i%2FHYLsdUtOCGlnEyKx7SKobzz3kRM5GwFvBxKBlqoIExuFGISJK0%2BqgRvQPt00Ssvdvvtib1lC823TobW66WZBy11m6ytM0WVwvIhZy9p7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaf03affd943-HEL
x-mediapackage-request-id: Root=1-644661cf-301a9f5404eecaf573a61af4
x-amz-cf-id: RGsyeDRpSlIItPY4sy_qwAlgILxiU9JgqSo2byPVGPPIgAcNoHvKmw==

GET
H3 200 index_video_4_0_1.mp4 Show response
streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/ 66 KB
66 KB 964ms
964ms XHR
video/mp4 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/index_video_4_0_1.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751044432f7a199d062f4f68e0f6228ad07a5bd38ebce2cd3cb5ab68eb46bae3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 50f8df1bd48d77c6aa66214d7e928e72.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67119
last-modified: Mon, 24 Apr 2023 11:02:40 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnEy0Ooaav1CL7CcNH0DXTFS8u7w5cQMdpE5J%2BvVPDc14d6MJvUfFL2m2C%2BMFXkY20dz1boRrzUInnE%2BhNOVIEdNXjyIKtihFAJcjxaSpN1H%2FcMy5hmbBe6vVOWdg%2FAtoPMIHVB24cvLj6W1aIEnZzZm"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaf03b01d943-HEL
x-mediapackage-request-id: Root=1-644661cf-6453b969400b200e21876d58
x-amz-cf-id: RZ0H19Khz13__PlgV8qLnj0ikp7xn1aOMBSy0ywEzbxwacMIbPO95w==

GET
H3 200 index_audio_2_0_init.mp4 Show response
streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/ 638 B
1 KB 493ms
493ms XHR
application/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/index_audio_2_0_init.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff5e3211a286bc29c854a3f5d5d07cb92f30af3a0258291305f851353ae64ea6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 27c8fa1293b3ecca6804886739b2d020.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 638
last-modified: Mon, 24 Apr 2023 11:02:40 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2qD5l55OHnVK2JZqGuJgqvsb%2B8CydVX2LtL1ISoyF2XAU6JDOqy%2FfEd6sBZIodvH5BT%2FIjSAx1PpKzSs1bpb8FHZxTQ4llctnMZxZOeuQbHDtzPUMC0YwEvfDxQ9a8WuaYYKa0DwYETj3nnEWpV5VdU"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaf16d56d943-HEL
x-mediapackage-request-id: Root=1-644661cf-1dbd76ed389da03766af0683
x-amz-cf-id: stekw4loPFqN6Qh8QlwYNgkRXVjDKRQ8OVZXa9qVoaQCjjYx0SYiBw==

GET
H3 200 index_audio_2_0_1.mp4 Show response
streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/ 43 KB
44 KB 1242ms
1241ms XHR
video/mp4 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/f1871d51972628df687afd6a76eef2cb/out/v1/23337d033131410f9debd26a039d4ff2/da5b439859bc425f824ef83d0e0aac3a/f4022040279c4c5181365684bdc35cb5/141b3b6aa7684c0d8bb5f1f37925b667/index_audio_2_0_1.mp4
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de0624ddd97d350c60e4f32b945a846d2a8059704bb9e153cb465daae59fc22

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43873
last-modified: Mon, 24 Apr 2023 11:02:40 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GvmSyR79EBNIle4ZfqRAoHzrSGeVkKfoh4V50r9RAMf3594zAcSfod8keGwYaI5Z1b1P%2BxIp7vUn1NAwLVEAPUNuLvxW8U5mFwO4vkZk%2BWk5iqXr0lj81XywVtnI5f7NU4d%2FvwJBlrOJQ6OpZoyoHG6"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bcddaf16d59d943-HEL
x-mediapackage-request-id: Root=1-644661cf-052becc96bba649a519bdf3a
x-amz-cf-id: lbQyrsPWjOamxjLOSgyAoMmGtme2UQjwRQQsSfHdfrbgEZPaLpNj2g==

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_002.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 131 KB
131 KB 727ms
726ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_002.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62946e59569ef366be7965afeabee46e2c5cce77e8e72b9ede743d0489408ab

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 0a32af04492da569257fec584d243082.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133741
last-modified: Wed, 29 Mar 2023 19:08:50 GMT
server: cloudflare
etag: "027ca6ee9ebe3d14d2a637440bb325f3"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZ%2Bco9mazcj9dPDUDnuaU6I%2BYduMmH6KUXxqyVB6ipBHu6yt8W5NlgP2PPJEpMrXyOzjxFrjPrzvrCAXts8TTsVvmrRyV7aVioquRwxyYHiSRFyTAxSJZxWbqBIoALsJt8owshwg6Awaslr3tMiZ%2F6np"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaf38b45d943-HEL
x-amz-cf-id: UlNE4-DHj8qMN-oUD9jtL6qlWKaQaRFD4lymVoCI1VNMr7ItDjg_uA==

GET
H3 200 audio_002.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 608ms
608ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_002.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70bd5ce8c7a5018e98bbde4b2967c003553b795ac78bbc0fa577f0ae890420b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 2da695f21de77ab27a57fd348bd62648.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40888
last-modified: Wed, 29 Mar 2023 19:08:48 GMT
server: cloudflare
etag: "421346a93434645227f3ab944c59b420"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gW3vlWWELbdzCNQts6LI0U9plSHrL0M4ac7Jz2K7n3Vj5RlWAnJcQg9TBlyjFOscqcLN2CZzgCnLXAYQxPELYs2o2C0MluKE3SQ77tDOeQARpbuPALao5KlmZyweh1q4i%2Bc9PJvCCCMDDfODyRaimw6L"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaf38b50d943-HEL
x-amz-cf-id: 4qmLi_h4Cfj_Oij4b0vpKDIHtqwATkBC2X0DMrTyeCVRNFWQ5HIezQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 190ms
92ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21857
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iR3W5AEvNm4hF6Q5yXPzz2RcXAiUouJmeQcTVRleWhY9yT8s%2FB067qWaV5B1qRvIhNaEGic0Jw2SBk91hVM76K%2BRd%2Bpr%2B%2BQSCT4BV1ZFgIYuUhVnvqtxwuBPvNp9Y1tJJGXBvN0rh1cqsSjoNR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7bcddaf79bfdd8fe-HEL

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 143ms
46ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: RKEF21ZGS1GWD413
age: 68
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bcddaf79f32d937-HEL
x-amz-id-2: fdwUwxEgRe2kdUTM9Bie1UjP9OQNKMPHgvFWX6kzxj2aTjbTO+xTICbvcw/8y5W4DnWe4UjPnLM=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 138ms
33ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 10:52:56 GMT
via: 1.1 google
age: 584
x-guploader-uploadid: ADPycdsKyVElXDMAO_AMlH7d3a4hEXfjssTzy35n6huQvC8HNeAC9n_qc2n1IiC7I4yZMR4lP-dB3Wvc_q4uEBcOYTrL6_9y3Bll
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Mon, 24 Apr 2023 11:52:56 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 206ms
72ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:48:15 GMT
content-encoding: gzip
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 26066
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: UfeZKGez6pVOpbokd-o_9kB7_TdmkfCG5PPwp9mZvJHvhNEK9b_35g==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 218ms
60ms Script
text/javascript 2600:9000:2250:3c00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3c00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 02:50:38 GMT
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 29523
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: EoQt6wj-GEOTasfFjBEt4tQE2UfQE0UgO8PlB6vwcTXNrbW4kKTekw==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 130ms
33ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 20:15:28 GMT
content-encoding: gzip
age: 312432
x-guploader-uploadid: ADPycdsIvgDROoPyws1TqwswD7JjyfxEn1XTlTc3Tk9s3IFFdJu_4ul194BQBow7gY3VbqS8MqOoYwmVVLKKAKNujPiAb0HNz1_L
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 19 Apr 2024 20:15:28 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 216ms
70ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 11:02:40 GMT

GET
H2 200 container.html Show response
9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C966 6 KB
3 KB 63ms
62ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:38 GMT
expires: Tue, 23 Apr 2024 11:02:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
62 B 58ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjExNDc3Nzk2MDUzODAxOSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJvbmxpbmVoaWtlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjMzMTMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:40 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:40 GMT

POST
H2 204 greenoaks.gif
onlinehikes.com/detroitchicago/ 0
16 B 65ms
65ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjMzMjEifV19XQ==
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:40 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:40 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
62 B 65ms
65ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjExNDc3Nzk2MDUzODAxOSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJvbmxpbmVoaWtlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTE0Nzc3OTYwNTM4MDE5IiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6Im9ubGluZWhpa2VzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYTQ5NWNlN2RiYjRjZWZjZDNlMGE3MjIwNDg4OTRmNDEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxMTQ3Nzc5NjA1MzgwMTkiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0Ijoib25saW5laGlrZXNfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMSwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTE0Nzc3OTYwNTM4MDE5IiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6Im9ubGluZWhpa2VzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1ODUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxMTQ3Nzc5NjA1MzgwMTkiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0Ijoib25saW5laGlrZXNfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:41 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:41 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 66ms
65ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjExNDc3Nzk2MDUzODAxOSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJvbmxpbmVoaWtlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:40 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:40 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 65ms
65ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjExNDc3Nzk2MDUzODAxOSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJvbmxpbmVoaWtlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYXVjdGlvbl9lcG9jaCI6MTY4MjMzNDE2MCwiYWRfcG9zaXRpb24iOjk5OTksImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTAwLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTAwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjoxNzc2LCJtdWx0aV9hZF91bml0IjpudWxsLCJtdWx0aV9hZF9jb3VudCI6bnVsbCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:40 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:40 GMT

GET
H2 200 / Show response
onlinehikes.com/members/api/site/ 2 KB
1 KB 124ms
124ms Fetch
application/json 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinehikes.com/members/api/site/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) / Express

Resource Hash

a653b3656efa4427530c03d65c78d8677a4d7ae68e4a67760fb88d1b9d356636

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Apr 2023 11:02:40 UTC
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-sol: pub_site
display: staticcontent_sol
x-powered-by: Express
x-ezoic-cdn: Hit ds;ds;3daea1127968bc7ff6da541b0b120a26;2-273299-3;8f957b71-14ad-4e41-54a9-91e2f6dab023
x-middleton-display: staticcontent_sol
x-middleton-response: 200
content-length: 660
response: 200
server: nginx/1.14.0 (Ubuntu)
etag: W/"661-3ACsATY0B0Q6AHhv1WTfW1XARUw-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 204 /
onlinehikes.com/members/api/member/ 0
0 739ms
739ms Fetch 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinehikes.com/members/api/member/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 UTC
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-sol: pub_site
display: staticcontent_sol
x-powered-by: Express
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 204
response: 204
server: nginx/1.14.0 (Ubuntu)
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame F7D4 200 B
1 KB 59ms
58ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 883
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 10:47:58 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 11 Apr 2023 22:02:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id: 6Lp_y7BkCoWFldXGT8ZP7Am_pLoshuh-UmDmwcX5CBU4_1FSEMenQw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 si
capi.connatix.com/tr/ 0
330 B 284ms
173ms Image
application/json 104.18.33.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7bcddaf859f70d3e-ARN
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vpp.gif
onlinehikes.com/detroitchicago/ 43 B
92 B 243ms
242ms Image
image/gif 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Fonlinehikes.com%2F%22%2C%22pageview_id%22%3A%2220624c51-d2a0-45be-6bcb-107e740ffeef%22%2C%22template_id%22%3A134%2C%22player_name%22%3A%22ezoicvideo%22%2C%22domain_id%22%3A273299%2C%22media_src%22%3A%22blob%3Ahttps%3A%2F%2Fonlinehikes.com%2Ff4c294c9-f581-4b5c-8a4f-642733aa44a7%22%7D%5D
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 23 Apr 2023 11:02:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C966 5 KB
1 KB 259ms
84ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 11:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 09:58:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 11:02:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame A587 2 KB
846 B 306ms
126ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:40:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame A587 21 KB
9 KB 238ms
61ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:43:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame A587 3 KB
1 KB 305ms
127ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:47:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame A587 19 KB
8 KB 250ms
73ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:45:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A587 0
0 227ms
70ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtWO-d7fltk05o70abr7ZKtRc8B-3_XMcgQaAmv5hVHS_eoT9V_ydsmA9Ix7UNlact9by66p9P-H7R4OOC0zMb5IEIag
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A587 159 KB
49 KB 241ms
83ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:02:40 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame A587 32 KB
14 KB 218ms
62ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame C966 19 KB
8 KB 255ms
82ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 17:01:53 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C966 205 B
519 B 229ms
79ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 07:09:33 GMT
x-content-type-options: nosniff
age: 13987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Apr 2024 07:09:33 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C966 604 B
695 B 229ms
80ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:05:09 GMT
x-content-type-options: nosniff
age: 28651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Apr 2024 03:05:09 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F7D4 0
717 B 1072ms
187ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682334161623576
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682334161622985
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F7D4 0
715 B 1069ms
188ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682334161624306
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682334161623100
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F7D4 631 B
1 KB 61ms
61ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 24 Apr 2023 10:28:31 GMT
x-content-type-options: nosniff
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2057
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 07 Apr 2023 22:37:54 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JxbMOuN0ns81TNUrZbjZxVg1hIdITA4BUUGwqXTffj7WJFw-hGRlQg==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fonlinehikes.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fonlinehikes.com%2F&rid=esp&cc=1

85 B
203 B

262ms
253ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fonlinehikes.com%2F&rid=esp&cc=1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 9013dcd3fc04383344f40217cfe7b73491dcd7c7cfbe5cd6b56af7e4cd999845

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-C2A5z/Hbn2oK/+B9rV8ZvR/HB9c"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://onlinehikes.com
location: /esp?url=https%3A%2F%2Fonlinehikes.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 95ms
83ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2d76e9808cb6eabd8764fb7b8d1d14d051b005683b136d0ea70cc4da7880b0d0

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Apr 2023 11:02:40 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 82511bf4a1a7719ff228f21094bb4c19
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 194ms
81ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onlinehikes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://onlinehikes.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 24 Apr 2023 11:02:40 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 850b50864f21efeddd20d2bafaf34177

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 914ms
66ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
date: Mon, 24 Apr 2023 11:02:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 912ms
76ms XHR
application/json 54.246.170.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.170.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-170-47.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6b8569c3c0dcf9688812cadadc38e482ef9f48b772bc345cef2c893e046534b9

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache
x-server: 10.45.9.106
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 47F3 15 KB
6 KB 854ms
64ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=onlinehikes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 472277
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 audio_003.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 39 KB
40 KB 579ms
577ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_003.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20eb590f84065974bd0cfd89083f00c7b70f00d315e75b381bce3bf9fe7b0b6f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
via: 1.1 e6c9a537bd3796ea580cf02a62b7c246.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40020
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "53edf5a557bf1602f82551fc9c68fb2f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2xd3dCKQWOPoFY3ZsoEOMy96ZlBMDPdrWTKL58cVJ9Q3BjKyYYKlvfdnv3kl7WCA9syJq3lyc12V%2BdyLE3v1sTv1X1pZyNA4esdsSEoFfP4k09ISL%2BE6CGw9oI1he%2B%2BxSsIz0dZmPqUynx1v0S8mUCb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaf8b823d943-HEL
x-amz-cf-id: XOg8deWaWhTpBcTjxPcQQirZAtj7EF7_TaRtggG9Vj5JGR8buzc7og==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 115B 930 B
1 KB 824ms
56ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 52
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 11:02:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 62
x-content-type-options: nosniff
x-request-id: ac61c13e-4f3c-445e-afd9-11bb3529c97c
x-served-by: cache-fra-eddf8230042-FRA
x-timer: S1682334162.557960,VS0,VE0

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_003.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 158 KB
159 KB 702ms
701ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_003.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd52a5b62fc343de80869af721c27421538c1ff8dad774fdffef48775ed04914

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
via: 1.1 8e2fc74f111e14140c534c3cd41f10e0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 162100
last-modified: Wed, 29 Mar 2023 19:08:50 GMT
server: cloudflare
etag: "232c9667154fb959f8741102bf00d654"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TG%2FlCptOuapJQlXiw3gYqil%2BOHDIvhbDB1%2Ffa%2BC4pUKroglEriIxUfFmCVcKQqBayCBY2Verr82%2FX8WkLKBR3blfRHG0qVxdknmqlKAZ4%2FI49Uv1uAtw2uNX10OLdwCVWS9jHa8qKI3C16mCcsW0GShL"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaf91910d943-HEL
x-amz-cf-id: 6ZsyIckNKKqLho7GOY5PMzkIpyMKXft9TFHBYIkozsA5c2IjL2TmOQ==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D779 1 KB
643 B 191ms
61ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 57736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Mon, 24 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 grapefruit.gif
onlinehikes.com/detroitchicago/ 0
16 B 70ms
61ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/grapefruit.gif?orig=0&v=W3sidHlwZSI6InZpZGVvIiwidmlkZW9faW1wcmVzc2lvbl9pZCI6IjI3MDczMTUyLTU1MzMtNGY5Ni04NDE4LTk1ODJmYzA0YjI5NyIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImRhdGEiOlt7Im5hbWUiOiJ2aWRlb19zdGFydCIsInZhbCI6IjIwMjMtMDQtMjQgMTE6MDI6MzgifV19LHsidHlwZSI6InZpZGVvIiwidmlkZW9faW1wcmVzc2lvbl9pZCI6IjI3MDczMTUyLTU1MzMtNGY5Ni04NDE4LTk1ODJmYzA0YjI5NyIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWRfc3RhcnQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJ2aWRlbyIsInZpZGVvX2ltcHJlc3Npb25faWQiOiIyNzA3MzE1Mi01NTMzLTRmOTYtODQxOC05NTgyZmMwNGIyOTciLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoiaGVhcmRfc3RhcnQiLCJ2YWwiOiIwIn1dfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:40 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 91ms
90ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
90ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 628ms
628ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=382628493843400&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=6&adks=3188901710&didk=686522671&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D6420057874562681%26eid%3D6420057874562681%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Donlinehikes_com-edge-1-6420057874562681%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C19%2C2688%2C3045%2C4276%26lb%3D100%26reqt%3D1682334161016&eri=1&sc=1&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&abxe=1&dt=1682334161063&lmt=1682334161&dlt=1682334157147&idt=523&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhQKBW9wZW54GNWsuJf7MEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y1ay4l_swSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9665d0f43eeaa1e524c084ce3d845df58d397050a1246e18a70b9dfcd271a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14980
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
474 B 523ms
522ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=3921421333314720&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=7&adks=3586627133&didk=686538070&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D3855632024510120%26eid%3D3855632024510120%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Donlinehikes_com-edge-2-3855632024510120%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C19%2C2688%2C3045%2C4276%26lb%3D100%26reqt%3D1682334161026&eri=1&sc=1&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&abxe=1&dt=1682334161090&lmt=1682334161&dlt=1682334157147&idt=523&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhQKBW9wZW54GNWsuJf7MEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y1ay4l_swSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16bc17048cc4a434d653e858bc93b7a4e048477bfc9b7c46b3c101743978f6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
15 KB 725ms
724ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=4061024083912941&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&adks=3840644460&didk=1981406807&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D6465802780532390%26eid%3D6465802780532390%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Donlinehikes_com-box-2-6465802780532390%26eb_br%3D8c5ffefb122f59a66a8b7672d4452af2%26eba%3D1%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D36%26br2%3D36%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C2693%2C3053%2C4276%26lb%3D70%26reqt%3D1682334161023&eri=1&sc=1&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&abxe=1&dt=1682334161100&lmt=1682334161&dlt=1682334157147&idt=523&adxs=650&adys=139&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=458x250&msz=300x250&fws=0&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhQKBW9wZW54GNWsuJf7MEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y1ay4l_swSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8062db11dbf7fab9548e63f78fae1a9977df058cbead1d3e123732658dfbadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15599
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
483 B 589ms
588ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=2432059157687848&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=9&adks=358549289&didk=4056883344&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D6126753706503792%26eid%3D6126753706503792%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Donlinehikes_com-medrectangle-2-6126753706503792%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C19%2C2688%2C3045%2C4276%26lb%3D100%26reqt%3D1682334161032&eri=1&sc=1&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&abxe=1&dt=1682334161115&lmt=1682334161&dlt=1682334157147&idt=523&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhQKBW9wZW54GNWsuJf7MEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y1ay4l_swSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

267971697e6b4a8a5c5118e363736f49e16d5607ce93ff54141fae4ba886cd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 454
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8051 0
176 B 146ms
66ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 24 Apr 2023 11:02:41 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 audio_004.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
40 KB 661ms
661ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_004.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f91dd101acc5294894c5dbe08ec99bf003376e029cc8a873f2b9bd321d4966a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
via: 1.1 c418ea866520d52fb3d0a50002762664.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40738
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "b1e7cc06425d46b085f0c6e50a434f74"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSyjSVHae1BrSTzeKXxuSSyK6tFY%2FV5yiJKjVDx1cZ8mPbm1eF4qYPluBOrRr%2BOzvdHDsc%2Fv2MsumURlHBAKhd4oQtI7W99pFZo2Svm9h%2FqmRoh1srO0qcdMsrdS87uOJ1T0uOAac7yKcWMGrO4SuwL%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddafd2d67d943-HEL
x-amz-cf-id: tXQNu4IvdC8eJEjy8xuaMorT3bZmxtTuYFlR-OSb5BNgo8aVZ7nQdw==

POST
H2 200 csp-report
q.stripe.com/ Frame 115B 0
490 B 188ms
188ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682334161689824
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682334161689505
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 115B 86 KB
16 KB 56ms
56ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 24 Apr 2023 11:02:41 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 176
x-cache: HIT
content-length: 16031
x-request-id: edc6297f-1620-40af-8f6d-19b50ab01934
x-served-by: cache-fra-eddf8230042-FRA
server: Fastly
x-timer: S1682334162.637932,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 164

GET
H2

200

sid Show response
mug.criteo.com/ Frame 47F3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=onlinehikes.com&sn=ChromeSyncframe&so=0&topUrl=onlinehikes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=0hWu03xUdldzM0tPMkVVRmxWYVZ4TFJ3Z2l6djJubndsaU5zNmpDNXFRTkJETGtCaC92dkpWSWZRY1RwZzUyQ1dmOUdXaXBsWnc4N1ZQTDR0TUxaMUl5ZU1IdEZtNTRyaGk3QlI3aHN3QWQ0Zm5LY2xHQ1FNRDZ6aUlwaW...

435 B
654 B

225ms
75ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0hWu03xUdldzM0tPMkVVRmxWYVZ4TFJ3Z2l6djJubndsaU5zNmpDNXFRTkJETGtCaC92dkpWSWZRY1RwZzUyQ1dmOUdXaXBsWnc4N1ZQTDR0TUxaMUl5ZU1IdEZtNTRyaGk3QlI3aHN3QWQ0Zm5LY2xHQ1FNRDZ6aUlwaWZxbDhzMGJXYk1mL2pHOTgwWlpLMVM4KzVkK1JXQWJTS204UDUvcXNlL25GalBXN3NmcWU5ZDBvWWJrSHpHQUMycHJnN2h4SGdGNTdoV1daUSs3UGdPNnRuSkJ1SlN4STVyWXVCL3JqK3Jha05kNWprWm1rd01wY3VtNDRiaDFuZ3VIUGZGcmtLamVYZ0tmdmV3OUFUYUR4ZmtaM0tOTXU5TytRcm92c05XTlI0RGYya1NHOD18&cppv=2

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

efb9ac9a4eb7de0ca8bd6199c75a7e1daa87c547ebee395ffdb1dd7c434dbbba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 13335978
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=0hWu03xUdldzM0tPMkVVRmxWYVZ4TFJ3Z2l6djJubndsaU5zNmpDNXFRTkJETGtCaC92dkpWSWZRY1RwZzUyQ1dmOUdXaXBsWnc4N1ZQTDR0TUxaMUl5ZU1IdEZtNTRyaGk3QlI3aHN3QWQ0Zm5LY2xHQ1FNRDZ6aUlwaWZxbDhzMGJXYk1mL2pHOTgwWlpLMVM4KzVkK1JXQWJTS204UDUvcXNlL25GalBXN3NmcWU5ZDBvWWJrSHpHQUMycHJnN2h4SGdGNTdoV1daUSs3UGdPNnRuSkJ1SlN4STVyWXVCL3JqK3Jha05kNWprWm1rd01wY3VtNDRiaDFuZ3VIUGZGcmtLamVYZ0tmdmV3OUFUYUR4ZmtaM0tOTXU5TytRcm92c05XTlI0RGYya1NHOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 391132
content-length: 0
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 115B 156 B
669 B 589ms
194ms XHR
application/json 34.208.115.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.115.43 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-115-43.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3919770e02fec69b5d2ada8c8d5693c90da60766714795000b84dad168d45606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 24 Apr 2023 11:02:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682334162234437
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682334162234057
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 container.html Show response
9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8EBB 6 KB
3 KB 65ms
63ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:38 GMT
expires: Tue, 23 Apr 2024 11:02:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D779 70 B
265 B 254ms
77ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIeKAyKmbTrU8kC9l9kLGQ4&google_cver=1&google_push=ATf1kGOevAnfk-ayyXHugZLX7Cb1KWKkUYXssNq5zrUyqMLXz_p3Yssn1145lTL3x5K2EnE-PoTbboldfMX3uLAu2vfuiTKsoA
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELcwYqmZMy1v6gHPsCmx_L8&google_cver=1&google_push=ATf1kGNQwnpivY8ZeddXVA8Rx4FxEP8ZvPPOe48jiWfmfUJQDgfzwiHuXFt5nx3WbzmeiiydBu4ZxxFpgZkuz7Rb5PrKcW9FBg
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTU4ODFFN0MzNzZFMDI5OQ==

170 B
188 B

73ms
72ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTU4ODFFN0MzNzZFMDI5OQ==

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTU4ODFFN0MzNzZFMDI5OQ==
date: Mon, 24 Apr 2023 11:02:42 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEKZrbB6XlaPbWgzA6WzwKco&google_cver=1&google_push=ATf1kGOdOO8t0hO_EZWYxjL7RY-hnlMDOiQLdYRSAHMaFtj2wCcqwYfiJQnMJKjTKOpiASO-bVPetsQWJiS0msXDWs3jnnHTKA
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW81T3hveGJBQld6YV9UdjBtRkdaQQ%3D%3D&google_push=ATf1kGOdOO8t0hO_EZWYxjL7RY-hnlMDOiQLdYRSAHMaFtj2wCcqwYfiJQnMJKjTKOpiASO-bVPetsQWJiS0m...

170 B
188 B

74ms
74ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW81T3hveGJBQld6YV9UdjBtRkdaQQ%3D%3D&google_push=ATf1kGOdOO8t0hO_EZWYxjL7RY-hnlMDOiQLdYRSAHMaFtj2wCcqwYfiJQnMJKjTKOpiASO-bVPetsQWJiS0msXDWs3jnnHTKA

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW81T3hveGJBQld6YV9UdjBtRkdaQQ%3D%3D&google_push=ATf1kGOdOO8t0hO_EZWYxjL7RY-hnlMDOiQLdYRSAHMaFtj2wCcqwYfiJQnMJKjTKOpiASO-bVPetsQWJiS0msXDWs3jnnHTKA
date: Mon, 24 Apr 2023 11:02:42 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: nginx
content-length: 241
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEIV-XJPdhFnFa8a_gQAuMjI&c_param1=ATf1kGPoDvCkwoh5DoQGMkb6multt8X66Jy7XFUFxxZhrnUTIGIvKV6rkcsyDxncGGYp23_F8lXpm6Nhqnlczr1cjBBCsC4oYTU&gdpr=%%GDPR%%&a...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPoDvCkwoh5DoQGMkb6multt8X66Jy7XFUFxxZhrnUTIGIvKV6rkcsyDxncGGYp23_F8lXpm6Nhqnlczr1cjBBCsC4oYTU

170 B
329 B

74ms
74ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPoDvCkwoh5DoQGMkb6multt8X66Jy7XFUFxxZhrnUTIGIvKV6rkcsyDxncGGYp23_F8lXpm6Nhqnlczr1cjBBCsC4oYTU

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPoDvCkwoh5DoQGMkb6multt8X66Jy7XFUFxxZhrnUTIGIvKV6rkcsyDxncGGYp23_F8lXpm6Nhqnlczr1cjBBCsC4oYTU
date: Mon, 24 Apr 2023 11:02:41 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDP...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDP...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDPtTtA_cC4RpBY7Q&google_hm=ZEE2enJDR0R0Q3hXdHJXe...

170 B
188 B

73ms
72ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDPtTtA_cC4RpBY7Q&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:42 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMQh1Vb0qfVqFSrN-FBDinMRsP5gl0f6RDhBnNkBlSOtMi1muAnM6tqaooxDqKptFqg8KHYGHAJiZSDPtTtA_cC4RpBY7Q&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame D779 0
45 B 311ms
66ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEINNTZiqNKMm7yNqWZI0bxo&google_cver=1&google_push=ATf1kGNY9kMYRXsFOAO0mCFy7i-6HeMnmD1X6FKT5MPPetN_nkz90fbOQwV2XyC-XBAT0vIXCuqnAOFA3XxI6OMBQS488G0WBvc
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame D779
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4AT_V1dOCS-0frgy5rC-A&google_cver=1&google_push=ATf1kGMIYj67qOGqqTDJ9FF8ZrLqukPOd7_zBgplI5kpFq9DGm52uYq8aKLouPkF9LLjpaV9EaCRn2lqlyz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMIYj67qOGqqTDJ9FF8ZrLqukPOd7_zBgplI5kpFq9DGm52uYq8aKLouPkF9LLjpaV9EaCRn2lqlyzQekB0Sb-yySFqQYKD
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

66ms
66ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D779 0
130 B 226ms
68ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ij1fQ9nirQhOOBG4EAFF1DOhi82c5ifC-TT1xNr_jRon6ONDuxGg3Z3a9o_OEosbicuvjk_w

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_004.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 143 KB
144 KB 769ms
768ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_004.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c3971e721280f91cca7373eaa229cbcc01fbe4de055ca90f5784805f0f90bb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
via: 1.1 add50c826a69b24be8ba05da744b9204.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146421
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "b823baa21a753fab003cb143513c11df"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJWtWx09Vr71IkqUGFkIqGB8HfptqtoPNI0zztam5fn%2F2quFzYVe8i%2FjluVaOXIQuc5UYg%2FEs8VcOpVEOOZX2LabXENALNjjtU4tP4%2B0VvSUlJ6gLIdPsg81lv67sYBssHpQ4mNvU8TROD%2F%2F9xm4TAi6"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddaff4b08d943-HEL
x-amz-cf-id: w3U2LsjeB5zFeObA1GJW6HOrRYCfWxVo1gBbQBEW11cmjWSX8Q7yow==

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
62 B 60ms
53ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzYmE5ODJmYzQyMzhkZDQxOTdiMWQ1MWIzNDU0NzhkYyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDUsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NDIwMDU3ODc0NTYyNjgxIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NDIwMDU3ODc0NTYyNjgxIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:42 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:42 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 62ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA0LTI0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTEifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:41 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:41 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 62ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImF1Y3Rpb25fZXBvY2giOjE2ODIzMzQxNjIsImFkX3Bvc2l0aW9uIjoxOTc1LCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjEwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6NTAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjY3NSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:41 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:41 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame E6C9 36 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:33:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 18:33:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8EBB 0
0 112ms
111ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZTX00WFGZL-tDYb-nsEP1eSK8AnHjpmdcOe8oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE7wFP0KxrJYmSUkAD1s4kfs8oYhix1HXLajIfHS2YYsso9QOp9JBwzJdxBoQP6pPBkYbZN7h80sUhwQypaHynCP6BWd098rvZF4Acsk3o4b2Dx4eSrBnXcemKqfhhSq9UeplXGmbveUppOFrNokB1YN5WhX6jU_4WAIEpwp31tB1uxYX31HxIvFsP3gn8-UU2PiNfflva6e2_pMIVeb2NevIHMEYNGhjbMdxj5b3R9oLrrctlh7QniNwFaIZ7UDrqKQbi8noucAIetTFnwel0Sb4P9DbNfz5lg_M8JSBIAuQCcrT_8_RGh8BskNIKeijlbcAEzK7-86wE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBhGAB7-RyjCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDa_SHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA3OTI3Nzg5MzE2MjUwNIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xOTY2NzIxMTkyNzA5NjA2GL7JBw&sigh=U4yYWKhYd5k&uach_m=[UACH]&cid=CAQSPABygQiDYekawfp1rqkNC-vlIxDQz-oSe-ZUn4zzI5g5qy0DFDs9Bfenc70wZb5slg3n3zjM4mcz7xyIUxgB
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 642e70dc588d307e3b020c2e Show response
c.bannerflow.net/a/ Frame 8EBB 70 KB
23 KB 291ms
201ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCwsD_0WFGZL-tDYb-nsEP1eSK8AnHjpmdcOe8oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0KxrJYmSUkAD1s4kfs8oYhix1HXLajIfHS2YYsso9QOp9JBwzJdxBoQP6pPBkYbZN7h80sUhwQypaHynCP6BWd098rvZF4Acsk3o4b2Dx4eSrBnXcemKqfhhSq9UeplXGmbveUppOFrNokB1YN5WhX6jU_4WAIEpwp31tB1uxYX31HxIvFsP3gn8-UU2PiNfflva6e2_pMIVeb2NevIHMEYNGhjbMdxj5b3R9oLrrctlh7QniNwFaIZ7UDrqKQbi8noucAIetTElw8jmjy3D0ZQBZ5XL_Gm6BQFCpO4sak1CRYvcC0ZHvMrOzPzAz91iKcAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDYekawfp1rqkNC-vlIxDQz-oSe-ZUn4zzI5g5qy0DFDs9Bfenc70wZb5slg3n3zjM4mcz7xyIUxgB%26sig%3DAOD64_1udvGcrM83cB4MlQCUhVeTdmyW9A%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1975629547
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2688cef498c5c9245b237de41211d6181adde39aff48eb5aa7535da9ea9daaf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Apr 2023 11:02:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7bcddb00380bd97b-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 8EBB 35 KB
13 KB 146ms
143ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

524bfe83fbc8a2866b79b93e4e16ce6d250b783b68318fa0cebfbe6f0f6057a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
server: cafe
etag: 18134504485529606991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 11:02:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 8EBB 3 KB
1 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:47:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 8EBB 19 KB
8 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EBB 159 KB
49 KB 73ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:02:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 8EBB 21 KB
8 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:43:03 GMT

GET
H3 200 container.html Show response
9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F86 6 KB
3 KB 69ms
68ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:38 GMT
expires: Tue, 23 Apr 2024 11:02:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
62 B 60ms
59ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NDY1ODAyNzgwNTMyMzkwIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6MTEyMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiOGM1ZmZlZmIxMjJmNTlhNjZhOGI3NjcyZDQ0NTJhZjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY0NjU4MDI3ODA1MzIzOTAiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1vbmxpbmVoaWtlc19jb20tYm94LTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDM2LCJhZF9wb3NpdGlvbiI6MTEyMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMzYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDcsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NDY1ODAyNzgwNTMyMzkwIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6MTEyMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NTMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY0NjU4MDI3ODA1MzIzOTAiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1vbmxpbmVoaWtlc19jb20tYm94LTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxMTIxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 61ms
60ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:42 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:42 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 61ms
61ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYXVjdGlvbl9lcG9jaCI6MTY4MjMzNDE2MiwiYWRfcG9zaXRpb24iOjExMjEsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NzAsImJpZF9mbG9vcl9wcmV2Ijo3MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MzYsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjc1NSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:42 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F86 0
0 104ms
104ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDfQO0WFGZI3DDffknsEPjMu76AzHjpmdcI-9oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0GkaUjLiaQIUznr2pLdxbq5gequjVtApQjpqCk9GnlA5iBmoKCCOh-Gq5BZyE24hal7_Zgx-q9hv7VexE3LZiNGSKLz1UBDekf3VgkuRbYfwHSGtzEUbYm2pvmO2ti9fi7RNOSSjbYjHa33DbeF2VDawYn5EYr9er0GeQ5Y0ezxEeP4uy6iSMrGl64W0kcgcN3OUsKTDGLX69MnhXobL-wFiWqZnUz_mU3DJUZtW3-3kzXB-QFoH8TT1UDMIV6fXtUIxF7XWPJSRG5RkYP7JQNSrw0r5ekPC0NMzkRT4SPyU7sgtKwIDv4tZOr-S_lSRrcAEzK7-86wE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBhGAB7-RyjCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCohBbSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA3OTI3Nzg5MzE2MjUwNIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xOTY2NzIxMTkyNzA5NjA2GL7JBw&sigh=eXWhIN4UtUE&uach_m=[UACH]&cid=CAQSPABygQiDmWyxiC7w0Q_MjWfxZRV-fLmLADgU3gGieQEogrQISGvpBqRXPx2ruYaDByvXWn3YuyCWwswNPhgB
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 642e70dc588d307e3b020c2f Show response
c.bannerflow.net/a/ Frame 3F86 70 KB
24 KB 132ms
128ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2f?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCCLTc0WFGZI3DDffknsEPjMu76AzHjpmdcI-9oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE9QFP0GkaUjLiaQIUznr2pLdxbq5gequjVtApQjpqCk9GnlA5iBmoKCCOh-Gq5BZyE24hal7_Zgx-q9hv7VexE3LZiNGSKLz1UBDekf3VgkuRbYfwHSGtzEUbYm2pvmO2ti9fi7RNOSSjbYjHa33DbeF2VDawYn5EYr9er0GeQ5Y0ezxEeP4uy6iSMrGl64W0kcgcN3OUsKTDGLX69MnhXobL-wFiWqZnUz_mU3DJUZtW3-3kzXB-QFoH8TT1UDMIV6fXtUIxF7XWPJSRG5QmYt9bhkdn5ug1Yuhsr0m1sTXy7va69jGQnX2ZMw1yFqdWSIC0D4bLNsAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDmWyxiC7w0Q_MjWfxZRV-fLmLADgU3gGieQEogrQISGvpBqRXPx2ruYaDByvXWn3YuyCWwswNPhgB%26sig%3DAOD64_1q2WMzet5U9L6v0AY-myWbw1pZvA%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=161723773
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 173c4bd1da60e56c4ddfa4a9c404be184a8b464b62f2e98c761c2bc79e3bd474

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Apr 2023 11:02:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7bcddb0078b6d97b-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3F86 35 KB
13 KB 119ms
116ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

524bfe83fbc8a2866b79b93e4e16ce6d250b783b68318fa0cebfbe6f0f6057a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
server: cafe
etag: 18134504485529606991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 11:02:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3F86 3 KB
1 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:47:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3F86 19 KB
8 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:45:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F86 0
0 72ms
69ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7409xktkwDsMrfH_LxeNItbDa8HC9z5GEUtj5WpF8TCuROeuH6ujNas30Vb5xRdtsbfKiNViudjYywPrhtPuourXiFg
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F86 159 KB
49 KB 87ms
84ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:02:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 3F86 21 KB
8 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:43:03 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 58ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjExNDc3Nzk2MDUzODAxOSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJvbmxpbmVoaWtlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MDAsMTIwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxMTQ3Nzc5NjA1MzgwMTkiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0Ijoib25saW5laGlrZXNfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjExNDc3Nzk2MDUzODAxOSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJvbmxpbmVoaWtlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:42 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2377 1 KB
643 B 61ms
61ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 57737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Mon, 24 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8EBB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8267fff83812be963aa5b742d19ba72a9e05a352c420a84666681e3931aeb654

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2377
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGvkey7sE_m4F9CgM4boFGI&google_cver=1&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7DjRC...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGvkey7sE_m4F9CgM4boFGI&google_cver=1&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7Dj...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7DjRCdqDB3

170 B
188 B

71ms
71ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7DjRCdqDB3

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLuxvm4hZ5o9sbtSVt6LgKRs5LrqxJC_gXGpVqa4IoAUwOu9mEZ6Y7xjdtMBcXRAHYkekZZ9sngBRE6MEC21Z7DjRCdqDB3
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2377
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8xhTG7ZIKKCMGTto&google_hm=R2FmNmZ5OWRDYVhnN1RJ...

170 B
188 B

88ms
88ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8xhTG7ZIKKCMGTto&google_hm=R2FmNmZ5OWRDYVhnN1RJQUJZWGo=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:42 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKDyHG1ZAyuum7ouU2PYHBTNXaiVQlHxyttk92nbBLXd-Bvr4vzVXLO609srYbsN-R23lVpF1rk90gm8xhTG7ZIKKCMGTto&google_hm=R2FmNmZ5OWRDYVhnN1RJQUJZWGo=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2377
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAQraC9NX9f9TTxkhMVDWKQ&google_cver=1&google_push=Aer7DvLTVVrAMhpQrX2EVUJM4v5Tmf8mAom7xOV-xlvDDSAAOIP5AEvkkXjHhwn1ENwKx2i31b1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSFotMVQtN1Q3NA==&google_push=Aer7DvLTVVrAMhpQrX2EVUJM4v5Tmf8mAom7xOV-xlvDDSAAOIP5AEvkkXjHhwn1ENwKx2i31b1p1IBt9fcxKO16tqkIkpm9_si5

170 B
188 B

78ms
77ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSFotMVQtN1Q3NA==&google_push=Aer7DvLTVVrAMhpQrX2EVUJM4v5Tmf8mAom7xOV-xlvDDSAAOIP5AEvkkXjHhwn1ENwKx2i31b1p1IBt9fcxKO16tqkIkpm9_si5

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSFotMVQtN1Q3NA==&google_push=Aer7DvLTVVrAMhpQrX2EVUJM4v5Tmf8mAom7xOV-xlvDDSAAOIP5AEvkkXjHhwn1ENwKx2i31b1p1IBt9fcxKO16tqkIkpm9_si5
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2377
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvK6n0JnWlrIKMEg-S8IqILaKHxveELib...

170 B
188 B

74ms
73ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvK6n0JnWlrIKMEg-S8IqILaKHxveELib3Qaxf9oe4eav6mmnOgfM9E0Mr1e5R3eV7ThRFA1mJpuJIdkx6_u1ud75MtEMMY

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvK6n0JnWlrIKMEg-S8IqILaKHxveELib3Qaxf9oe4eav6mmnOgfM9E0Mr1e5R3eV7ThRFA1mJpuJIdkx6_u1ud75MtEMMY
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2377
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEFgMM7tclNfHosrwWQ7J-8Y&google_cver=1&google_push=Aer7DvJdWwy5oAQgPbojBWpUxSFXUWIUWslYcerWdmQYREL_7PNY_nPFHMvSX3_IIlXnV3sDtOwoERzi8_VbmOE87hZetkquqH9N
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvJdWwy5oAQgPbojBWpUxSFXUWI...

170 B
188 B

139ms
138ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvJdWwy5oAQgPbojBWpUxSFXUWIUWslYcerWdmQYREL_7PNY_nPFHMvSX3_IIlXnV3sDtOwoERzi8_VbmOE87hZetkquqH9N&gdpr=&gdpr_consent=

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:42 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM1NTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvJdWwy5oAQgPbojBWpUxSFXUWIUWslYcerWdmQYREL_7PNY_nPFHMvSX3_IIlXnV3sDtOwoERzi8_VbmOE87hZetkquqH9N&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 24 Apr 2023 11:02:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2377
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEp7adscx7FJ0HC2eiNu8hg&google_cver=1&google_push=Aer7DvJXMsP0nFnF6voMcfUzX0DF2lJNQ3Weml3sc4j2Ok8qGnrEiyJeq2KmAIBkl7RB2Dws1--3m0xYiry672fSbU-zG2H...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJXMsP0nFnF6voMcfUzX0DF2lJNQ3Weml3sc4j2Ok8qGnrEiyJeq2KmAIBkl7RB2Dws1--3m0xYiry672fSbU-zG2HuvLIWYg&google_hm=ODc3NTA4O...

170 B
188 B

71ms
70ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJXMsP0nFnF6voMcfUzX0DF2lJNQ3Weml3sc4j2Ok8qGnrEiyJeq2KmAIBkl7RB2Dws1--3m0xYiry672fSbU-zG2HuvLIWYg&google_hm=ODc3NTA4ODQ1MDY0OTc0NDU3

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJXMsP0nFnF6voMcfUzX0DF2lJNQ3Weml3sc4j2Ok8qGnrEiyJeq2KmAIBkl7RB2Dws1--3m0xYiry672fSbU-zG2HuvLIWYg&google_hm=ODc3NTA4ODQ1MDY0OTc0NDU3
Date: Mon, 24 Apr 2023 11:02:42 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 2377
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4AT_V1dOCS-0frgy5rC-A&google_cver=1&google_push=Aer7DvKAvybb2JGvF_f0AtS2UkSwaecMJTcjzrd39P3uz4HRL1qP75nailD72g78XHU3oGhursBqVAROtuZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKAvybb2JGvF_f0AtS2UkSwaecMJTcjzrd39P3uz4HRL1qP75nailD72g78XHU3oGhursBqVAROtuZ89mSpdrQipQznW9lXag
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

65ms
64ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2377 0
49 B 69ms
68ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KA68cNOb1yqrDpmdXeHY5nU8UoBxAqInNDZmMSV_4glsrnartZ7oM0Unwel6R4IlIDDNFfkV4

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B51 1 KB
643 B 78ms
67ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 57737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Mon, 24 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3F86 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6904da84360decdba3a7858e1d4b937dd064eea0c455fc8ae7fbead55695538a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534046/5335975/ Frame 3F86 15 KB
15 KB 142ms
142ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534046/5335975/preload.jpg
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b812cd5e88e56a3d00fd634fab88cbdcd675805ce837affad79390ce86976b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: HIT
age: 1489888
content-length: 15392
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Thu, 06 Apr 2023 07:12:47 GMT
server: cloudflare
etag: "0x8DB366E537485B9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: da2d76d5-901e-0094-130f-695a4f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7bcddb018cdbd97b-HEL

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1018 B 186ms
107ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 11:02:42 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 320714
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjU0w9f0HVDoZ6zYCfYiw5CFcTXEM1c3oCSDPvCDzjJIVXp66E6zMYsezmX2FqWey%2FPseEM43%2BB26YHJHjwZMn4IX7HDDbND3BMviUDvmjIDoLo7Jlym7DpGpM89mkiOVOE5DZwZAS7Tgoq%2B"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7bcddb028c6bd922-HEL

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/ Frame 8EBB 19 KB
19 KB 108ms
108ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/preload.jpg
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cff3f2db8da4d56046ae2909c76a66f2b856558c7be9a044c6afcc0cdc4e0f1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: HIT
age: 1489879
content-length: 19264
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Thu, 06 Apr 2023 07:12:47 GMT
server: cloudflare
etag: "0x8DB366E536CBE34"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 14c9f23b-301e-000b-7857-68164d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7bcddb022e77d97b-HEL

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 190ms
90ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7bcddb02eec095ea-ARN
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 191ms
91ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7bcddb02eec295ea-ARN
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 191ms
92ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7bcddb02eec495ea-ARN
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
309 B 180ms
81ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7bcddb02eec695ea-ARN
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
195 B 292ms
84ms XHR
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 294ms
90ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.42.0&cb=88682784586&lsavail=1&bundle=S4KAG18ycWtORTZqZXdXRkdKVW9FTnJyaUNlNWUlMkZMbnFvbW5YJTJCdTF3bm5aNSUyQmxBQXVaY0V6UVpNV0lEbmFQSko4MTdlSWNmS2cwMFMlMkJQY0d1UFY4eWpQWVNMTndRZGxNRDZJemVndzk1cVdrem5vMTdselNURU1SNUlnYUZ5cDI5VnNuVEc4NEtUZ083QTZ2Q2NYNiUyQm12VTZBJTNEJTNE

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H3 200 audio_005.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 640ms
639ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_005.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f85d1a5d720678036c9a0003a255cf164c1aa5bdb0437cc17abe7b2ae4be28

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
via: 1.1 0a32af04492da569257fec584d243082.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40831
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "d28b9ac907674f2fdc35c12b0a76517d"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD6rYuMKLBvTMWEWSzPvE4L6ZCKmkRcdlaWjt2yn%2F%2Ba7uIwjE%2FW4v9A7v3L75LibZMrB8oDzK%2Bkb3NkNoep3disefsL8Zu1gDrjKqWAXHeyWIsPz%2BDkGKjIAvC2hFIPMFI0YIOcmfzLIaQedRi0Eqhg0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb025c8dd943-HEL
x-amz-cf-id: 9OnEnh4f1m863NJHFw4-NPbUShwVNfTjzq-nxLgar6hz_T85cKIKSA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B51
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI9clFmrdJmzSdSiHTzKtEo&google_cver=1&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC42BpYL...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI9clFmrdJmzSdSiHTzKtEo&google_cver=1&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=5c3c05b8-d8a2-4755-87b9-9a1107d80457&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC42BpYLzCn-7EicEy3Zxhy3DORQX1fHJ1WdPSLTVOhKe4391G...

170 B
188 B

73ms
72ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC42BpYLzCn-7EicEy3Zxhy3DORQX1fHJ1WdPSLTVOhKe4391GmkRzb_1NI&google_hm=8sHWcmtDQveBl8hfGVeOqw==

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJG8-ye1udh8i2oJkSLMXF-l-LFh5nV6EloZHEmu5zkwy7tBWEtXkkhlaUzWkLJXcIKghv0yiUq-E6ESC42BpYLzCn-7EicEy3Zxhy3DORQX1fHJ1WdPSLTVOhKe4391GmkRzb_1NI&google_hm=8sHWcmtDQveBl8hfGVeOqw==
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B51
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8wHMYoVHvxzFJMh6_0tIYTsUPwmkT57gC-DmkQweyCmvqXK...

170 B
188 B

84ms
83ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8wHMYoVHvxzFJMh6_0tIYTsUPwmkT57gC-DmkQweyCmvqXKd9YdZD12lBZR6&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:42 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvKx5fsIPw_XxcdZ8q-S--0M7zVhgI2ocTVvIa6hGmVKiUg1PSIwq-tI24L2P8A4yJMWditDHyxcIF7R8wHMYoVHvxzFJMh6_0tIYTsUPwmkT57gC-DmkQweyCmvqXKd9YdZD12lBZR6&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 280
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B51
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=opUau8BrQVyFO6T4bLgGwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

72ms
71ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=opUau8BrQVyFO6T4bLgGwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK9KT5uL6VOnZO8nnyi3K7wq5FWhtqLBjVkHc2Oi3flfsePNR9N5danosUNCZ5smCBFGpSoWXbV-J_1B0ORdKOqKt8ncv-tFBW_vkh1lWIX-U5fKklPhhGkGQ-sWBtFEc4cybYR78x1

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=opUau8BrQVyFO6T4bLgGwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK9KT5uL6VOnZO8nnyi3K7wq5FWhtqLBjVkHc2Oi3flfsePNR9N5danosUNCZ5smCBFGpSoWXbV-J_1B0ORdKOqKt8ncv-tFBW_vkh1lWIX-U5fKklPhhGkGQ-sWBtFEc4cybYR78x1
date: Mon, 24 Apr 2023 11:02:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAQraC9NX9f9TTxkhMVDWKQ&google_cver=1&google_push=Aer7DvL6_3QA4o32IJHGqzYYqrI24HZoQgrumGCjhd2c_2zJB9HMfrOzGwLxyuDwiVVzdj6cMqZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSlAtMVEtQ0NCUA==&google_push=Aer7DvL6_3QA4o32IJHGqzYYqrI24HZoQgrumGCjhd2c_2zJB9HMfrOzGwLxyuDwiVVzdj6cMqZ7oEtfWCwnbC1exIVzEn--XuoVg...

170 B
188 B

90ms
88ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSlAtMVEtQ0NCUA==&google_push=Aer7DvL6_3QA4o32IJHGqzYYqrI24HZoQgrumGCjhd2c_2zJB9HMfrOzGwLxyuDwiVVzdj6cMqZ7oEtfWCwnbC1exIVzEn--XuoVg3V2t4L6o75tWyuLDCC-lfv8uEKnlXE1qlHfxFK7DHUh

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdVUUJOSlAtMVEtQ0NCUA==&google_push=Aer7DvL6_3QA4o32IJHGqzYYqrI24HZoQgrumGCjhd2c_2zJB9HMfrOzGwLxyuDwiVVzdj6cMqZ7oEtfWCwnbC1exIVzEn--XuoVg3V2t4L6o75tWyuLDCC-lfv8uEKnlXE1qlHfxFK7DHUh
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B51
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvKRDcsLrZsLlGIb7U5_ECNSfchzLU8Y_...

170 B
188 B

73ms
72ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvKRDcsLrZsLlGIb7U5_ECNSfchzLU8Y_WIyPNhd_Y0dsgqhJIOxSrUkJ2t6K3aWT-MRef-LgqU3k5MW-0SyxvlN0JRw4wM8Siic0ohRJgIaGgxTV91fcNsY7wE9rxMop5UbG61AQOk2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvKRDcsLrZsLlGIb7U5_ECNSfchzLU8Y_WIyPNhd_Y0dsgqhJIOxSrUkJ2t6K3aWT-MRef-LgqU3k5MW-0SyxvlN0JRw4wM8Siic0ohRJgIaGgxTV91fcNsY7wE9rxMop5UbG61AQOk2
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B51
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMywDD2IZkRXAUHBOQ6per8&google_cver=1&google_push=Aer7DvLE7i-_OnArZnxlxshWDVQGs30mOgumuGisYCV5uxdUAuSgmWic3JmXzC47QooAKlApQ8wsirexjg8K-IQk...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLE7i-_OnArZnxlxshWDVQGs30mOgumuGisYCV5uxdUAuSgmWic3JmXzC47QooAKlApQ8wsirexjg8K-IQk1eaPcfZbH3gau8j-wGuumgK6BKJueV9MhglPTgaYFu8t...

170 B
188 B

73ms
72ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLE7i-_OnArZnxlxshWDVQGs30mOgumuGisYCV5uxdUAuSgmWic3JmXzC47QooAKlApQ8wsirexjg8K-IQk1eaPcfZbH3gau8j-wGuumgK6BKJueV9MhglPTgaYFu8toVdoxOVQwkE

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 24 Apr 2023 11:02:42 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLE7i-_OnArZnxlxshWDVQGs30mOgumuGisYCV5uxdUAuSgmWic3JmXzC47QooAKlApQ8wsirexjg8K-IQk1eaPcfZbH3gau8j-wGuumgK6BKJueV9MhglPTgaYFu8toVdoxOVQwkE
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: YSILRRn686HxHlGr0Y__mJ1TTX6iaQFQaBLn5iLQfU3bwHRJzMqEgQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B51
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEFgMM7tclNfHosrwWQ7J-8Y&google_cver=1&google_push=Aer7DvLPkFsMyYepx8Rh-OdYw42qE47NDKUvPDxHobqcMryV1KiRcncuhbF8kNtKN55qPSDO9pZMPvoUAUUSBhJt2YSzoNJGs...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLPkFsMyYepx8Rh-OdYw42qE47...

170 B
188 B

73ms
72ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLPkFsMyYepx8Rh-OdYw42qE47NDKUvPDxHobqcMryV1KiRcncuhbF8kNtKN55qPSDO9pZMPvoUAUUSBhJt2YSzoNJGsolgbzZLN7iv3-extAPm8biX_QZ1pmiriJ1ZtgAd3jrmTIL7&gdpr=&gdpr_consent=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:42 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLPkFsMyYepx8Rh-OdYw42qE47NDKUvPDxHobqcMryV1KiRcncuhbF8kNtKN55qPSDO9pZMPvoUAUUSBhJt2YSzoNJGsolgbzZLN7iv3-extAPm8biX_QZ1pmiriJ1ZtgAd3jrmTIL7&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 24 Apr 2023 11:02:42 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B51 0
12 B 69ms
68ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFVRZmw4qkrYKQPwXpvgN1JB6cASr8GQqLKdN1VhAHJKCJmYUwfWh3kOYVfTgcVq_PhgbX

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 3F86 0
81 B 171ms
171ms Ping
text/plain 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2f?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCCLTc0WFGZI3DDffknsEPjMu76AzHjpmdcI-9oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE9QFP0GkaUjLiaQIUznr2pLdxbq5gequjVtApQjpqCk9GnlA5iBmoKCCOh-Gq5BZyE24hal7_Zgx-q9hv7VexE3LZiNGSKLz1UBDekf3VgkuRbYfwHSGtzEUbYm2pvmO2ti9fi7RNOSSjbYjHa33DbeF2VDawYn5EYr9er0GeQ5Y0ezxEeP4uy6iSMrGl64W0kcgcN3OUsKTDGLX69MnhXobL-wFiWqZnUz_mU3DJUZtW3-3kzXB-QFoH8TT1UDMIV6fXtUIxF7XWPJSRG5QmYt9bhkdn5ug1Yuhsr0m1sTXy7va69jGQnX2ZMw1yFqdWSIC0D4bLNsAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDmWyxiC7w0Q_MjWfxZRV-fLmLADgU3gGieQEogrQISGvpBqRXPx2ruYaDByvXWn3YuyCWwswNPhgB%26sig%3DAOD64_1q2WMzet5U9L6v0AY-myWbw1pZvA%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=161723773
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bcddb027f32d97b-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 8EBB 0
33 B 105ms
105ms Ping
text/plain 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCwsD_0WFGZL-tDYb-nsEP1eSK8AnHjpmdcOe8oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0KxrJYmSUkAD1s4kfs8oYhix1HXLajIfHS2YYsso9QOp9JBwzJdxBoQP6pPBkYbZN7h80sUhwQypaHynCP6BWd098rvZF4Acsk3o4b2Dx4eSrBnXcemKqfhhSq9UeplXGmbveUppOFrNokB1YN5WhX6jU_4WAIEpwp31tB1uxYX31HxIvFsP3gn8-UU2PiNfflva6e2_pMIVeb2NevIHMEYNGhjbMdxj5b3R9oLrrctlh7QniNwFaIZ7UDrqKQbi8noucAIetTElw8jmjy3D0ZQBZ5XL_Gm6BQFCpO4sak1CRYvcC0ZHvMrOzPzAz91iKcAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDYekawfp1rqkNC-vlIxDQz-oSe-ZUn4zzI5g5qy0DFDs9Bfenc70wZb5slg3n3zjM4mcz7xyIUxgB%26sig%3DAOD64_1udvGcrM83cB4MlQCUhVeTdmyW9A%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1975629547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bcddb02d82bd97b-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 278ms
202ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 11:02:42 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHCDoiMBdG3qAB0W9%2FRctjkVFeHtg4f3dNPVcZfK%2BRBtEdtjVyN5vlEJj1BSOEA8O7oAZB7C2zJOjq3sM9UDN3LobuxbCazzV8M0JYzDhidseb0YgevES3%2FftY1uQFIHJebKG13QeySyFAiC"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7bcddb03fc56d90a-HEL

POST
H2 204 greenoaks.gif
onlinehikes.com/detroitchicago/ 0
16 B 78ms
59ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:42 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 132ms
117ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d11f3b492f1fcae2dacbae4719e0c9b5b329f7d71928eb2ea029cbc2107541b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11399
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 72ms
72ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 70ms
69ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 IH2f4ZyD_400x400-1.jpg
onlinehikes.com/content/images/size/w100/2021/03/ 428 B
978 B 78ms
77ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w100/2021/03/IH2f4ZyD_400x400-1.jpg?ezimgfmt=rs:36x36/rscb1/ng:webp/ngcb1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 64dd1748937ebb38b49b0ebfc019a0124bda5b1f52bdf815695c9c494fd2a18d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 UTC
content-encoding: br
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 71ce0855-7296-4d96-be42-33041bfc493d
x-ezoic-cdn: Hit ds;mm;4eeaa8512372512dbfee42a83af9e5dc;2-273299-3;a2595808-5b1f-439e-5ef3-02dbe8b56888
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cD9_1GLHIAMF6bA=
content-length: 432
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637e4398-781238e744ceef117d7d9947;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 1dobFAaFcV7SJeLHzvQVJSujnE4_4NtXr5Z-Q-aCHl7D2g8bHD-bgg==

GET
H2 200 IH2f4ZyD_400x400.jpg
onlinehikes.com/content/images/size/w100/2021/03/ 428 B
679 B 109ms
108ms Image
image/webp 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/content/images/size/w100/2021/03/IH2f4ZyD_400x400.jpg?ezimgfmt=rs:36x36/rscb1/ng:webp/ngcb1
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 64dd1748937ebb38b49b0ebfc019a0124bda5b1f52bdf815695c9c494fd2a18d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 UTC
content-encoding: br
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
display: staticcontent_sol
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: c934e426-0dac-46d7-85a0-1b16e1869443
x-ezoic-cdn: Hit ds;mm;58907ea3b306bd7fa1494f3319af07b3;2-273299-3;ab561b20-54ab-4bf7-60c6-c8c6e9c17149
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: cD-ADGzRIAMFuKg=
content-length: 432
response: 200
server: Apache/2.4.39 (Ubuntu)
x-amzn-trace-id: Root=1-637e4399-6486f210325565fa37c7e3c2;Sampled=0
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: P8xsNuhdxogVVTf7gxv_hrWqInHqZ9HiIuR4uP0zkdd_t-WiWVV2CA==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 11:02:42 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A4DF 156 B
385 B 580ms
551ms XHR
text/xml 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=3060965411801226&description_url=https%3A%2F%2Fonlinehikes.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fonlinehikes.com%2F&ad_type=video&ciu_szs=300x250%2C728x90&hl=en&max_ad_duration=18000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=nonlinear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22485590223%2F273299-shared-video-1&vid_d=48&vid_kw=YouTube%20tips%20for%20entrepreneurs%2CHow%20to%20get%20started%20on%20YouTube&vid_t=YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success&vpa=auto&cust_params=ap%3D1%26d%3D273299%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26ft%3D0%26ic%3D1%26iid1%3D6955167364553976%26plat%3D1%26t%3D134%26tap%3D273299-shared-video-1-6955167364553976&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEj4KBW9wZW54EixleUpwSWpvaUsxUXJVbWR4WWs1UlQyMUxSSHAzZWpCb1FYSTFRVDA5SW4wPRjWsriX-zBIABIbCgxpZDUtc3luYy5jb20Yu7W4l_swSABSAghq&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fonlinehikes.com%2F&loc=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334162628&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&scor=3524859698551890&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 589ms
588ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=3407520958307783&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=10&adks=3586627133&didk=686538070&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D3855632024510120%26eid%3D3855632024510120%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Donlinehikes_com-edge-2-3855632024510120%26eb_br%3D674294a1b21a1e89fc99c14c9b17be44%26eba%3D1%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D28%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D50%26reqt%3D1682334161647&eri=1&sc=1&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&abxe=1&dt=1682334162666&lmt=1682334162&dlt=1682334157147&idt=523&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEj4KBW9wZW54EixleUpwSWpvaUsxUXJVbWR4WWs1UlQyMUxSSHAzZWpCb1FYSTFRVDA5SW4wPRjWsriX-zBIABIbCgxpZDUtc3luYy5jb20Yu7W4l_swSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

004c8a0f7d1413ab1fa301e0136099bb7346541ea81045c5d6456e028b167997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15273
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5043 13 KB
5 KB 78ms
77ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 3376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 10:06:26 GMT
expires: Tue, 23 Apr 2024 10:06:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6796 783 B
533 B 79ms
78ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0a421e28ac9dccdada9a45232766c61f29ff47bf64b27dc8ade73d4ce5e1b41

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xQxMfD1uaEOFmyPyjufuvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-xQxMfD1uaEOFmyPyjufuvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:42 GMT
expires: Mon, 24 Apr 2023 11:02:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_005.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 130 KB
130 KB 398ms
398ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_005.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7982286c34d6b7a2b3e48e790790da4a95dc66a85aa359a7db9085efb7fcc0d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
via: 1.1 007499d01faac26a60f04831409d062e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 132892
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "e2b1e2684413c96fdeb87f7bd9ee1915"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Lqwety80X%2Fa9sk%2FNaCVOUeOqOHeb9AhC6XFeDa%2F%2FIl79icIYVhOw9FsUan0grA60URHkO1OxZRYwEM8MElY6wr3Whrkko8Px0C9gZMWTnihGgQ%2FCG6wdjkOrLEXgb1%2FKu%2BwrB2B4cQd0dWlmC4wRa7P"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb052c9ed943-HEL
x-amz-cf-id: w3qyIQ6X1niTDpzDYf6vtDuRqJY1tXFyoWgKyBhQENnh7urFQd31fg==

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 72ms
71ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 84ms
74ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
481 B 421ms
420ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=2738826303130266&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=11&adks=358549289&didk=4056883344&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D6126753706503792%26eid%3D6126753706503792%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Donlinehikes_com-medrectangle-2-6126753706503792%26eb_br%3D674294a1b21a1e89fc99c14c9b17be44%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D28%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D50%26reqt%3D1682334161784&eri=1&sc=1&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&abxe=1&dt=1682334162826&lmt=1682334162&dlt=1682334157147&idt=523&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEj4KBW9wZW54EixleUpwSWpvaUsxUXJVbWR4WWs1UlQyMUxSSHAzZWpCb1FYSTFRVDA5SW4wPRjWsriX-zBIABIbCgxpZDUtc3luYy5jb20Yu7W4l_swSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7f27db79db050005c1655e81e7279c1c53aac53e708a733b8dbef8e093d90f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 452
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6796 0
0 95ms
95ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304190101&jk=2092845990354922&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5043 36 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:33:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 18:33:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5043 0
10 B 61ms
61ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6BaTsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 audio_006.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
40 KB 272ms
272ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_006.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 011320eba21b56c24d673e0f362793d4760291f036ee94a090ef03d7963b24a0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
via: 1.1 6e28f02adabde7d09aba9f5efcd44d1a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40501
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "c17e233c89e2dc35f9ff06f0c6884be7"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9isLaKpo28OXN58T408i6%2BIKjDPBUoOKuRsSIhsZYoToyyc%2Fk6x7e8240fngUYFSHF8oKmn4Ksz9QQ3WxcWde6hWAvEZ26Z8Rdqej7OYKEiKUqB20D2SaEJ1BdwKuM%2FSVns6IzoyU2MLGki280RJcKr0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb070a40d943-HEL
x-amz-cf-id: CNc5Rt_CFJXZ-hnTrjrVl2kTbQ4baQUC7cxWvicZlgWDxBZfe_DzdQ==

GET
H2 200 widget.73803a8d9d4f3ba312b4.js Show response
c.bannerflow.net/scripts/ Frame 3F86 20 KB
7 KB 116ms
116ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2f?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCCLTc0WFGZI3DDffknsEPjMu76AzHjpmdcI-9oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE9QFP0GkaUjLiaQIUznr2pLdxbq5gequjVtApQjpqCk9GnlA5iBmoKCCOh-Gq5BZyE24hal7_Zgx-q9hv7VexE3LZiNGSKLz1UBDekf3VgkuRbYfwHSGtzEUbYm2pvmO2ti9fi7RNOSSjbYjHa33DbeF2VDawYn5EYr9er0GeQ5Y0ezxEeP4uy6iSMrGl64W0kcgcN3OUsKTDGLX69MnhXobL-wFiWqZnUz_mU3DJUZtW3-3kzXB-QFoH8TT1UDMIV6fXtUIxF7XWPJSRG5QmYt9bhkdn5ug1Yuhsr0m1sTXy7va69jGQnX2ZMw1yFqdWSIC0D4bLNsAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDmWyxiC7w0Q_MjWfxZRV-fLmLADgU3gGieQEogrQISGvpBqRXPx2ruYaDByvXWn3YuyCWwswNPhgB%26sig%3DAOD64_1q2WMzet5U9L6v0AY-myWbw1pZvA%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=161723773
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: kV2TaSme3zjoMC7eKEPqvg==
age: 1649800
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 08:06:09 GMT
server: cloudflare
etag: W/"0x8DB35AC9D3707B1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a751deda-d01e-0061-4399-67ce65000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb07c855d97b-HEL

GET
H2 200 document.0000006EB0DF1F.js Show response
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534046/5335975/ Frame 3F86 12 KB
4 KB 75ms
74ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534046/5335975/document.0000006EB0DF1F.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2f?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCCLTc0WFGZI3DDffknsEPjMu76AzHjpmdcI-9oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE9QFP0GkaUjLiaQIUznr2pLdxbq5gequjVtApQjpqCk9GnlA5iBmoKCCOh-Gq5BZyE24hal7_Zgx-q9hv7VexE3LZiNGSKLz1UBDekf3VgkuRbYfwHSGtzEUbYm2pvmO2ti9fi7RNOSSjbYjHa33DbeF2VDawYn5EYr9er0GeQ5Y0ezxEeP4uy6iSMrGl64W0kcgcN3OUsKTDGLX69MnhXobL-wFiWqZnUz_mU3DJUZtW3-3kzXB-QFoH8TT1UDMIV6fXtUIxF7XWPJSRG5QmYt9bhkdn5ug1Yuhsr0m1sTXy7va69jGQnX2ZMw1yFqdWSIC0D4bLNsAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDmWyxiC7w0Q_MjWfxZRV-fLmLADgU3gGieQEogrQISGvpBqRXPx2ruYaDByvXWn3YuyCWwswNPhgB%26sig%3DAOD64_1q2WMzet5U9L6v0AY-myWbw1pZvA%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=161723773
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2601fb72337e9d492df6cbf2c768c2eba584edae07f187de72402374ecb1454

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: ZJf7aQkAkkHQvR9xOocFAA==
age: 999847
cf-polished: origSize=13475
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 07:12:49 GMT
server: cloudflare
etag: W/"0x8DB366E548B5C5E"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: adf14e08-401e-0001-170f-69b2fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb07c85fd97b-HEL

GET
H2 200 animated-creative.da64b08cbb424c1d9ca5.js Show response
c.bannerflow.net/scripts/ Frame 3F86 156 KB
53 KB 124ms
124ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2f?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCCLTc0WFGZI3DDffknsEPjMu76AzHjpmdcI-9oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE9QFP0GkaUjLiaQIUznr2pLdxbq5gequjVtApQjpqCk9GnlA5iBmoKCCOh-Gq5BZyE24hal7_Zgx-q9hv7VexE3LZiNGSKLz1UBDekf3VgkuRbYfwHSGtzEUbYm2pvmO2ti9fi7RNOSSjbYjHa33DbeF2VDawYn5EYr9er0GeQ5Y0ezxEeP4uy6iSMrGl64W0kcgcN3OUsKTDGLX69MnhXobL-wFiWqZnUz_mU3DJUZtW3-3kzXB-QFoH8TT1UDMIV6fXtUIxF7XWPJSRG5QmYt9bhkdn5ug1Yuhsr0m1sTXy7va69jGQnX2ZMw1yFqdWSIC0D4bLNsAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDmWyxiC7w0Q_MjWfxZRV-fLmLADgU3gGieQEogrQISGvpBqRXPx2ruYaDByvXWn3YuyCWwswNPhgB%26sig%3DAOD64_1q2WMzet5U9L6v0AY-myWbw1pZvA%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=161723773
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f209c6f826eefe7fd31940173a19e3e6ef055cda717d9ff8f652df667fde3f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: lEwH1nz39HA/V547ypsMUA==
age: 325548
cf-polished: origSize=159709
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 14:04:09 GMT
server: cloudflare
etag: W/"0x8DB35DEA0BF5B41"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eed2e90e-601e-0029-2bc8-67d352000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb07c864d97b-HEL

POST
H2 204 csi
csi.gstatic.com/ Frame A4DF 0
234 B 703ms
253ms Ping
image/gif 2800:3f0:4005:407::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lguqbkhk&c=1910989093904&slotId=955494546952&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:407::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
194 B 80ms
80ms XHR
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:43 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 85ms
85ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.42.0&cb=81834851639&lsavail=1&bundle=S4KAG18ycWtORTZqZXdXRkdKVW9FTnJyaUNlNWUlMkZMbnFvbW5YJTJCdTF3bm5aNSUyQmxBQXVaY0V6UVpNV0lEbmFQSko4MTdlSWNmS2cwMFMlMkJQY0d1UFY4eWpQWVNMTndRZGxNRDZJemVndzk1cVdrem5vMTdselNURU1SNUlnYUZ5cDI5VnNuVEc4NEtUZ083QTZ2Q2NYNiUyQm12VTZBJTNEJTNE

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 widget.73803a8d9d4f3ba312b4.js Show response
c.bannerflow.net/scripts/ Frame 8EBB 20 KB
7 KB 163ms
162ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCwsD_0WFGZL-tDYb-nsEP1eSK8AnHjpmdcOe8oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0KxrJYmSUkAD1s4kfs8oYhix1HXLajIfHS2YYsso9QOp9JBwzJdxBoQP6pPBkYbZN7h80sUhwQypaHynCP6BWd098rvZF4Acsk3o4b2Dx4eSrBnXcemKqfhhSq9UeplXGmbveUppOFrNokB1YN5WhX6jU_4WAIEpwp31tB1uxYX31HxIvFsP3gn8-UU2PiNfflva6e2_pMIVeb2NevIHMEYNGhjbMdxj5b3R9oLrrctlh7QniNwFaIZ7UDrqKQbi8noucAIetTElw8jmjy3D0ZQBZ5XL_Gm6BQFCpO4sak1CRYvcC0ZHvMrOzPzAz91iKcAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDYekawfp1rqkNC-vlIxDQz-oSe-ZUn4zzI5g5qy0DFDs9Bfenc70wZb5slg3n3zjM4mcz7xyIUxgB%26sig%3DAOD64_1udvGcrM83cB4MlQCUhVeTdmyW9A%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1975629547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: kV2TaSme3zjoMC7eKEPqvg==
age: 1649800
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 08:06:09 GMT
server: cloudflare
etag: W/"0x8DB35AC9D3707B1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a751deda-d01e-0061-4399-67ce65000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb086a7cd97b-HEL

GET
H2 200 document.000000463FFC2C.js Show response
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/ Frame 8EBB 12 KB
4 KB 69ms
69ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/document.000000463FFC2C.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCwsD_0WFGZL-tDYb-nsEP1eSK8AnHjpmdcOe8oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0KxrJYmSUkAD1s4kfs8oYhix1HXLajIfHS2YYsso9QOp9JBwzJdxBoQP6pPBkYbZN7h80sUhwQypaHynCP6BWd098rvZF4Acsk3o4b2Dx4eSrBnXcemKqfhhSq9UeplXGmbveUppOFrNokB1YN5WhX6jU_4WAIEpwp31tB1uxYX31HxIvFsP3gn8-UU2PiNfflva6e2_pMIVeb2NevIHMEYNGhjbMdxj5b3R9oLrrctlh7QniNwFaIZ7UDrqKQbi8noucAIetTElw8jmjy3D0ZQBZ5XL_Gm6BQFCpO4sak1CRYvcC0ZHvMrOzPzAz91iKcAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDYekawfp1rqkNC-vlIxDQz-oSe-ZUn4zzI5g5qy0DFDs9Bfenc70wZb5slg3n3zjM4mcz7xyIUxgB%26sig%3DAOD64_1udvGcrM83cB4MlQCUhVeTdmyW9A%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1975629547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74dcc1a1abc9b09ae9c21b7048ba8898cf1cabf17af4bad64accc38ea6155898

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 3TOy8On3Rw70JJWCUtZpDQ==
age: 1489878
cf-polished: origSize=13823
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 07:12:49 GMT
server: cloudflare
etag: W/"0x8DB366E545A3E6A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 67b70d41-101e-001c-110f-69bf46000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb086a7fd97b-HEL

GET
H2 200 animated-creative.da64b08cbb424c1d9ca5.js Show response
c.bannerflow.net/scripts/ Frame 8EBB 156 KB
53 KB 110ms
109ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCwsD_0WFGZL-tDYb-nsEP1eSK8AnHjpmdcOe8oqaREfjlpYjdDhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0KxrJYmSUkAD1s4kfs8oYhix1HXLajIfHS2YYsso9QOp9JBwzJdxBoQP6pPBkYbZN7h80sUhwQypaHynCP6BWd098rvZF4Acsk3o4b2Dx4eSrBnXcemKqfhhSq9UeplXGmbveUppOFrNokB1YN5WhX6jU_4WAIEpwp31tB1uxYX31HxIvFsP3gn8-UU2PiNfflva6e2_pMIVeb2NevIHMEYNGhjbMdxj5b3R9oLrrctlh7QniNwFaIZ7UDrqKQbi8noucAIetTElw8jmjy3D0ZQBZ5XL_Gm6BQFCpO4sak1CRYvcC0ZHvMrOzPzAz91iKcAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDYekawfp1rqkNC-vlIxDQz-oSe-ZUn4zzI5g5qy0DFDs9Bfenc70wZb5slg3n3zjM4mcz7xyIUxgB%26sig%3DAOD64_1udvGcrM83cB4MlQCUhVeTdmyW9A%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1975629547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f209c6f826eefe7fd31940173a19e3e6ef055cda717d9ff8f652df667fde3f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: lEwH1nz39HA/V547ypsMUA==
age: 325548
cf-polished: origSize=159709
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 14:04:09 GMT
server: cloudflare
etag: W/"0x8DB35DEA0BF5B41"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eed2e90e-601e-0029-2bc8-67d352000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb086a82d97b-HEL

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_006.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 115 KB
116 KB 833ms
832ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_006.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba531e93a04800be25647177e212c6e0380c254d91cf25d02393f7ad72697b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
via: 1.1 50f8df1bd48d77c6aa66214d7e928e72.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117560
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "eefc802f4ec84c0dbe24e0d4d6f16e94"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjruqkMuRPeFCpWjdX1TcK54wHc5iQLGVk1mG8cxMvxH2GyIe7BP5FwwzHCuDgSWQYxBVg4FMOUMG4yVtnD%2FXbuL6G%2FMMr1tySa15gS9tjFqAqeMnhOgAeF4Ewbp6QzHEeFEF%2BQk5fxTcE92DTtsZUvx"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb087ec2d943-HEL
x-amz-cf-id: V6xwDI3BL6wZQn86SeKwqviuU8B9UMp7x6mKQh2m7LE8kgAlFE9EdA==

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
94 B 58ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAsNjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

GET
H3 200 container.html Show response
9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89C1 6 KB
3 KB 72ms
68ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:38 GMT
expires: Tue, 23 Apr 2024 11:02:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 68ms
62ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI2NzQyOTRhMWIyMWExZTg5ZmM5OWMxNGM5YjE3YmU0NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDI4LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjgsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzODU1NjMyMDI0NTEwMTIwIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NDM4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzODU1NjMyMDI0NTEwMTIwIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 67ms
62ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA0LTI0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTEifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 65ms
61ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImF1Y3Rpb25fZXBvY2giOjE2ODIzMzQxNjMsImFkX3Bvc2l0aW9uIjoxOTc2LCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjUwLCJiaWRfZmxvb3JfZmlsbGVkIjoyOCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjE2LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 64ms
62ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNjUwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMzkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTI2NzUzNzA2NTAzNzkyIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzODU1NjMyMDI0NTEwMTIwIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQ0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NDIwMDU3ODc0NTYyNjgxIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 82ms
82ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 82ms
82ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F86 42 B
64 B 111ms
106ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviNKVSPi1XdPM_RUAS7FjKiJrbC5i-2WnA66kaBgU_v6QVoKZjhx1qgvNhh1Pj7jLLkBx8Tei0_xWYCF0qV2uYqfLNWggTshgdtM-Zomy064JoYy8xKTkrjFF-MKSzf_Ei1XReg5Ef53j18qieBz7w_sXty_LV3Vrp&sai=AMfl-YQJterVto_wd_DCBOallF1ik4_UeQmnghIBD-kgdsO9XXYuXtpoeLRgV6VrPgJ2j5Nat2Ngbne6Ewh5zIMHTggUTgvJEHqH_EKEty_n2L-d4ma5qo3Xo7WPgZWO&sig=Cg0ArKJSzBnNe9BFalwtEAE&cid=CAQSPABygQiDmWyxiC7w0Q_MjWfxZRV-fLmLADgU3gGieQEogrQISGvpBqRXPx2ruYaDByvXWn3YuyCWwswNPhgB&id=lidar2&mcvt=1052&p=139,650,389,950&mtos=1052,1052,1052,1052,1052&tos=1052,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3840644460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682334161862&rpt=440&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 72ms
71ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NDY1ODAyNzgwNTMyMzkwIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6MTEyMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY0NjU4MDI3ODA1MzIzOTAiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1vbmxpbmVoaWtlc19jb20tYm94LTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxMTIxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 57ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTIxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8EBB 42 B
64 B 106ms
106ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXOR1ZtuIt7_N-0t8REJgjSum8QG_zi6Kf_v1WRDIoGQfckqb2bPFVh_0QsKVOYjWSOZ047ocnNlVNs4zOF25wJNmFMrO54bROfWXQo8teSx27f4JmET8GtrzQJ88MyksfT6znCjNwQDa-NsCb_vrPFwWGLl69sE3n&sai=AMfl-YQSRG2hPxaPIcMIDBTsfx-NGd_-8SV7uU6LZiPn5l7cBMflhXzSebxUrohp6ZnZv90Ac1HgCtlsOW3DF78wSlRizioHOopAfpkDPUTi_ZHEyXIj8StfKRSZSOp8&sig=Cg0ArKJSzFdbL1XO7rMlEAE&cid=CAQSPABygQiDYekawfp1rqkNC-vlIxDQz-oSe-ZUn4zzI5g5qy0DFDs9Bfenc70wZb5slg3n3zjM4mcz7xyIUxgB&id=lidar2&mcvt=1085&p=302,0,902,160&mtos=1085,1085,1085,1085,1085&tos=1085,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3188901710&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682334161753&rpt=615&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 467ms
466ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2092845990354922&correlator=2868152430660159&eid=31074079%2C31074093%2C31074095&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22485590223%2Conlinehikes_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=12&adks=358549289&didk=4056883344&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D6126753706503792%26eid%3D6126753706503792%26t%3D134%26d%3D273299%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod46%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Donlinehikes_com-medrectangle-2-6126753706503792%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D43%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D12%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D28%26reqt%3D1682334163381&eri=1&sc=1&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&abxe=1&dt=1682334163476&lmt=1682334163&dlt=1682334157147&idt=523&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fonlinehikes.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1773331551.1682334158&ga_sid=1682334158&ga_hid=69658114&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEj4KBW9wZW54EixleUpwSWpvaUsxUXJVbWR4WWs1UlQyMUxSSHAzZWpCb1FYSTFRVDA5SW4wPRjWsriX-zBIABIbCgxpZDUtc3luYy5jb20Yu7W4l_swSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33334d50a0df2e9ec8f0d059e98c23f1bbd0538cd20da08c8eb9e916492250bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10801
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onlinehikes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 89C1 0
0 107ms
107ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzkbD0mFGZMOqL72zkdUP3NaAsAHHjpmdcOe8oqaREf_y8sXuJhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE7wFP0Gy3uTMQRIThM_vQdO0v0m1-Sb_CoYEuLFBkL7zNuiP94wi2NOUjs55ucyHX_NuHOgHezpxceeU8LgKubU4puXksmZlnbtJ9ymjr4U_dei52S0zZgey5963rlVNvkl4pcftDZvU3BJd8FD6iG9IlFVy9kluRc9Xk7aEOadQE9UliUsaRvUHm-IooAQCJ7QNFuf92Ba2XAHD08ej3hQwCTe5CQ_wZ_KQ-8Tx4XF9dbuNi9SGWG5me1mEi6AZKDWq5Q1vzR_GLIW20raac5hQ_YTW0wEpz4CLmVOWFg-w2aupoQXAquBHkHDasaDGYLsAEzK7-86wE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBhGAB7-RyjCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCnkxHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA3OTI3Nzg5MzE2MjUwNIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xOTY2NzIxMTkyNzA5NjA2GL7JBw&sigh=z96czuo5cFQ&uach_m=[UACH]&cid=CAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 642e70dc588d307e3b020c2e Show response
c.bannerflow.net/a/ Frame 89C1 70 KB
24 KB 101ms
100ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_5y0mFGZMOqL72zkdUP3NaAsAHHjpmdcOe8oqaREf_y8sXuJhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0Gy3uTMQRIThM_vQdO0v0m1-Sb_CoYEuLFBkL7zNuiP94wi2NOUjs55ucyHX_NuHOgHezpxceeU8LgKubU4puXksmZlnbtJ9ymjr4U_dei52S0zZgey5963rlVNvkl4pcftDZvU3BJd8FD6iG9IlFVy9kluRc9Xk7aEOadQE9UliUsaRvUHm-IooAQCJ7QNFuf92Ba2XAHD08ej3hQwCTe5CQ_wZ_KQ-8Tx4XF9dbuNi9SGWG5me1mEi6AZKDWq5Q1vzR_GLIW32r4cOIIfzRJd42OHdn7hgdMSPJeYYchPV9w-wNJfPMC5o3uW9jM-93MAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB%26sig%3DAOD64_1Cqvx37wqVZpjx_WTWhnupM5813g%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1476002752
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2688cef498c5c9245b237de41211d6181adde39aff48eb5aa7535da9ea9daaf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Apr 2023 11:02:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7bcddb09fe92d97b-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 89C1 35 KB
13 KB 287ms
286ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

524bfe83fbc8a2866b79b93e4e16ce6d250b783b68318fa0cebfbe6f0f6057a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
server: cafe
etag: 18134504485529606991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 11:02:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 89C1 3 KB
1 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:47:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 89C1 19 KB
8 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:45:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89C1 159 KB
49 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:02:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 89C1 21 KB
8 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:43:03 GMT

GET
DATA 200
OK truncated
/ Frame 3F86 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 381f7478-95c6-41fe-93e7-006294efe9ed Show response
https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/ Frame 6283 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/381f7478-95c6-41fe-93e7-006294efe9ed
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A4DF 156 B
142 B 680ms
680ms XHR
text/xml 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=3060965411801226&description_url=https%3A%2F%2Fonlinehikes.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fonlinehikes.com%2F&ad_type=video&ciu_szs=300x250%2C728x90&hl=en&max_ad_duration=18000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=nonlinear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22485590223%2F273299-shared-video-1&vid_d=48&vid_kw=YouTube%20tips%20for%20entrepreneurs%2CHow%20to%20get%20started%20on%20YouTube&vid_t=YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success&vpa=auto&cust_params=ap%3D1%26d%3D273299%26eb_br%3D57914c3716312cb7e954090f0717ea25%26ft%3D0%26ic%3D1%26iid1%3D6955167364553976%26plat%3D1%26t%3D134%26tap%3D273299-shared-video-1-6955167364553976&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEj4KBW9wZW54EixleUpwSWpvaUsxUXJVbWR4WWs1UlQyMUxSSHAzZWpCb1FYSTFRVDA5SW4wPRjWsriX-zBIABIbCgxpZDUtc3luYy5jb20Yu7W4l_swSABSAghq&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fonlinehikes.com%2F&loc=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334163516&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&scor=3524859698551890&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
62 B 57ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQyMDA1Nzg3NDU2MjY4MSIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:44 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:44 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 3F86 4 KB
5 KB 118ms
53ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b169b30baae251b9c436844%2F4bd8b73a-9271-4ee4-9f53-93b9f063e31e.woff&t=%0A%201358AEIKLNSTUVY%C3%84%E2%82%AC
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237bd5f1fd786c6e2db3e1538dafb1cf7c03892b520efc75a6f86278cecc254f

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
Origin: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 05:11:04 GMT
server: cloudflare
age: 1489899
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=4bd8b73a-9271-4ee4-9f53-93b9f063e31e-subset.woff
cf-ray: 7bcddb0aca54376f-HEL
expires: Sat, 06 Apr 2024 05:11:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 766 B
472 B 72ms
71ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:normal

Requested by

Host: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7805a5f4fa01d8be4743c01a6f8582f4a16d520ed955fc627b4fc89497355210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 11:02:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 11:02:43 GMT

GET
H3 200 703.jpg
app.convertful.com/uploads/user/239/ 916 KB
917 KB 627ms
627ms Image
image/jpeg 2606:4700:20::681a:70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.convertful.com/uploads/user/239/703.jpg?4000x4000

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13579d49d70f2a1e642dd8146e524aef66756cc5c8a637bcadfaa786f8096ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2019 19:21:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5caf93b4-e4f01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF0Y87Y%2FYaa0YB%2FvSM3PyYfEj3kII8MluN1SEPFrGERT8tGQcQR19r%2B2vmoZP1dYGh6alLpP6M60L%2BKOyGGW6R8mvDzSP%2FaEvpU9E%2BBS1u6dxK%2B12SksPy%2FMQpvEAQbsk1EiD4MFfEch7Xhdaz0XWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bcddb0a9a80d953-HEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 937729

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
97ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304190101&jk=2092845990354922&bg=!CwilCFzNAAYfNdXmPzU7ADkAdvg8WkUblQcKpTwBG5eiw8bUhWgAycTNtMx5xliSPKBU0t7VVkijKLDg3BLzcvi6ckhOFlRhlDMCAAAAVlIAAAADaAEHmQLZpopwAVtkkine9cRpSCL0nuRAC6a_elijL0_AE0joD50aXWjEhHTQl20iDouiS1mRecEC1_CZWrSXzKBZW27k0pqMzu0Eapk6uVUFkjSG9WKWnK-kdq2kSNOMR-Ne7ETA8WHpYqtGrmiJoXgkDy4D2sboAhw76r1CU8gziusuzOSfVizDE645fxdO6N6jKt3oDnzxyjbNnaJgneoe4wAzfhTdqGWlHLVvdfad6xNglOQ3jrdu6H5KTYNPaTMmhiUTdPUFAsZ0L5y3Bhq0gaP2lyjC7MjkGdAEkq4yC1n3zJH8Z2dbImr6t_YDdaFO2kiyh3qyEI3R8Zkq5iPP1LOUd-nm9DcFxFCFmGjJBP8Ppinm9hTVMSnGIdKPeAdfd3kbFvIx4GUYwO4D_VlrphcuFo_hOXrYIEVYnTJTAoQuJmfKDKaVtrE38dazjrZblPHeRHju24SpocMAZF9fSw8jz5Cj-FI2V7VPwVeYPPloPlCfjt_MIu1T7wyFswUChwd6n7TcC2Vj2vxDlJh2BFDIEwZNw2hbHc0ldbfi6bFbwYX_r4vMQ3IM43TMFwwx1muKZpOXZOn9kwmCYk79W3sH5Go1K4yLjszQE5JIHoXQnInKCIdb-gsth2TrHTb3nN3oWi6xuH_pM5IR-HHfGiz2HB-kAdhAjY2KMJYuUzCixaY_SjwKmr6oqa78SVW7kK_TZNT0S8PcVRqesXmieazVrbTG7U6n0Zu8ePb-gj6AWo2uf6Y2znohFtDFGoLHZb6HHIi1FCm3N8bsZfBcuz8NIf5ULHCshm_QT5-t_dWn-LN78ztXXzBsezHewddJEgNxAevTDV6XIrcz0L9L3XqBMV0nvOuaXz2_IhjpBvSTGMjS6akZGzoQjltsC7Gve3fS6qEALwol3RbmC9PHtavOTFBsBdzHnetvhLj50uaiyFSFS7-ZRF2qI28_pFQnMTLG_r1fW0cBaOh_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 audio_007.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 39 KB
40 KB 729ms
729ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_007.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a4f646ed9291f4c8a93216140087d71607cdfc2fe9c2f6ac3732672cc2efa1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
via: 1.1 209eb3c6f1b9e1174696d24afc301618.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40386
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "1c72445a2226d8e66cb9d4bbd6a648ba"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WmqswhEY%2BO87i6g2%2BGJQ5PwbBjLdoyysIsKH7uoaEk0Sh0%2FmPFpZLOB0Q23j3BNfm0xEHAr5JCrFGCUhW8%2BCvV4jIdjusYYUqs2M9740NCPxNkLqwFyjf3B5GY0hmmkBN4ogX1mSc0%2Bc5Ny%2BpG%2BVO1E"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb0aef18d943-HEL
x-amz-cf-id: 20ZpW0nwmU9qGo7g1ruMlghGCvbcGgnoz9ZKe3VVF7vd1mAo9vFGkQ==

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/ Frame 89C1 19 KB
19 KB 53ms
53ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/preload.jpg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_5y0mFGZMOqL72zkdUP3NaAsAHHjpmdcOe8oqaREf_y8sXuJhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0Gy3uTMQRIThM_vQdO0v0m1-Sb_CoYEuLFBkL7zNuiP94wi2NOUjs55ucyHX_NuHOgHezpxceeU8LgKubU4puXksmZlnbtJ9ymjr4U_dei52S0zZgey5963rlVNvkl4pcftDZvU3BJd8FD6iG9IlFVy9kluRc9Xk7aEOadQE9UliUsaRvUHm-IooAQCJ7QNFuf92Ba2XAHD08ej3hQwCTe5CQ_wZ_KQ-8Tx4XF9dbuNi9SGWG5me1mEi6AZKDWq5Q1vzR_GLIW32r4cOIIfzRJd42OHdn7hgdMSPJeYYchPV9w-wNJfPMC5o3uW9jM-93MAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB%26sig%3DAOD64_1Cqvx37wqVZpjx_WTWhnupM5813g%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1476002752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cff3f2db8da4d56046ae2909c76a66f2b856558c7be9a044c6afcc0cdc4e0f1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
age: 1489880
content-length: 19264
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Thu, 06 Apr 2023 07:12:47 GMT
server: cloudflare
etag: "0x8DB366E536CBE34"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 14c9f23b-301e-000b-7857-68164d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7bcddb0ac86ed97b-HEL

GET
DATA 200
OK truncated
/ Frame 8EBB 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 1fb06df5-0e78-479d-b126-48c4cab0e9e1 Show response
https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/ Frame FC2D 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/1fb06df5-0e78-479d-b126-48c4cab0e9e1
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 8EBB 4 KB
5 KB 51ms
51ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b169b30baae251b9c436844%2F4bd8b73a-9271-4ee4-9f53-93b9f063e31e.woff&t=%0A%20-1358AEIKLNSTUVY%C3%84%E2%82%AC
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b7ecebe64d2f474924070171c64b5d1eb7fbb4e372ba3fe8f59bc4819be083

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
Origin: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 07:14:37 GMT
server: cloudflare
age: 1489878
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=4bd8b73a-9271-4ee4-9f53-93b9f063e31e-subset.woff
cf-ray: 7bcddb0afadf376f-HEL
expires: Fri, 05 Apr 2024 07:14:37 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 193ms
63ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:normal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onlinehikes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:47 GMT
x-content-type-options: nosniff
age: 191516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:50:47 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 0043 2 KB
2 KB 41ms
41ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F773f4aa2-0591-4669-85ed-d97f9a04f1e4.png&w=88&h=74&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98636ef0d0cb95418b186ecc74f67edda39b000438a4d541edd97b32e8e195a2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:19:07 GMT
api-supported-versions: 2.0
server: cloudflare
age: 20606
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7bcddb0b79eed97b-HEL
content-length: 1648
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 0043 5 KB
5 KB 42ms
42ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F982b597f-a25f-4498-a781-2e055e9ee940.png&w=104&h=73&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52b75d8c4e3bc01837b478a68a14007a8c02336ce82f86aad3e732d4fa5f89b4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:19:07 GMT
api-supported-versions: 2.0
server: cloudflare
age: 20607
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7bcddb0b79f0d97b-HEL
content-length: 5502
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 89C1 0
81 B 71ms
70ms Ping
text/plain 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_5y0mFGZMOqL72zkdUP3NaAsAHHjpmdcOe8oqaREf_y8sXuJhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0Gy3uTMQRIThM_vQdO0v0m1-Sb_CoYEuLFBkL7zNuiP94wi2NOUjs55ucyHX_NuHOgHezpxceeU8LgKubU4puXksmZlnbtJ9ymjr4U_dei52S0zZgey5963rlVNvkl4pcftDZvU3BJd8FD6iG9IlFVy9kluRc9Xk7aEOadQE9UliUsaRvUHm-IooAQCJ7QNFuf92Ba2XAHD08ej3hQwCTe5CQ_wZ_KQ-8Tx4XF9dbuNi9SGWG5me1mEi6AZKDWq5Q1vzR_GLIW32r4cOIIfzRJd42OHdn7hgdMSPJeYYchPV9w-wNJfPMC5o3uW9jM-93MAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB%26sig%3DAOD64_1Cqvx37wqVZpjx_WTWhnupM5813g%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1476002752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bcddb0b7a00d97b-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame B6CE 3 KB
3 KB 40ms
39ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F773f4aa2-0591-4669-85ed-d97f9a04f1e4.png&w=117&h=133&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b1105f000ee53996c9372a05b339026eb727e065b4e65b778ba0e21a48b520

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:16:47 GMT
api-supported-versions: 2.0
server: cloudflare
age: 20753
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7bcddb0b9a32d97b-HEL
content-length: 2966
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame B6CE 6 KB
6 KB 45ms
44ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F982b597f-a25f-4498-a781-2e055e9ee940.png&w=139&h=128&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20014d357c99cdb2774f28f252e588644c55be2e006ea9b25172d161176cdab5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:16:47 GMT
api-supported-versions: 2.0
server: cloudflare
age: 20753
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7bcddb0b9a35d97b-HEL
content-length: 6240
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 1db72228-51f6-46c8-928b-381151bc5a02.jpg
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/ Frame 6C2E 157 KB
157 KB 72ms
72ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/1db72228-51f6-46c8-928b-381151bc5a02.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1d92db9c0978b83183e37ea341dfcc5745be4e07b6153b8c4256fe7b2dbfba

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
content-md5: cca9GbRYrMXI/WxxW5YrNg==
age: 3032
content-length: 160577
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 05 Apr 2023 09:24:30 GMT
server: cloudflare
etag: "0x8DB35B78F76C060"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: c4cbc02d-a01e-00a0-7157-686987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7bcddb0bcaa1d97b-HEL

GET
H2 200 a838c4cd-24d3-4553-8e5d-4e631f297a4a.jpg
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/ Frame 0051 218 KB
218 KB 40ms
40ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/a838c4cd-24d3-4553-8e5d-4e631f297a4a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f9d8610ec0f13c5e6f6862a1fa0a76fe4240eaf2302a21bf8aa21b399d573a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:43 GMT
cf-cache-status: HIT
content-md5: S+/PHgD18fZviSFGpHMkuQ==
age: 1994
content-length: 223016
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 04 Apr 2023 06:47:57 GMT
server: cloudflare
etag: "0x8DB34D886721E19"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 32ccb332-701e-0078-550f-694ede000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7bcddb0bcaa3d97b-HEL

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9A5C 1 KB
643 B 61ms
61ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 57738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Mon, 24 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 89C1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb4831b29e7c65c6c5484bc66b70add2cb401671c0b553a1cdc04a7ef212ef3f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 save_ev Show response
app.convertful.com/api/widget/ 36 B
672 B 545ms
544ms XHR
application/json 2606:4700:20::681a:70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/api/widget/save_ev

Requested by

Host: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=239

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.25

Resource Hash

cc13a70a18b4b3413cebe8adc9c5cb7a2ea01734d933cb16658be1e19bf978a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
server: cloudflare
etag: "f4b13d5cf0d4b7a3224a159b647379e43a825c1c"
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://onlinehikes.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0T4CqxiycKkNVr0aL6SMWczP7hrR%2F0qfkPTjmgUsHG6MsfO8uWWQAhuhuOewJnNklJCD%2F1Aoq7XwA3rqwkq8r1%2BrojntAPvRyUZCib8kj2hc2KE5Fy7KMbi78uaJplp%2B74EkurJRGzM4CBIQD%2FXXVg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: ETag
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7bcddb0c58f0d953-HEL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, ETag, If-None-Match, Cache-Control

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9A5C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI9clFmrdJmzSdSiHTzKtEo&google_cver=1&google_push=Aer7DvL8poxuCv9YM0Ov0S12TFjISwwA0pTxLzmZ9vYJ8dK_6uikRXzOOqqKYQPGSVw63sYGi63UW0FPTsCnHqcx4suP...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=35865027-ad7e-4af1-b842-6a2016ca28b8&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL8poxuCv9YM0Ov0S12TFjISwwA0pTxLzmZ9vYJ8dK_6uikRXzOOqqKYQPGSVw63sYGi63UW0FPTsCnHqcx4suPn7yd_VKAPnvLqQ_PDmm6OWsobzqOqbN54gW8O1LTbZ...

170 B
188 B

133ms
133ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL8poxuCv9YM0Ov0S12TFjISwwA0pTxLzmZ9vYJ8dK_6uikRXzOOqqKYQPGSVw63sYGi63UW0FPTsCnHqcx4suPn7yd_VKAPnvLqQ_PDmm6OWsobzqOqbN54gW8O1LTbZjfZoz1Itqz&google_hm=8sHWcmtDQveBl8hfGVeOqw==

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL8poxuCv9YM0Ov0S12TFjISwwA0pTxLzmZ9vYJ8dK_6uikRXzOOqqKYQPGSVw63sYGi63UW0FPTsCnHqcx4suPn7yd_VKAPnvLqQ_PDmm6OWsobzqOqbN54gW8O1LTbZjfZoz1Itqz&google_hm=8sHWcmtDQveBl8hfGVeOqw==
date: Mon, 24 Apr 2023 11:02:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9A5C 43 B
351 B 174ms
68ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPGk2t32EhqEiGlkbpdwqpc&google_cver=1&google_push=Aer7DvIEngO1HpzsiCDZIZ3gCUKfHxXP5RqueDX7o3GvwT0HZ4HWPy9IQDa9qSGt_ljZA4fZoRzyCwMZeD8XOe0f4WAHSHhy27UfjIo4NMcIShFhyz7FB__bJW_EjPJy8L6M4x06VRT4s7g-
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: e8nhuki36gk4bcu5n43321pq6dlhdanu

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9A5C
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPlxpd5Sn6b4Ncv-Baa4hzs&google_cver=1&google_push=Aer7DvJ47uWKKffLO6kMAiR049o2xaQ7iRklxEdHGxk1gwaVM1DbXbWQkXtmBauwXrkpNWOuor-1Co60OqTfL...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvJ47uWKKffLO6kMAiR049o2xaQ7iRklxEdHGxk1gwaVM1DbXbWQkXtmBauwXrkpNWOuor-1Co60OqTfLEkKZg5zmmLVZK15QV3fcur8ZfJ9Q5DMXvW8cAmUqHpUzdH...

170 B
188 B

74ms
74ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvJ47uWKKffLO6kMAiR049o2xaQ7iRklxEdHGxk1gwaVM1DbXbWQkXtmBauwXrkpNWOuor-1Co60OqTfLEkKZg5zmmLVZK15QV3fcur8ZfJ9Q5DMXvW8cAmUqHpUzdHJW0hQsjNgb1Q&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:43 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvJ47uWKKffLO6kMAiR049o2xaQ7iRklxEdHGxk1gwaVM1DbXbWQkXtmBauwXrkpNWOuor-1Co60OqTfLEkKZg5zmmLVZK15QV3fcur8ZfJ9Q5DMXvW8cAmUqHpUzdHJW0hQsjNgb1Q&google_hm=ZEE2enJDR0R0Q3hXdHJXeWo0cTI=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 279
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9A5C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvJgzLZ11285bLAbmyvUpvSbYllCKlK6c...

170 B
188 B

75ms
75ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvJgzLZ11285bLAbmyvUpvSbYllCKlK6ceRkgJEZHUrqu_k27Bfnhoczf1kJNFCVtfgyMVcycdPzQPPbDFnpo5Jz5ptuYQt-Yxmpq-7Z5k32ATpyhb_Bo6Yj3RnvgNiWejz1EI6OFDs

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHDQg2V7KpoOeQ-63GjfUsw&google_hm=ZEZh0p3M_8m45Yg1gcsq0gAAFC0AAAAB&google_nid=index&google_push=Aer7DvJgzLZ11285bLAbmyvUpvSbYllCKlK6ceRkgJEZHUrqu_k27Bfnhoczf1kJNFCVtfgyMVcycdPzQPPbDFnpo5Jz5ptuYQt-Yxmpq-7Z5k32ATpyhb_Bo6Yj3RnvgNiWejz1EI6OFDs
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9A5C
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEFgMM7tclNfHosrwWQ7J-8Y&google_cver=1&google_push=Aer7DvLhkSuxSZcrjYIKSfVxSlAuyVYPxDUmxn6M53ELzgxSBv9K9dp7k4iLZfnJ3mh3wQ8Js1gI7j0lEb9gQTG-AKYBWHrIa...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLhkSuxSZcrjYIKSfVxSlAuyVY...

170 B
188 B

78ms
75ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLhkSuxSZcrjYIKSfVxSlAuyVYPxDUmxn6M53ELzgxSBv9K9dp7k4iLZfnJ3mh3wQ8Js1gI7j0lEb9gQTG-AKYBWHrIaZkxL6TTLYiQRhkJfoy6nHbR6UucqQZG_xhpkeeZXGi008hV&gdpr=&gdpr_consent=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 11:02:43 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&mn_hm=MzI1MzM1NzYyNTQ3NDM3MzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLhkSuxSZcrjYIKSfVxSlAuyVYPxDUmxn6M53ELzgxSBv9K9dp7k4iLZfnJ3mh3wQ8Js1gI7j0lEb9gQTG-AKYBWHrIaZkxL6TTLYiQRhkJfoy6nHbR6UucqQZG_xhpkeeZXGi008hV&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 24 Apr 2023 11:02:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9A5C
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEp7adscx7FJ0HC2eiNu8hg&google_cver=1&google_push=Aer7DvJtxsCMy6nc5-u88w5STZI5-NrXVzxCN0NBnLkx8hpJF3deX8rXbGFjhbDsuI0DNXmrqO2lF0sQGehxBnf3fs0BByi...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJtxsCMy6nc5-u88w5STZI5-NrXVzxCN0NBnLkx8hpJF3deX8rXbGFjhbDsuI0DNXmrqO2lF0sQGehxBnf3fs0BByimFWEFhsd7z8nDbI28WyFhVp8jwg...

170 B
188 B

121ms
121ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJtxsCMy6nc5-u88w5STZI5-NrXVzxCN0NBnLkx8hpJF3deX8rXbGFjhbDsuI0DNXmrqO2lF0sQGehxBnf3fs0BByimFWEFhsd7z8nDbI28WyFhVp8jwgeKqunrb8n3Ttxe8pSGobDNAw&google_hm=ODc3NTA4ODQ1MDY0OTc0NDU3

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJtxsCMy6nc5-u88w5STZI5-NrXVzxCN0NBnLkx8hpJF3deX8rXbGFjhbDsuI0DNXmrqO2lF0sQGehxBnf3fs0BByimFWEFhsd7z8nDbI28WyFhVp8jwgeKqunrb8n3Ttxe8pSGobDNAw&google_hm=ODc3NTA4ODQ1MDY0OTc0NDU3
Date: Mon, 24 Apr 2023 11:02:44 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 9A5C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4AT_V1dOCS-0frgy5rC-A&google_cver=1&google_push=Aer7DvKVswZmlrxZW0i-1Sr_eptNJtb2EZ9HIvtzyVGZ2MpDDXs65yccxF2H_2ZUx3daZbbJpZFAm8ODrlR...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKVswZmlrxZW0i-1Sr_eptNJtb2EZ9HIvtzyVGZ2MpDDXs65yccxF2H_2ZUx3daZbbJpZFAm8ODrlRRZuKawgOLvjKj2Guk0nHH_QWKG9F6vzVq4xs6...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

69ms
69ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9A5C 0
12 B 73ms
68ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6xP7ezk7xVyBSc9YopBBpSVSCOKhHhWAZLXsWDb1-l_NNk_rIp-1rhfSsUmX0dMyNbUJLQDU

Requested by

Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 x
api.fouanalytics.com/api/ 0
429 B 245ms
240ms Ping
text/plain 2606:4700:e4::ac40:a821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8N0f1Yrkn8DLGx114KD1bTsT2PYP8o72LUtU4TZXWLdf%2BcWc5%2F95yXHh79cLLW2FJyFPHZgUOizqVlnoZViTZazJywORPdcrtJdeGTyL4rsn4Va3YTBXfOCz2bY84htnlv9k1301m7QUFADjic0BmgDAw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7bcddb0d1ee598fc-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=4,i

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame 6F20 222 KB
61 KB 238ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 06:23:46 GMT
age: 189538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 06:23:46 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 6F20 15 KB
5 KB 357ms
188ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 10:20:12 GMT
age: 348152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 10:20:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 6F20 94 KB
28 KB 373ms
204ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 20:38:50 GMT
age: 138234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 20:38:50 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 6F20 5 KB
2 KB 392ms
223ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 06:27:18 GMT
age: 189326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 06:27:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 6F20 40 KB
13 KB 395ms
227ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Apr 2023 18:39:01 GMT
age: 145423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Apr 2024 18:39:01 GMT

GET
DATA 200
OK truncated
/ Frame 6F20 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54880117fc22b1cabed2ebf66a05d73a40a2dc95da7cf13ab255300d3c655f13

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 15120645840304423635
tpc.googlesyndication.com/daca_images/simgad/ Frame 6F20 126 KB
126 KB 100ms
93ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15120645840304423635

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c49fa98089c47a1b07ff44f2d1b88fb8af00f813aa90c2de15bccb6ea7ea450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129354
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 16:35:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 Apr 2024 11:02:44 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F20 2 KB
2 KB 71ms
67ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 08:26:03 GMT
x-content-type-options: nosniff
server: cafe
age: 9401
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 25 Apr 2023 08:26:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F20 295 B
319 B 68ms
64ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: onlinehikes.com
URL: https://onlinehikes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 11:14:15 GMT
x-content-type-options: nosniff
server: cafe
age: 85709
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Apr 2023 11:14:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6F20 0
0 80ms
76ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8HBMdvU_e1Lon7sarTgpvpJr5ikGNv8IU411w1tGB-udD-1P_LEHpqcOMbvtLFCASWEanZzG0ChuVpzEUDRn9fhvseQ
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6F20 0
0 111ms
107ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9SY_02FGZPT0JPPvnsEP4YqamAy3mN3kb6iokuq_EaS9j6KbOhABIPT5xiVg9wGgAePjg8wByAECqQINVeVUh2myPuACAKgDAcgDCKoE6QFP0H4IdcysmjC01ySpTCCuwqFnMKU6_gJNDF1bOFnuyaxjsILvtwHDqDwdE5jcsum4TXZxfrVLaeokIi-U8QyDqqC7qVheet0GTu2HKd-nG3C7fwHiGi2gLzTpL7ehS8GAcbmNPWVk8FaqesJ1j2QaXzHEBfXGKUwrXuFwDc4zSVbRNoNXpl8HgQTLipmSwIu3aMOlCTTrVPQvn1-Xseh0khhMGq0b9jJrTdFq905d78Vqq4VKdUH7c8vaoB-pNvaAagrb08y6B2FOfa8uY_7hM-k3NdF8U0Cg7gExE0l5TVHzw6aSEyNqocAE3frM-5kE4AQBkgUECAQYAZIFBAgFGASgBgKAB4Wc_LMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqLEH0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUwNzkyNzc4OTMxNjI1MDSACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMTk2NjcyMTE5MjcwOTYwNhi-yQc&sigh=q3PFeAp8FDc&uach_m=[UACH]&cid=CAQSPABygQiDopQ4sRSYk0-1l23lsEZC9DfaLIzdF_NImBR6bte5o8jut63Fj27dXYzXskbzCHOn9Tl3C2_ctxgB
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 58ms
56ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTI2NzUzNzA2NTAzNzkyIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMTRlOGE4NWQ0YzQyZmYxZGI4NzkwY2JlZjllMzM0OTMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxMjY3NTM3MDY1MDM3OTIiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1vbmxpbmVoaWtlc19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDI4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTUwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTI2NzUzNzA2NTAzNzkyIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:43 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:43 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 58ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:44 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:44 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 59ms
58ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYXVjdGlvbl9lcG9jaCI6MTY4MjMzNDE2NCwiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTAwLCJiaWRfZmxvb3JfcHJldiI6MjgsImJpZF9mbG9vcl9maWxsZWQiOjEyLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1NDAsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:44 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:44 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A4DF 0
54 B 253ms
252ms Ping
image/gif 2800:3f0:4005:407::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lguqbo5t&c=1910989093904&slotId=955494546952&ghmsh_eids=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:407::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
194 B 93ms
79ms XHR
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 124ms
114ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.42.0&cb=52005185640&lsavail=1&bundle=S4KAG18ycWtORTZqZXdXRkdKVW9FTnJyaUNlNWUlMkZMbnFvbW5YJTJCdTF3bm5aNSUyQmxBQXVaY0V6UVpNV0lEbmFQSko4MTdlSWNmS2cwMFMlMkJQY0d1UFY4eWpQWVNMTndRZGxNRDZJemVndzk1cVdrem5vMTdselNURU1SNUlnYUZ5cDI5VnNuVEc4NEtUZ083QTZ2Q2NYNiUyQm12VTZBJTNEJTNE

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_007.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 122 KB
123 KB 753ms
748ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_007.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d69a31988e66478a4bf667b88eb72ffe6273bb8a7d570448f16459437ba4b6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
via: 1.1 3c1b8c037c66c46a8ac162f1eef5d682.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125011
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "c452849a44e74c17432f4414d056c605"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DSNCg3%2BY242kh64qbzgtD1MGlBxsWCj6kPaYyUlhHMYfc9WvIftdzmZBwBfQYE07XKHplx95i8BQloQntzBgptT%2BTixZ4MOwLPQk0C4ws6%2FF44TNFCaZX%2F0OMD7ySRpL6FCB7LhZY69wxEqzFTkZJh7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb0e9ae5d943-HEL
x-amz-cf-id: ivH2I9Fs7RxtYuSErd67BkHoRTntv0mdeU60DZWxkv3ruWUrKB6JEA==

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 92ms
87ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 11:02:44 GMT

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 134ms
73ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 135ms
73ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6F20
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

88ms
87ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Apr 2023 11:02:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A4DF 156 B
142 B 545ms
540ms XHR
text/xml 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=1674626896726509&description_url=https%3A%2F%2Fonlinehikes.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fonlinehikes.com%2F&ad_type=video&ciu_szs=300x250%2C728x90&hl=en&max_ad_duration=18000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=nonlinear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22485590223%2F273299-shared-video-1&vid_d=48&vid_kw=YouTube%20tips%20for%20entrepreneurs%2CHow%20to%20get%20started%20on%20YouTube&vid_t=YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success&vpa=auto&cust_params=ap%3D1%26d%3D273299%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26ft%3D0%26ic%3D1%26iid1%3D6955167364553976%26plat%3D1%26t%3D134%26tap%3D273299-shared-video-1-6955167364553976&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEj4KBW9wZW54EixleUpwSWpvaUsxUXJVbWR4WWs1UlQyMUxSSHAzZWpCb1FYSTFRVDA5SW4wPRjWsriX-zBIABIbCgxpZDUtc3luYy5jb20Yu7W4l_swSABSAghq&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fonlinehikes.com%2F&loc=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334164634&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&scor=3524859698551890&ged=ve4_td8_tt6_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.73803a8d9d4f3ba312b4.js Show response
c.bannerflow.net/scripts/ Frame 89C1 20 KB
8 KB 79ms
55ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_5y0mFGZMOqL72zkdUP3NaAsAHHjpmdcOe8oqaREf_y8sXuJhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0Gy3uTMQRIThM_vQdO0v0m1-Sb_CoYEuLFBkL7zNuiP94wi2NOUjs55ucyHX_NuHOgHezpxceeU8LgKubU4puXksmZlnbtJ9ymjr4U_dei52S0zZgey5963rlVNvkl4pcftDZvU3BJd8FD6iG9IlFVy9kluRc9Xk7aEOadQE9UliUsaRvUHm-IooAQCJ7QNFuf92Ba2XAHD08ej3hQwCTe5CQ_wZ_KQ-8Tx4XF9dbuNi9SGWG5me1mEi6AZKDWq5Q1vzR_GLIW32r4cOIIfzRJd42OHdn7hgdMSPJeYYchPV9w-wNJfPMC5o3uW9jM-93MAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB%26sig%3DAOD64_1Cqvx37wqVZpjx_WTWhnupM5813g%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1476002752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: kV2TaSme3zjoMC7eKEPqvg==
age: 1649801
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 08:06:09 GMT
server: cloudflare
etag: W/"0x8DB35AC9D3707B1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a751deda-d01e-0061-4399-67ce65000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb119a2ed97b-HEL

GET
H2 200 document.000000463FFC2C.js Show response
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/ Frame 89C1 12 KB
4 KB 78ms
54ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/published/4534040/5335975/document.000000463FFC2C.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_5y0mFGZMOqL72zkdUP3NaAsAHHjpmdcOe8oqaREf_y8sXuJhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0Gy3uTMQRIThM_vQdO0v0m1-Sb_CoYEuLFBkL7zNuiP94wi2NOUjs55ucyHX_NuHOgHezpxceeU8LgKubU4puXksmZlnbtJ9ymjr4U_dei52S0zZgey5963rlVNvkl4pcftDZvU3BJd8FD6iG9IlFVy9kluRc9Xk7aEOadQE9UliUsaRvUHm-IooAQCJ7QNFuf92Ba2XAHD08ej3hQwCTe5CQ_wZ_KQ-8Tx4XF9dbuNi9SGWG5me1mEi6AZKDWq5Q1vzR_GLIW32r4cOIIfzRJd42OHdn7hgdMSPJeYYchPV9w-wNJfPMC5o3uW9jM-93MAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB%26sig%3DAOD64_1Cqvx37wqVZpjx_WTWhnupM5813g%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1476002752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74dcc1a1abc9b09ae9c21b7048ba8898cf1cabf17af4bad64accc38ea6155898

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 3TOy8On3Rw70JJWCUtZpDQ==
age: 1489879
cf-polished: origSize=13823
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 07:12:49 GMT
server: cloudflare
etag: W/"0x8DB366E545A3E6A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 67b70d41-101e-001c-110f-69bf46000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb119a31d97b-HEL

GET
H2 200 animated-creative.da64b08cbb424c1d9ca5.js Show response
c.bannerflow.net/scripts/ Frame 89C1 156 KB
53 KB 80ms
56ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642e70dc588d307e3b020c2e?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCo_5y0mFGZMOqL72zkdUP3NaAsAHHjpmdcOe8oqaREf_y8sXuJhABIPT5xiVg9wGgAanutc8DyAEJqQINVeVUh2myPuACAKgDAaoE8gFP0Gy3uTMQRIThM_vQdO0v0m1-Sb_CoYEuLFBkL7zNuiP94wi2NOUjs55ucyHX_NuHOgHezpxceeU8LgKubU4puXksmZlnbtJ9ymjr4U_dei52S0zZgey5963rlVNvkl4pcftDZvU3BJd8FD6iG9IlFVy9kluRc9Xk7aEOadQE9UliUsaRvUHm-IooAQCJ7QNFuf92Ba2XAHD08ej3hQwCTe5CQ_wZ_KQ-8Tx4XF9dbuNi9SGWG5me1mEi6AZKDWq5Q1vzR_GLIW32r4cOIIfzRJd42OHdn7hgdMSPJeYYchPV9w-wNJfPMC5o3uW9jM-93MAEzK7-86wE4AQBoAYRgAe_kcowqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDc5Mjc3ODkzMTYyNTA0gAoDmAsByAsBgAwBuAwB2BMC0BUBmBYB-BYBgBcB%26num%3D1%26cid%3DCAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB%26sig%3DAOD64_1Cqvx37wqVZpjx_WTWhnupM5813g%26client%3Dca-pub-6396844742497208%26adurl%3D&cb=1476002752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f209c6f826eefe7fd31940173a19e3e6ef055cda717d9ff8f652df667fde3f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: lEwH1nz39HA/V547ypsMUA==
age: 325549
cf-polished: origSize=159709
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 14:04:09 GMT
server: cloudflare
etag: W/"0x8DB35DEA0BF5B41"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eed2e90e-601e-0029-2bc8-67d352000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bcddb119a34d97b-HEL

GET
H3 200 audio_008.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 624ms
603ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_008.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5630153cbcb33b5638bfe160f6207cbb748130665d642463391af3e53f14fa8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
via: 1.1 033ed92c09627372dcaf2c27f57f2f76.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40844
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "54a7c0f03d6d4fc21862c70c3d88b43f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rlwENEy09saAPI3a9jUpXkk4I9kCp7gN5NFr%2BXBDJfWvixWyEPxJwGseBgX1iBkX8mBHrgok39F0yn2K6z5UjFCfIxGO5K3DGWadVvgVC%2FwrO%2FM07t2rOaN%2BDGloWdCYt6oQuoMZnjoCf6F3WQOy44X"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb119b19d943-HEL
x-amz-cf-id: M80fHNy-Yy-j-gAztAWuSKv9peZl_5H-UMWgBhiKL_egr-zEylTBAg==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9B73 15 KB
6 KB 73ms
72ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=onlinehikes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 11:02:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 1369755
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 279ms
124ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 11:02:44 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 69ms
68ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAsNjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:44 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 89C1 42 B
64 B 107ms
106ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgxFDTSbGE8Yrw3hgMLQIwfJw45eaIdy9eFvvW0O3p7xVTtV6YVlSWmAhzCF-OeUkL8FfHiCTyFU3f5Sy9bdMhFeNoiEmkHRhiVLVmEVPy-9IzNifyOynOZRLvuS6pt6385p18ALnSLMRhmzMjretAqW1Ji7_mOxHL&sai=AMfl-YQLk0vkhpmnJGFMEXdRpsCmaM2WHOVrQjdu3nCy-WPYenmb7PwWW1hidb_QUj6HxpdshCapF75hNFh6XgP6kzSF5lDJMavWQB4h9g7-CjmDFxjFaV3zhm3mkKxm&sig=Cg0ArKJSzJEYp0DzLf0REAE&cid=CAQSPABygQiDc-WwdQXHUYKX3RbmiFDiwaOIK8vUC9odjyIbrohVZY8C2xu09CRLMuJy_ddkY74iSS2zecD1WBgB&id=lidar2&mcvt=1349&p=302,1440,902,1600&mtos=1349,1349,1349,1349,1349&tos=1349,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3586627133&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682334163277&rpt=546&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9B73
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=onlinehikes.com&sn=ChromeSyncframe&so=3&topUrl=onlinehikes.com&bundle=S4KAG18ycWtORTZqZXdXRkdKVW9FTnJyaUNlNWUlMkZMbnFvbW5YJTJCdTF3bm5aNSUy...
https://mug.criteo.com/sid?cpp=p4_YK3wxdUROcTRjQjJlVkxKb0VqT1RyUDlLOVphT2ludThPOFhaTFlYUlhOTGVPeWZhZVpoNkJONDBnWnFYbDdhR0lFRWpTemI3RWp0a1h2MHI0NnYwZEVqSmlsT0dZS0JHV1JVUngrMFB3MnVjZmlwdkFvZXVLUGhqcG...

439 B
654 B

79ms
79ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=p4_YK3wxdUROcTRjQjJlVkxKb0VqT1RyUDlLOVphT2ludThPOFhaTFlYUlhOTGVPeWZhZVpoNkJONDBnWnFYbDdhR0lFRWpTemI3RWp0a1h2MHI0NnYwZEVqSmlsT0dZS0JHV1JVUngrMFB3MnVjZmlwdkFvZXVLUGhqcGx6OUJKcmdCOGNVQW1PSUdGVEZSUURUeCs5YWxjV1p1d1NJaEFaWmZ5b3Y0Umh1MXBacnVZYWhzNk5MeG5zcSs0Y2N3QVRDRmFCR0ZTcGtNUFRLZkNlZ0tKOTViMlJUSVRhREV3aVd0OVRaaGF4aTd4MnFIYVgxM3hnUkNyUmVOM0VzR3hGR29PMko2cjVBaE9yNG92Q3JFcDFHRUJieG5valpHQ0dlTGJYc1dvS0tRaCtFWT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

58b00fc3a2009a8b1f71b68c32783c04f4ac208881f6ca7bbb5e8f9db096f67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1103888
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=p4_YK3wxdUROcTRjQjJlVkxKb0VqT1RyUDlLOVphT2ludThPOFhaTFlYUlhOTGVPeWZhZVpoNkJONDBnWnFYbDdhR0lFRWpTemI3RWp0a1h2MHI0NnYwZEVqSmlsT0dZS0JHV1JVUngrMFB3MnVjZmlwdkFvZXVLUGhqcGx6OUJKcmdCOGNVQW1PSUdGVEZSUURUeCs5YWxjV1p1d1NJaEFaWmZ5b3Y0Umh1MXBacnVZYWhzNk5MeG5zcSs0Y2N3QVRDRmFCR0ZTcGtNUFRLZkNlZ0tKOTViMlJUSVRhREV3aVd0OVRaaGF4aTd4MnFIYVgxM3hnUkNyUmVOM0VzR3hGR29PMko2cjVBaE9yNG92Q3JFcDFHRUJieG5valpHQ0dlTGJYc1dvS0tRaCtFWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 450725
content-length: 0
expires: 0

POST
H2 204 greenoaks.gif
onlinehikes.com/detroitchicago/ 0
62 B 58ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjYxMiJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTE3OSJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiNTYifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMzMwIn0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMzM4OSJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiI1MjcyIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTM3NSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTM3NSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19XQ==
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:45 GMT

POST
H2 204 greenoaks.gif
onlinehikes.com/detroitchicago/ 0
16 B 58ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuNyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInRfZXBvY2giOjE2ODIzMzQxNTYsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI2NzAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjM1NDMwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODY1OTIwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDEyIn1dfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:45 GMT

POST
H2 204 greenoaks.gif
onlinehikes.com/detroitchicago/ 0
16 B 59ms
58ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjUzNDAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI4In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjcwODYwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiOCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODY1OTIwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDEyIn1dfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:45 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 60ms
60ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg1NTYzMjAyNDUxMDEyMCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:45 GMT

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
16 B 64ms
63ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:45 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:45 GMT

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
194 B 80ms
80ms XHR
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:45 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 98ms
97ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=185&av=35&wv=7.42.0&bundle=S4KAG18ycWtORTZqZXdXRkdKVW9FTnJyaUNlNWUlMkZMbnFvbW5YJTJCdTF3bm5aNSUyQmxBQXVaY0V6UVpNV0lEbmFQSko4MTdlSWNmS2cwMFMlMkJQY0d1UFY4eWpQWVNMTndRZGxNRDZJemVndzk1cVdrem5vMTdselNURU1SNUlnYUZ5cDI5VnNuVEc4NEtUZ083QTZ2Q2NYNiUyQm12VTZBJTNEJTNE&cb=2830562428

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
DATA 200
OK truncated
/ Frame 89C1 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 2d546169-83de-4b85-a584-20affb5088d2 Show response
https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/ Frame 2F9C 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/2d546169-83de-4b85-a584-20affb5088d2
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 668
Content-Type

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 250ms
117ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fonlinehikes.com%2F&domain=onlinehikes.com&bundle=S4KAG18ycWtORTZqZXdXRkdKVW9FTnJyaUNlNWUlMkZMbnFvbW5YJTJCdTF3bm5aNSUyQmxBQXVaY0V6UVpNV0lEbmFQSko4MTdlSWNmS2cwMFMlMkJQY0d1UFY4eWpQWVNMTndRZGxNRDZJemVndzk1cVdrem5vMTdselNURU1SNUlnYUZ5cDI5VnNuVEc4NEtUZ083QTZ2Q2NYNiUyQm12VTZBJTNEJTNE&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://onlinehikes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 24 Apr 2023 11:02:45 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 281286
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
id.a-mx.com/sync/ 66 B
559 B 182ms
59ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://onlinehikes.com/&v=7.42.0&vg=epbjs&us_privacy=1---&gdpr=0&gdpr_consent=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfb824cac00a2a1d170cb0ee9ec87c303a59215db4e36e921cbc758cf627d053

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIChLecueHlQAr5YTxInTPCVxCUJT3MeHJ0%2BTGJLupNl40F5kcGYrreTwfmdWq5XAPxYrKWbxC9iA701SKY%2BKYpnQfYp%2BhJvPflth1T6hNuqO9tovSt0jwKKnZSScJXg8RYSVDXdKORFxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cf-ray: 7bcddb17295d2d71-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
373 B 67ms
65ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 324256
expires: 0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 141 B
305 B 246ms
127ms XHR
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=524&_it=prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ac29b3dafaf80097d78b9cbf67c548a9bb92eec92c21278f777e09394964db3

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 7bcddb172a50d906-HEL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
544 B 79ms
79ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
date: Mon, 24 Apr 2023 11:02:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 327ms
77ms XHR
application/json 54.171.31.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.31.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-31-74.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://onlinehikes.com
cache-control: no-cache
x-server: 10.45.17.24
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 204 pbcas
ads.yieldmo.com/ Frame 4D43 0
0 81ms
81ms Document
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT

GET
H2 204 pbcas
ads.yieldmo.com/ Frame 1D23 0
0 85ms
84ms Document
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT

GET
H2 204 pbcas
ads.yieldmo.com/ Frame 968B 0
0 84ms
83ms Document
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 0B65 6 KB
2 KB 102ms
89ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/?us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bcddb16eb9c95ea-ARN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 11:02:45 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 pbcas
ads.yieldmo.com/ Frame 89FB 0
0 94ms
94ms Document
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://onlinehikes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 89C1 4 KB
4 KB 48ms
48ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b169b30baae251b9c436844%2F4bd8b73a-9271-4ee4-9f53-93b9f063e31e.woff&t=%0A%20-1358AEIKLNSTUVY%C3%84%E2%82%AC
Requested by: Host: 9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
URL: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b7ecebe64d2f474924070171c64b5d1eb7fbb4e372ba3fe8f59bc4819be083

Request headers

Referer: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com/
Origin: https://9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 07:14:37 GMT
server: cloudflare
age: 1489880
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=4bd8b73a-9271-4ee4-9f53-93b9f063e31e-subset.woff
cf-ray: 7bcddb16efa2376f-HEL
expires: Fri, 05 Apr 2024 07:14:37 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 145ms
144ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ 421 B
636 B 573ms
59ms XHR
application/json 2a02:2638:3::6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df754855dc8830cd823df187699d05b70145d5fc1b53f02fae970fc48ca7ae99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-store,max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 150ms
150ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 147ms
146ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
62 B 119ms
117ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzk3MCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxMjY3NTM3MDY1MDM3OTIiLCJkb21haW5faWQiOiIyNzMyOTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1vbmxpbmVoaWtlc19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODIzMzQxNTYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRkkiLCJwYWdldmlld19pZCI6IjIwNjI0YzUxLWQyYTAtNDViZS02YmNiLTEwN2U3NDBmZmVlZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjEyNjc1MzcwNjUwMzc5MiIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:47 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:47 GMT

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_008.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 101 KB
101 KB 386ms
384ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_008.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6cd899a2d5fadbdd3fefc8794d51f1cae685e7104b8d9bfd3b884b6e036c57b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
via: 1.1 9267231a1fec2f141a931c8dc694fe1c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103128
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "52cf5d3a277e28f285d8586cdd2a67c5"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrulxIwtcELp9Pp24JJILC7zOCjuaPGK73CdItbV%2B9%2FrSPue4D6rSSXE3ACwze6RfsnWl40YwpCdls%2FO8AN%2FYCgFImVd6tgQ8vgyAw2VvRaY7lhpTBqa5mL3ecdJm7obCpHZeUi2GJa5ceTk75UtcjCF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb177b52d943-HEL
x-amz-cf-id: CPL4Zr-wCTa62O86BKfvBhvfz9lGG9uCABb_QbrJn8gXJ79KXTymkQ==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 468ms
65ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

93270958678dd382c1a6b232913a06cc2eb6d07a21a40a519acd3bf985afb0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
date: Mon, 24 Apr 2023 11:02:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 audio_009.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 39 KB
40 KB 653ms
653ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_009.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7566a3bebc23fc52335c665a15f9134545403f52ea80d5674239725e57be6be9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40397
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "d75d3d875f260f1043de918e0739aea0"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajXpxSiKuhkB46dwe4KaUQxU%2FLuzCjTJ7uQeKzlenUBw7t32WHs277Bq9a6MyhvnLBC0on44QtoGjRDoGfLUfW0PlduWRpBxePUYFNJdttToXtZZ5a2KiWvrRRndfUGJeeWZtXH5Ap8Q8Iv33XVv%2BDfV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb17ec95d943-HEL
x-amz-cf-id: _-Y6voWDilzJYEZR0DBSyxcVH7bRp8jY3CYqi8GnQTv6gkmMUOsWbw==

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 693E 3 KB
3 KB 71ms
71ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F773f4aa2-0591-4669-85ed-d97f9a04f1e4.png&w=117&h=133&q=99&f=webp&rt=contain
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b1105f000ee53996c9372a05b339026eb727e065b4e65b778ba0e21a48b520

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:16:47 GMT
api-supported-versions: 2.0
server: cloudflare
age: 20755
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7bcddb17eb36d97b-HEL
content-length: 2966
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 693E 6 KB
6 KB 59ms
59ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbassadone%2F5bb20a86f4ea2856ac743478%2Fimages%2F982b597f-a25f-4498-a781-2e055e9ee940.png&w=139&h=128&q=85&f=webp&rt=contain
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.da64b08cbb424c1d9ca5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20014d357c99cdb2774f28f252e588644c55be2e006ea9b25172d161176cdab5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:16:47 GMT
api-supported-versions: 2.0
server: cloudflare
age: 20755
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7bcddb17eb3dd97b-HEL
content-length: 6240
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A4DF 156 B
142 B 543ms
543ms XHR
text/xml 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=1674626896726509&description_url=https%3A%2F%2Fonlinehikes.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fonlinehikes.com%2F&ad_type=video&ciu_szs=300x250%2C728x90&hl=en&max_ad_duration=18000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=nonlinear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22485590223%2F273299-shared-video-1&vid_d=48&vid_kw=YouTube%20tips%20for%20entrepreneurs%2CHow%20to%20get%20started%20on%20YouTube&vid_t=YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success&vpa=auto&cust_params=ap%3D1%26d%3D273299%26eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26ft%3D0%26ic%3D1%26iid1%3D6955167364553976%26plat%3D1%26t%3D134%26tap%3D273299-shared-video-1-6955167364553976&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhwKDWNyd2RjbnRybC5uZXQY1ay4l_swSABSAghkEhkKCnB1YmNpZC5vcmcYoq64l_swSABSAghqEsIBCghydGJob3VzZRKsATl3S01rWlpvOHJvUmdYLy8waVQzdXFubjZ1RmxrQno2emdSYnZ4VjMxT1hwMWhNWjc0UDNKQjF1WTNGSTQ1T2l3RkhqWlAyNHFlUjh3eDFWdjlxRDcyZ2R3TVZ0REZtMjc1dFAzeTIwdGdYSVRUUjlmb05taDZWbzdwMFhhdjA3cVppYllJNkZwN2JRb2hnRjAzNENvL0laYVJVVVFSSmRSRmh4akxaTWRkdz0Y07C4l_swSAASHQoOZXNwLmNyaXRlby5jb20Y1ay4l_swSABSAghkEhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEj4KBW9wZW54EixleUpwSWpvaUsxUXJVbWR4WWs1UlQyMUxSSHAzZWpCb1FYSTFRVDA5SW4wPRjWsriX-zBIABIbCgxpZDUtc3luYy5jb20Yu7W4l_swSABSAghq&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fonlinehikes.com%2F&loc=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334165792&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&scor=3524859698551890&ged=ve4_td9_tt7_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 0B65 48 KB
12 KB 82ms
73ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 185928
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bcddb189ded95ea-ARN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1db72228-51f6-46c8-928b-381151bc5a02.jpg
c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/ Frame 5E37 157 KB
157 KB 52ms
52ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bassadone/5bb20a86f4ea2856ac743478/images/1db72228-51f6-46c8-928b-381151bc5a02.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1d92db9c0978b83183e37ea341dfcc5745be4e07b6153b8c4256fe7b2dbfba

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 11:02:45 GMT
cf-cache-status: HIT
content-md5: cca9GbRYrMXI/WxxW5YrNg==
age: 3034
content-length: 160577
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 05 Apr 2023 09:24:30 GMT
server: cloudflare
etag: "0x8DB35B78F76C060"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: c4cbc02d-a01e-00a0-7157-686987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7bcddb188c9cd97b-HEL

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame ABB4 0
343 B 77ms
76ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/?us_privacy=1---
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bcddb1a487495ea-ARN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 11:02:46 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame FF0C 0
0 213ms
69ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Mon, 24 Apr 2023 11:02:46 GMT
X-Sovrn-Pod: ad_ap6ams1

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame C360 0
0

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3djwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE%26u%3d%24%7bUSE...
https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DjwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE%26u%3D%24%7BUSE...
https://ssp-sync.criteo.com/user-sync/match?p=jwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE&u=AACKOE7IjMQAACC_HI6pYg&us_privacy=1---

0
141 B

58ms
57ms

Image
text/plain

2a02:2638:3::6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=jwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE&u=AACKOE7IjMQAACC_HI6pYg&us_privacy=1---

Protocol

Server

2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
cache-control: no-store,max-age=0
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

location: https://ssp-sync.criteo.com/user-sync/match?p=jwK0IF8lMkZCdVFWbkxGeTJKWHYlMkJtSXNlTVJRWDZHMCUyRk1vcFdhZUJoaFY5WUhBVVdVJTNE&u=AACKOE7IjMQAACC_HI6pYg&us_privacy=1---
Date: Mon, 24 Apr 2023 11:02:46 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 57ms
57ms Image
image/gif 18.194.221.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=criteo&custom_data=tSEe9F92ZmU2eWVDSXkyV3V3M2FYTEhJQlI4enBlNFpnR0ZqTjI1Mld4Y0pmZnVJJTNE&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.221.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-221-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_009.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 152 KB
153 KB 714ms
713ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_009.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ed27e06a2bdc7f5397ecbf4398cb40e2bac5bcfec5ed7ae294ef13a5ea37cf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
via: 1.1 f9d8d85c1cdd8d752a5fcdb241623dfa.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 155790
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "b2ad020beeedbd92602ebcc0f4f71bf4"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ewB4elIKY9UB0ybJIPcmJWqFNp1LJD2j5mqlCjuuyt9bQXVNZwOkTTyS8N1o%2FOpIM2ZcU%2Fm2z5K5yZgBtpPtjiUpcIR3AOV%2B5vkqWZYiMWsMWnT9lYqhtJXie0M13YytJ2qc4UaDNL2RgduHtVBWiqU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb1abb20d943-HEL
x-amz-cf-id: J-BPQZVbqLmVDuTlhz65QaSNBrXVGCRQUQL62KDlBaOvVUILv5lEag==

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 216 B
625 B 196ms
67ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

cf27d74d62af90b9bcbe2d87feb150c433c700e11ede5bb8456b3e1801e3816d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
date: Mon, 24 Apr 2023 11:02:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6F20 42 B
64 B 109ms
109ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuugasj2-mUrxKvpSfNm5I75EMELQYpx2GIzJGCKto3R98wy0DxOCoNDvPghh70LTP1wMLMYQGttvy4JoUe2YLvdER1eyzvNQWGpqG7-BqG6HYfGr1R__dfa6uAu-CKjCD9Y3H-nexGWHxbt0HokrHHYq1qi3ZnY-QX&sai=AMfl-YQkpPeWmo_c271woyFznQCbDzH0a0PgZElWoqVeMTb6GKyC6x5XiLW0DOObm8Ru8xK2dosKO5ANA4Jf5jLdChaE6Nl0rhTX_x-YUpx5FqD5H4NduJjyRu7L0dHJ&sig=Cg0ArKJSzCglhkvpYSIuEAE&cid=CAQSPABygQiDopQ4sRSYk0-1l23lsEZC9DfaLIzdF_NImBR6bte5o8jut63Fj27dXYzXskbzCHOn9Tl3C2_ctxgB&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1197&tls=2198&g=100&h=100&tt=2198&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 69B6
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1682334166424
https://ad.turn.com/r/cs?pid=45&rndcb=2471167976
https://sync.1rx.io/usersync/turn/3013302386049305321?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-82e2f180-a0c3-4cbf-972a-1ed...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003

0
710 B

75ms
75ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bcddb2a7db195ea-ARN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 11:02:48 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Mon, 24 Apr 2023 11:02:48 GMT
etag: RX82e2f180a0c34cbf972a1edbe6a06dae003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

582baff5-17d1-5272-b2ed-d852d6abb984 Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 00F8
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
https://csync.smilewanted.com/set_partner_userid_get/betweenx/582baff5-17d1-5272-b2ed-d852d6abb984

0
389 B

76ms
76ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/582baff5-17d1-5272-b2ed-d852d6abb984
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bcddb1d2c6895ea-ARN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 11:02:46 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/582baff5-17d1-5272-b2ed-d852d6abb984

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame 2CE0 0
0 411ms
129ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Mon, 24 Apr 2023 11:02:46 GMT
Server: nginx

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
194 B 80ms
80ms XHR
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:46 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 86ms
86ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2

200

35ea5ccb1d7cf646d71f91ff6b2ebf8a Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame F358
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/35ea5ccb1d7cf646d71f91ff6b2ebf8a?gdpr_consent=&gdpr=0

0
452 B

74ms
74ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/35ea5ccb1d7cf646d71f91ff6b2ebf8a?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bcddb283a8e95ea-ARN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 11:02:48 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 24 Apr 2023 11:02:46 GMT
Expires: Mon, 24 Apr 2023 11:02:46 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/35ea5ccb1d7cf646d71f91ff6b2ebf8a?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1682334166653038-346

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 5D76 0
0 201ms
62ms Document
text/plain 3.72.161.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.72.161.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-161-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 73ms
72ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ 13 B
294 B 58ms
58ms XHR
application/json 2a02:2638:3::6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-store,max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 81ms
79ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 81ms
79ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame 60CE 0
0 366ms
130ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Mon, 24 Apr 2023 11:02:46 GMT
Server: nginx

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A4DF 156 B
142 B 448ms
445ms XHR
text/xml 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=1674626896726509&description_url=https%3A%2F%2Fonlinehikes.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fonlinehikes.com%2F&ad_type=video&ciu_szs=300x250%2C728x90&hl=en&max_ad_duration=18000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=nonlinear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22485590223%2F273299-shared-video-1&vid_d=48&vid_kw=YouTube%20tips%20for%20entrepreneurs%2CHow%20to%20get%20started%20on%20YouTube&vid_t=YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success&vpa=auto&cust_params=ap%3D1%26d%3D273299%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26ft%3D0%26ic%3D1%26iid1%3D6955167364553976%26plat%3D1%26t%3D134%26tap%3D273299-shared-video-1-6955167364553976&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhsKDGlkNS1zeW5jLmNvbRi7tbiX-zBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjVrLiX-zBIAFICCGQSGQoKcHViY2lkLm9yZxiirriX-zBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBOXdLTWtaWm84cm9SZ1gvLzBpVDN1cW5uNnVGbGtCejZ6Z1JidnhWMzFPWHAxaE1aNzRQM0pCMXVZM0ZJNDVPaXdGSGpaUDI0cWVSOHd4MVZ2OXFENzJnZHdNVnRERm0yNzV0UDN5MjB0Z1hJVFRSOWZvTm1oNlZvN3AwWGF2MDdxWmliWUk2RnA3YlFvaGdGMDM0Q28vSVphUlVVUVJKZFJGaHhqTFpNZGR3PRjTsLiX-zBIABIdCg5lc3AuY3JpdGVvLmNvbRjVrLiX-zBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pSzFRclVtZHhZazVSVDIxTFJIcDNlakJvUVhJMVFUMDlJbjA9GNayuJf7MEgA&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fonlinehikes.com%2F&loc=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334166481&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&scor=3524859698551890&ged=ve4_td9_tt7_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 audio_010.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 266ms
264ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_010.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb24752805c8987b7afd3858a9c131ffcb22b26e5878218ec6b4f157d33aa2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
via: 1.1 ead12ea8a5dacf72daa302814186069c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40800
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "b915f037e9cbc058bdf2df07a183313b"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqVq4GGRFbmgRLodFhL36gD9XcXvxON8FTxQCYOoktBwyqNQiLeHszNVq6zMxHmyzXmUPiMUoma2dlr%2BYWENyN%2BYbZi3k42wW8tMbJWXeamwNEZAF5qEh7%2BKbiDgTdYF1Ray6BFvTAGbOWsM7SyU9zqA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb1ca848d943-HEL
x-amz-cf-id: WyC1tiFDznrmLD5WinD9LnSZIwbBQqx-JRNiW1i45_bTjQJ3KfStHA==

GET
H2

200

jh9108M8WmOcxqvKpd8d Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame F117
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/jh9108M8WmOcxqvKpd8d?pi=smilewanted&tc=1

0
428 B

75ms
74ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/jh9108M8WmOcxqvKpd8d?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bcddb288b2d95ea-ARN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 11:02:48 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 24 Apr 2023 11:02:48 GMT Mon, 24 Apr 2023 11:02:48 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/jh9108M8WmOcxqvKpd8d?pi=smilewanted&tc=1
pragma: no-cache

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 337D
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=987bca91c0a849270284d484199c0bf9

43 B
1 KB

1793ms
89ms

Document
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=987bca91c0a849270284d484199c0bf9

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

AN-X-Request-Uuid: d46e14c7-0a7f-42be-a6da-fd16068d9c69
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 24 Apr 2023 11:02:48 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.204.1.183; 185.204.1.183; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bcddb1d1c5195ea-ARN
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 11:02:46 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=987bca91c0a849270284d484199c0bf9
server: cloudflare

GET
H3 200 audio_011.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 39 KB
40 KB 692ms
692ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_011.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d96db9efe1e9f0d000ebb92e4e1f4c5b513084209c2bd3310d1048522ea354

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:47 GMT
via: 1.1 11e8f0c61352b0b7123fef57178c7f98.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40220
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "3262e1de7c1cd8dfc26d66cec7135956"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UD18k1kUcTTm5FCs1Js1uSADdDcurmIdgOqBbjXt2e5%2FxQ8fLpJPP1H9GyDEDDUJaKFXJpOXPIOsoJ8amm0Is7T3jWzZLHMALLNJUkszZxEwrbBZrlkTgFFccRiUyIq%2BI2sG8GjZPajqAD9m9lM%2BfMYB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb1eed9bd943-HEL
x-amz-cf-id: EKcPmegF8IxyuhYV7lplKe8Hj_nggZN1DQdDfe64oQw0O4PPeqYKAA==

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
194 B 80ms
80ms XHR
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:46 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 92ms
92ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_010.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 131 KB
131 KB 722ms
721ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_010.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626540ed605b8dfe556dea8121b4a05c0085e2068862da5bb1070d8ebaee77aa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:47 GMT
via: 1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133825
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "528293cdae5db650a7d34e668fdc526d"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUufrvJMFurNM7OaeQX0kdRleuCRNNfr4ntKIGKaoppYVo7xPoVLcleghTERtDbT5r89ZMpn6a655%2BWnkDBta7rk5f1VkzdnDDpshIOh6sbllW4bnXuEUIxoGlhkgjESttkmOmQaaFmUHwvtMkooYU4c"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb205abad943-HEL
x-amz-cf-id: IYU1Ipp2b8Cf_FFPQf8RYciGe8erBoMT4q1ebq_Ji_zvSHrO_ADltg==

POST
H2 204 army.gif
onlinehikes.com/porpoiseant/ 0
62 B 57ms
57ms Ping
text/plain 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinehikes.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjQ2NTgwMjc4MDUzMjM5MCIsImRvbWFpbl9pZCI6IjI3MzI5OSIsInVuaXQiOiJkaXYtZ3B0LWFkLW9ubGluZWhpa2VzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjExIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTI2NzUzNzA2NTAzNzkyIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgyMzM0MTU2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZJIiwicGFnZXZpZXdfaWQiOiIyMDYyNGM1MS1kMmEwLTQ1YmUtNmJjYi0xMDdlNzQwZmZlZWYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjc4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzODU1NjMyMDI0NTEwMTIwIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjEzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NDIwMDU3ODc0NTYyNjgxIiwiZG9tYWluX2lkIjoiMjczMjk5IiwidW5pdCI6ImRpdi1ncHQtYWQtb25saW5laGlrZXNfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MjMzNDE1NiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGSSIsInBhZ2V2aWV3X2lkIjoiMjA2MjRjNTEtZDJhMC00NWJlLTZiY2ItMTA3ZTc0MGZmZWVmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjEzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://onlinehikes.com
x-middleton-display: ezp_sol
date: Mon, 24 Apr 2023 11:02:48 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 23 Apr 2023 11:02:48 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 73ms
71ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ 13 B
294 B 59ms
56ms XHR
application/json 2a02:2638:3::6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-store,max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 70ms
69ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 72ms
71ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A4DF 156 B
142 B 408ms
408ms XHR
text/xml 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=1674626896726509&description_url=https%3A%2F%2Fonlinehikes.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fonlinehikes.com%2F&ad_type=video&ciu_szs=300x250%2C728x90&hl=en&max_ad_duration=18000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=nonlinear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22485590223%2F273299-shared-video-1&vid_d=48&vid_kw=YouTube%20tips%20for%20entrepreneurs%2CHow%20to%20get%20started%20on%20YouTube&vid_t=YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success&vpa=auto&cust_params=ap%3D1%26d%3D273299%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26ft%3D0%26ic%3D1%26iid1%3D6955167364553976%26plat%3D1%26t%3D134%26tap%3D273299-shared-video-1-6955167364553976&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhsKDGlkNS1zeW5jLmNvbRi7tbiX-zBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjVrLiX-zBIAFICCGQSGQoKcHViY2lkLm9yZxiirriX-zBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBOXdLTWtaWm84cm9SZ1gvLzBpVDN1cW5uNnVGbGtCejZ6Z1JidnhWMzFPWHAxaE1aNzRQM0pCMXVZM0ZJNDVPaXdGSGpaUDI0cWVSOHd4MVZ2OXFENzJnZHdNVnRERm0yNzV0UDN5MjB0Z1hJVFRSOWZvTm1oNlZvN3AwWGF2MDdxWmliWUk2RnA3YlFvaGdGMDM0Q28vSVphUlVVUVJKZFJGaHhqTFpNZGR3PRjTsLiX-zBIABIdCg5lc3AuY3JpdGVvLmNvbRjVrLiX-zBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pSzFRclVtZHhZazVSVDIxTFJIcDNlakJvUVhJMVFUMDlJbjA9GNayuJf7MEgA&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fonlinehikes.com%2F&loc=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334168363&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&scor=3524859698551890&ged=ve4_td11_tt9_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 audio_012.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 579ms
578ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_012.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e17f9a671121630c0e8539deccc35e3c517a0b756b58ae5358d11ea03f973d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
via: 1.1 2a4d61538fbb384d64746e2642e5e74e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40790
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "f99ab18775dd4648d42eae5037b36a22"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yf%2FJnFTy2P1kQtZfD2VlgXMqcCbJbbzeSINvlwVcOJ0AH1fCFhf%2FqjIXoRlt5pPNkbOTkH7HOjGKt0p2fkR11rlgEEWwu34BnR63G7SMSRy%2Fucc%2BmRsXcZvqhQxF8USiJGRN5HOJb3kIsunq3FnqFAIa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb28cad4d943-HEL
x-amz-cf-id: NfILzC1RLAjE1mSZug3Xodc251GNe7RImYOmP_zwheeN8xpYCp0E9A==

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_011.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 127 KB
128 KB 796ms
796ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_011.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc52cbaeab90cf070de5c9552f708de892b8bb527d82b993284141cf60ca7b8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:49 GMT
via: 1.1 c418ea866520d52fb3d0a50002762664.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130502
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "fbd59abddea02660883c843d213a659f"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT4AvsL2kki6zYfAluQ9%2Bc8RyjCrl%2F%2B%2BnGXnET%2BjWQHVB8v7Wn1LR2%2FUrfWx32pn3vY%2BProzTIKsoWq5JQXiBnEZ45ZwvxI7PdwEb%2F78leC%2BWvkRYxbtlLRzFN%2Boo3axPhey7d7NliNAmnp5xjaQS7Ub"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb28eb2dd943-HEL
x-amz-cf-id: qR4FRY-agWU3s4Fmm0w9b6pm4t1oR7Nf0ckUZDXV1D_a1ze0ijCt3Q==

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
194 B 80ms
80ms XHR
text/plain 54.72.22.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.22.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-22-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://onlinehikes.com
pragma: no-cache
date: Mon, 24 Apr 2023 11:02:48 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 93ms
93ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 73ms
72ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://onlinehikes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://onlinehikes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ 13 B
294 B 58ms
57ms XHR
application/json 2a02:2638:3::6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinehikes.com
cache-control: no-store,max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 71ms
70ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 72ms
72ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onlinehikes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A4DF 32 KB
8 KB 516ms
516ms XHR
text/xml 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=1674626896726509&description_url=https%3A%2F%2Fonlinehikes.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fonlinehikes.com%2F&ad_type=video&ciu_szs=300x250%2C728x90&hl=en&max_ad_duration=18000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=nonlinear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22485590223%2F273299-shared-video-1&vid_d=48&vid_kw=YouTube%20tips%20for%20entrepreneurs%2CHow%20to%20get%20started%20on%20YouTube&vid_t=YouTube%20for%20Entrepreneurs%3A%20Tips%20and%20Strategies%20for%20Success&vpa=auto&cust_params=ap%3D1%26d%3D273299%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26ft%3D0%26ic%3D1%26iid1%3D6955167364553976%26plat%3D1%26t%3D134%26tap%3D273299-shared-video-1-6955167364553976&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhsKDGlkNS1zeW5jLmNvbRi7tbiX-zBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjVrLiX-zBIAFICCGQSGQoKcHViY2lkLm9yZxiirriX-zBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBOXdLTWtaWm84cm9SZ1gvLzBpVDN1cW5uNnVGbGtCejZ6Z1JidnhWMzFPWHAxaE1aNzRQM0pCMXVZM0ZJNDVPaXdGSGpaUDI0cWVSOHd4MVZ2OXFENzJnZHdNVnRERm0yNzV0UDN5MjB0Z1hJVFRSOWZvTm1oNlZvN3AwWGF2MDdxWmliWUk2RnA3YlFvaGdGMDM0Q28vSVphUlVVUVJKZFJGaHhqTFpNZGR3PRjTsLiX-zBIABIdCg5lc3AuY3JpdGVvLmNvbRjVrLiX-zBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pSzFRclVtZHhZazVSVDIxTFJIcDNlakJvUVhJMVFUMDlJbjA9GNayuJf7MEgA&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fonlinehikes.com%2F&loc=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334168882&cookie=ID%3Da1ab864f712d8fb7%3AT%3D1682334158%3AS%3DALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg&gpic=UID%3D00000c08d172b0d6%3AT%3D1682334158%3ART%3D1682334158%3AS%3DALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ&scor=3524859698551890&ged=ve4_td12_tt10_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3acb8501ca0ccf2b3312b14248b75d76f2724759b0044d822ff7a56d83323651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7881
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 audio_013.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
40 KB 581ms
580ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_013.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0809390e3150521f5add76fee2c09ae7212b937dcc9f3c01dcf770d18d35e75a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:49 GMT
via: 1.1 c0ee6c90b748e4d13d8e8a1cad2d9426.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40726
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "5e0f238c8191bc35039b9872d0579142"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLf1LmiCGlpMuPeDga%2F%2BsI%2Fk5dg8GhZxrJhVxmqH7OrD12OemBqZtqr0QhmAyYBUw2KNgdSBqGlmmAFwbUHubVRTG5sOyK6CuaqNocWKekVErI4psTC%2B6rFLe8C83Rd%2FogifWg0A8SS8ACR1HLEMHFBr"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb2cfcdcd943-HEL
x-amz-cf-id: g9-0z0U0Kcw-_4ZCziPGWGszjMTl2Ak-Go8dLbYgdd9fuV2z_nuSyA==

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_012.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 109 KB
109 KB 743ms
743ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_012.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58af2444003e3b3ad7ca4d04b6ebb46fa1837561849aeb1572a058d13c72947c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:50 GMT
via: 1.1 c0ee6c90b748e4d13d8e8a1cad2d9426.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111288
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "6a642a413f1dc6170646d71febcc784c"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkiGfaGSu2rIym4KL1gyrJpIaTkMTXu6k8tuEG27zuGiKl4yfUtY5a8fk3ytmVtO9E0UDMiEvlWXr%2Bp6HaZDP53zJdAKMygo%2FVAXCSv%2Bgw2dtnegMZMdHnQ8ORnlXP9UrwvSTOalEGybIiS49o26XLPe"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb2ea9e2d943-HEL
x-amz-cf-id: DM1WfDrJ9Y7MVI7qsAji9WrEDZE7g-9ivawaXJnGhiWdoEzWsJ0Znw==

POST
H3 204 csi
csi.gstatic.com/ Frame A4DF 0
17 B 247ms
246ms Ping
image/gif 2800:3f0:4005:407::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lguqboxe&c=1910989093904&slotId=955494546952&wta=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2800:3f0:4005:407::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame A4DF 32 KB
17 KB 280ms
112ms XHR
text/xml 64.233.184.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AkokGgr6CwY_IdN3--vm8DAOVc0l981lhl3alxU1zmGKUF_GYq8TubX-W_rKmoyqy8DWM9l2kyIbZicGluGPVtlb8tXg&cry=1&dbm_d=AKAmf-AFaBmf_lSknisk-EHgzJay4eVzaLlOpcC7sUVJC3HZCq5_ze0IoNgRq7wRswJzGnj4At8__8IxQTXbvzbU6gSLsXGO9ZRWrWSGMvVKwc-Y-1ljZ1f_gRfD9CuWkWhN2SMAgv-b_jDsM6gogMO_p2ISDNN5dL8BuEf73jeR9jrZRQlcBF-KwIqEnsitPhDqZNg_S4W4aaKSSfxE0tzH7rHYQok9ij4LIl4mip1ySpcvI79cs45p-EX4IBRd2QbEORDpTu_ed76WSqB6ZtfX5lf-gsC5ZB3ClG_nyqnBGh34MkYb3-OQEbyycuO2K2ftubGHkvvxv7AijwNddcucQb6q9di9_vaMIg1PA-frMUK1XneIpJd7AK8G5GHkZMwTLiYGRBsv7U9BTkS_hukp_gQWLQCfS0gG8SsBGj5cJ_ySTHvlUfGAbFHXmc5pYEauZNsEHXCRZW721NESukz_ZTtKc5empjmwAt_E4H-4Z6VOOpwop9c2PDXcvd6Of7o10JaMv1IeY9hcJcRl7sVn-ReZG_adUZT-I03P-KDo7jgJCZRKw_CAMVg_LmPFVY_LsE_EB7-Jpp3bvn5BmgNgIOwA3S5jFHAmHZbB7k0UwEavypZ0J-O9_qf5g_6jLv8lhczd5xIpTa6v-qX5sDW-h5qG1a5QqjnGKFzaldM4EN3Gei6p0InKGKDyHB5lll1gtBf5Mzpfxd0SJc0tg73JlvahCU8Zq66VECzNM0Ky28JyPeL_kQ2awIBgcTVdjirNl4KnUVZz3P13E14u-peUA8vQpbNW9tybBKEq_Dr2D2tjRPfariXcA6cEgk-Ah8gx7ffyzNzcP4qdaDZAT2MlwP_pSdA0YALfmPoRCkcJi3clnVI_ahU93o-uvncpx1iS01Dj7pDd2JcMvb8-9JknIEP7anDJPS9JFDGB3dnr0gocXtXu8zW44ciEOqYj-lvXRM-UMXNJUdBbr4vXKmyTCyygxm3KP8TQx1_SCFB5KS8yojqdsA7-4k_GEGaaPJKEG_5u9eE67Vvonaikka__Uqx_p8tH5yvRIYiYeVt43GchlYLh-S1x5NXUDzd-z0BX4PMh_pPfIsq4hGcDyXLhKRnwl2b3o4iG5Ign8nfJJ2NlbQ603mm6bL2fw9-yUFlbdxNTs5IxogtOs5QCwEu7bqsFU0q8Uhh26sXPgI0rreBKqJtCdYPZLLhCBJS60PSbMh8OmOkd9zFi3lWXhc9hg7FN2WhH23YE98iKuFsSZMa9RE2uPQWuQiHTypG5eQ71BVFrgAtWntXAaGBvHKtrJbu2K2emsFDqYojTcacUKql3paKHQ7rX5ltaAxKu7X-nfTj9hp8IrBAhvgn-Z24PgXOWzVAHjHPeRtOnbxVhWSxe_CbMlDlX9Yemm2qR5bnOjhL4OtCmuxQX8Yt80LuViFi8Y4kLUiJ8TZI4yEw-ka2FBHRJM_vZIEPik-sSPJqw3KYVondrz2RSKiKSq3je71H2FK5rRxGf5kQfjEFKcuNDA8l7HAPhdQxaVsjJUqUGw64n9YFj5eY4fLJ6h6AmuDdhHai7110FcZKZ8yhjK25BlufGrE5uhei57bEMmKkCTQd32Pl2EowgY1XX4Eba1Yy9yyaKUFjFy3_aV3Z4ZL0ifd8I1RQQh-dbYE2u2-dGARP89xGJT2HXriT3wsI7wP9Gxhxa2tFJlZuhkcIo84dceOeBMgJd_bHdvkaCxRQTxLjTaZ3rrwwv6NqokVHH5qijR-aJNZLpjtgPicF1_n28xkWWN6NJ4BUuhEKL9S54hKj_NYB5nR2E6JGSbaVmTsMb_Ga2LJqdSmNjhUQGCn9toNv0LjfjWaPeht010ud4nXZq04bk3zccByXgXYMnPAyX4NpN7cDGw87jFEUoggpBbThgc02YiYk-LMS0CrIggAnQXSWL3c6skgap2RXWhyGFuOl9iydMpuI7bn11hEv8pF8RShPiglrkwJX6vpyx2aNOSa11XFTVpjnVa2p_c9fNvf7yWenDmrTHnpzd05xun2W0zeiAOvjfbdtN8jfO80F6hKSxPxv9xSYtnY0TSfAjTGbBJ9Bia3bQfDoCMCwuP1ML9fJf7HA5dRFZbMToxVsj5zkreLTqmLZwUuIHtNBg94Dzb5JsihaXWeemQgWaIudC2bBMG4DgArmR3LMrxfRIckAci-elZd8x8zzeTW_3Qkkzi5kY2lygWAwkCWRjnUSwj6EDV5vWfkc3dBqM9wqP8F0Ydm94Ye9c0Yh5cmYNOneUj9T3ZnpNghCOHVxXrpeFw7_yvjTB98nrShN6-oUlnmrtN_e7QJVYPyOzcuGqsFcQGqiYeFhE9jO2YzCv7s7G2fK-cEEttiMW4prJoLE8bFo6uB65wmiRxOR2veYOgEydqKz1bXywENDMWxKimTHJ1ziSLkN2mTEOq53F2eg8EDUa8Ujv1IaVBjzOf3L177xqan38GpokjwgqC2ecIHRU2wpThexiWtwvcsvCHt_oSPwjETQ24Y-qGKvLC2HnakqJ6hU7ZRPNJ3VcxGfYwqI8fiFBw_vCoF4_ty6BDUDIIgr2SZ3gx-AZC2vRw5nURbfHGkb7btIi_7hNn1_9SBsBRpO7Q3C0HUhLfRl-EiGBAxjge5yKPfqBX6m0dtlY3aaG7JnvAvJb0SQYcYsdP7THcWlMaeHeFT8szKYISX-XCCap1Opge8_pqnoEi9XRUzEsKxs7uTrD4vRpWa11hqQxcpDjEBQZrdwy9SyDbDtHIQPgioN8RXg4l3IdL0OGvpTKsRE211kYjy2zUCvSyk_ShojJ-cszCe1vSVcpQYFerpzzPPWUIr8HxvL9npEbD5_bRuguf4BuFAEfjcZoSG1t0yyqoARxY-QYPzxf43us9QXIJNuELUEvD-_jUR85bkyuGjF3K1ZPhJkb41xrbcZgLQJEYuC-dGc9aks--uQhSh5qlJesxs37x6XHrfTrFaLPniyEEo3FZZ5uMKk95dsuLWOoONPjwz4NQ9-PkHycN3_Jn5sWGfq3iC-nOMiw_kyAsoJj2ZIXrInjCddSAAPdeo_9hzzcb68mjlAiu8FyqqIM1wR7OpFF2MWpBO1H9pvQCc60mnAaN_A3hol-Q0MvvrJ0Ok1CTJKTDNTiZBXdr4_I_iw5ZohrjchyBWTv6zAueDZM8YDVflp9_d_omPkDQVIghOhrdO4w4FvKQCkomrsmlKmjVpV9S-AaWk2NF71LvPBM-JbSkAJyMkNxC5mlI8KE1OQJsKI3GGl-4egoowDXemJRbqBSYwy9dzBGPkS2JNEeKMz3Rwce1LpQxMAbJoT4_6wLG9KBWJ5i7_QIy-xgkv6eUAOOMLvyoMM7Gf736iA-a6XIC1kj0YKJ1dPFr7ryf7OdYlJNMk-lAiNaUXYUEMd59_lSwrt3-VHxL7IJKsvug7X11p3Rant21G-7fizDCdfWXOC303byMnJgNWP0BnrlQwtiGuohBhAPLEsMv4jAOyrXfifiH-LAtQa0kmZ3Wk3-gR9vm7md2UDVElgpPDAasquAHf1BkO7zzFjV-azLM5jMdcnk5jxM4aVTPyXs4JMmC-KlYPDYFmIpGVkA3XTuc41ceCBJ4VIjNHmRVEB58HGnlFXbk6GsdKE81zwdUGgLgXRo0qcDd8fYbygdIIg0RqXpxxh6dDFyrXRJAwbjJ_6k6wL8_n154UNi_kBfCFRAtG_swCRrnjVpV0773DTv2MFlc3_Rk6CcLOqlhm8A2TCbNFSGHV3ysO3jIxtD8WvOQC-Q2vmuubeEUWhD5sGi5my6CQmSZd8w992Cml4KIl3oD7tXnXMldcfgTcXNYRVMvfZIUTwkPkexwdfhnMRFfr3DtbYGNTlrQRAwadR0-2U8V_dv0w_u3WymChmG_hktFMpohSbn55HgoVVSr0oconrx7B_30wLFRwUeH_862TRk4ehC9qeg0TTPXABivCBMWME6ePpng2uIucYEubnvld08TKMlCv0G-0BBsg&cid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8ajZkLx5mmQxgB&vpa=auto&vpmute=1&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=59852326&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=E71045A2-E55B-4B62-BC7C-1CFBC33DC306&a3p=EhkKCnVpZGFwaS5jb20Y1ay4l_swSABSAghkEhsKDGlkNS1zeW5jLmNvbRi7tbiX-zBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjVrLiX-zBIAFICCGQSGQoKcHViY2lkLm9yZxiirriX-zBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBOXdLTWtaWm84cm9SZ1gvLzBpVDN1cW5uNnVGbGtCejZ6Z1JidnhWMzFPWHAxaE1aNzRQM0pCMXVZM0ZJNDVPaXdGSGpaUDI0cWVSOHd4MVZ2OXFENzJnZHdNVnRERm0yNzV0UDN5MjB0Z1hJVFRSOWZvTm1oNlZvN3AwWGF2MDdxWmliWUk2RnA3YlFvaGdGMDM0Q28vSVphUlVVUVJKZFJGaHhqTFpNZGR3PRjTsLiX-zBIABIdCg5lc3AuY3JpdGVvLmNvbRjVrLiX-zBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pSzFRclVtZHhZazVSVDIxTFJIcDNlakJvUVhJMVFUMDlJbjA9GNayuJf7MEgA&nel=0&eid=44731964%2C44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&afvsz=450x50%2C468x60%2C480x70&url=https%3A%2F%2Fonlinehikes.com%2F&dlt=1682334157147&idt=1391&dt=1682334169411&ged=ve4_td12_tt10_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f156.1e100.net

Software

cafe /

Resource Hash

f8cb1119b48ed35418c93fe7663043a318d4c9e223ff887feb58d229d668f0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16913
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame A4DF 0
17 B 247ms
247ms Ping
image/gif 2800:3f0:4005:407::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lguqbsxr&c=1910989093904&slotId=955494546952&vmfc=12&vhc=0&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2800:3f0:4005:407::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A4DF 42 B
64 B 102ms
101ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame A4DF 0
0 101ms
100ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CQhHn2GFGZNjoPJ-snsEPlNuGiAvIlfvoboj3tri0EbO-zcvHIhABIMv_lGdg9wGgAdyt2rsCyAEFqQI6iMAATmqyPqgDAZgEAKoEiwJP0Arlw0VnX7sEMNz8O-f9q5E7i7-kPH_au0FE-SXT5as-T-PXCnn_lKVlTMIoeQNABY9dlun1kqgzxTOtOThqVDsfyek47--b1sJwtWkkuHMIx0idGqUNbCWb5w6OGoH-1M9V0nsP4RPJAk7hgISIRetYsTn3NxbrMzQpr96brO95qihZ9Li6OqmQx5lwgqiwvIJc0Vn-PlPysHw5ywNXTlgYfw4f9qFTHZ4vbkVPb5wk6cR1Fcjaa7dOtDQWmlifdsum4G01OY3PR3_GfPI-7fwQcmB4Um6_R2bCFgurFtbIvlleMjcc7TlUKuZCN9xgV_GzOdtt4QSuR6PSNNzrYt1ucGTFHvoUfC_ABJrJ9KuqBOAEA4gF7KSxmEmSBQYIAxABGAGSBQYIGxABGAGSBQsIIhgBSLLZ5AFQAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjNKlxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCI3wMY_oD43wHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA3OTI3Nzg5MzE2MjUwNIAKA8gLAbAT7OqNEsgToIj04QPYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItMTk2NjcyMTE5MjcwOTYwNhi-yQfoFwU&sigh=pzikA9pvkNo&cmd=Ch1jYS12aWRlby1wdWItNjM5Njg0NDc0MjQ5NzIwOBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8ajZkLx5mmQxgB&vt=10&sdkv=h.3.569.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NDY2OTc4OTA3NDJAhwQKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDk1OTE0NTIyCTE4NjUxNDk3N0CyAlIzCN4HEA8lAABwQSgBOgs0Njk2MzExMDItMUIER0RCTVAAWhBNQmI1dllDVndwZ3VxbXI4GAE.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 242ms
242ms Ping
image/gif 2800:3f0:4005:407::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lguqbk41&c=1910989093904&slotId=955494546952&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2800:3f0:4005:407::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

52
r2---sn-5hneknee.c.2mdn.net/videoplayback/id/d71314b50d487ee4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713870169/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d71314b50d487ee4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713870169/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/d71314b50d487ee4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713870169/sparams/acao,ctier,expire,id,ip,ipbits,ita...

2 MB
2 MB

244ms
65ms

Media
video/mp4

2a00:1450:400e:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/d71314b50d487ee4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713870169/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61ED21DE80ADC4F8275D1E9B7DFBEC76DC218B98.53E6554C6609D84AE00D2F8E14DEED79D98A062F/key/cms1/cms_redirect/yes/mh/DU/mip/2a0c:f040:0:2790::3e/mm/42/mn/sn-5hneknee/ms/onc/mt/1682333761/mv/u/mvi/2/pl/52?cpn=MBb5vYCVwpguqmr8&file=file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:8::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c712c9ffdac7afa59a94f1356782bdfa755754b2eee0cbc134a550b6e6c2ac90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 11:02:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jan 2023 15:56:38 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2228699/2228700
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2228700
Expires: Mon, 24 Apr 2023 11:02:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/d71314b50d487ee4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713870169/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61ED21DE80ADC4F8275D1E9B7DFBEC76DC218B98.53E6554C6609D84AE00D2F8E14DEED79D98A062F/key/cms1/cms_redirect/yes/mh/DU/mip/2a0c:f040:0:2790::3e/mm/42/mn/sn-5hneknee/ms/onc/mt/1682333761/mv/u/mvi/2/pl/52?cpn=MBb5vYCVwpguqmr8&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 675
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 audio_014.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
40 KB 228ms
228ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_014.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ea08c71daeca5b34f851f208133d5d57aa37854fedde6e0f232a6275a08a26

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:50 GMT
via: 1.1 3c1b8c037c66c46a8ac162f1eef5d682.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40630
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "afe90357d19345ac6624fe7f45a4ebd5"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21%2BOb87HCcvk6LPi7TmqWMBTNnQstksYJJcYmIN01L%2Fy37%2Be9hHTnvd4VMrchYc%2Fk3EoIEBPBy2hcb1skqF%2BvBhlEB2rQqjy62x5%2Bt3OIptUWRAqeNP69QEQkil0YCNF%2BChgVex5eH0e1gYiSMzyEl%2BM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb3189e7d943-HEL
x-amz-cf-id: XH0SqKsSrXuBd7DSxUjdaex2vVrkN_G_cBIB06xges61FgiFf-5qMw==

GET
H3 200 audio_015.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 39 KB
40 KB 581ms
581ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_015.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ea077555cd3fae9fcebbbffca6043a25d99ebae2fa2b1398f29b19f76ca9ee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:50 GMT
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a14.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40190
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "da6912634a0d9e01789ebed7d6ee2105"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udukF0sdPM4c%2B%2Fre96OTQyMk8D4VbpmxYOc89LAseFJYS5C9rW%2FpFtLjvC2xXhXTJTS%2BWZEu0ulC%2BdhlJ59xG6Baz41JLpyJG03xHgVdSdZsIiPYlxrR8Fle1%2F0HRf4aG%2BYBEucpu%2Fm5m%2BkjVAoFE2Za"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb339eead943-HEL
x-amz-cf-id: o0ftYzPIJG61oh4T1YjfhmshtxzM7PJ0g4YQDfbdwAaQdP_RHyNNJw==

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_013.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 173 KB
174 KB 814ms
814ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_013.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30b7eb0f4253a072d49cabc0744e4a4ef900f35f0c263042e8233d9d21ced38

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:51 GMT
via: 1.1 a875698e08bcdc7b13c04786dfe3a1ac.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177059
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "ece1c4d755130334b4f20fd05ab24d14"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym5uukHlvoXxVTRu3x8s73i%2BRYRd4IV1DPKZh8s9JAHuB4j3Exp0zAr6kcyL7BInsgzo1h1rMwDUjznFGtp7zT18kxZ%2F2CcCrO3m8lpuabaL7sMlMmynaBw03yBwjhD7kD99Iv42hwzkyShaIl0fuxl4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb34180fd943-HEL
x-amz-cf-id: o15gEBgiWIbm4xNHHa0taNJ_sSI-A4PDpQvh5_5_eeC89PiWcixxmw==

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A4DF 42 B
64 B 99ms
98ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame A4DF 41 KB
15 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_fi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 16:50:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A4DF 0
20 B 95ms
95ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A4DF 0
557 B 247ms
108ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpRdyhYyvFepfH0EbgxmoKyoOKKdsU6iZpisIutrsnTpbTFyADYjCYrVL-IaicYiKxhW7iQ3mRY_v7YzyrosxBSNNYPJD_a0gLYkHWcFCae6s5SyEHxtcml7cKuZU_5AAVuBsd-DbCWvvxvod1eIK98P44XhDfdIn6BXxU7rFSiU7eHM0qSDCSOUyv3FDFsofHPc92_zwqeJs9R1Bz9z7ios6VjXApuHgUjsKRib8u8fY68cWn9OKLGkRhhiMja9YeePbeYJp4RRr15BfJHWpa67xz3U0GEON_WOFUTZUKDVS3A58hSQe_KQd6CklkX9g3lBPLObCuT0Jz_b9rtwVb0_iTi09DmYd1a-s8qHLkZnezGH4AQ-H-y8syWIbTrU_V4RaoCP3WVvs5nII9zKu21ogdbPUBhysguAHHhlseDKGS9_3EX6UNWj2WQkQWlsRn_pbtRlHcVTirSpPOoETk6-aaTYtt1ZsWN1GBbGA8uEU4EOzfpN0P298miQACGWQ_XTfUmS3B8HB2c7CLYAFQcaJfdNyMgpo0Pg9eI2YYpu0aKorcUar1BnHuhrhn_BfZCNtkkVBvoKqtiO4XTwTndPimEmB-8aWde7_-MS1hxZ2FOG3dh2dbpwFG0GCNrEv7VjazsN2JQ5p4BJ4orGnMVu2RXr0-i4wHfASY-Xaez-e4wWMu4UIKS691ZiVy06w1zeAxon9EYPHiHkf2bl4rUlSuiy1vPq1JX_IxiXoexwdnigNAlAjTKce23KJfQJduyJnmoag8sb5qMO_cOsthksfgBBstg3GTnBbI4Svd5tgYgaHafSxoP2JfNKxOkh-Boyrf0VjBXExrsH-jPnp68sabSBMklu4-WcLM7mSPR4vj_cMh1US0YXBPOMH-EDZOlU5zcWImAqikl9WBOwCq4or_SFud2FMHp148D5snkr3c59Fgu2eV8yiyFz5-J0N8KxxYhhPL7Bh9BFgyEPn2dEmsY8s0eMrfDto_ZOguB_3K8T7S5pvLurqMbJgw5jnSBbjcZSBJYpIClgIobnc6rkxG5brElI__i8WMNNkkE1SEkL7apW7gcMeArsQhM6bWPvoOQ4OpPiTFy1844o0wr7j48ov2JXfBWC005zy4KWsi_SFGKEQVkIn3q_pp-4ig2Kl7ZhX3sKSAOFYBkHjjjlvOGo4C-Xc9wBTVpI_9BvX9KKp5lsWZccNs2fR9ux4bXAm4xHORHH3dYusJnG18BfWibjkVQH1s3LMJEnGlvBZW5AQ8ujofY5RxGEDIR362Qigs4gQqi2398OQnTZ00Np3K_G3lwZ1mWggZAlQI_bLVZSwuh6On&sai=AMfl-YRbsG12hekg8GSFFP9fnheHaRGX89sXX9xjdR5Y0QurDSJhvMO6QSbr6q_PU8V-raPXlvda_-V3Q0gKGiXHB2Hj3gyN2zH8-TaNrwEPwoB1CTV72XAwp5E7T5CciOnamHrlI53o5WFbsH0MgKR9BIXMmfzLjvzswbErzxJsDWwdiWLiMsU3fQwh_UOM_eY1LwJpa9ARlIHGNN5gUFn9bS-DVHAixg3OEXoxWTgqDpFa3N-JZ37gZQHppAiJ4iv8_DyhVAU&sig=Cg0ArKJSzMvWCSBg4vT3EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.569.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame A4DF 0
0 105ms
102ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqXMBDbyuYCGP6A-N8BIAEwAQ&v=APEucNXZRrpOVbX_EQGewN4yQNmeh4Y1hlZVaaP-vQz6Vdkd_rn9uxReiVmNkU1NtwOm0jd5_GP0JT7Kgk9fRRapWPSfEjVuwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A4DF 42 B
64 B 104ms
102ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbLXl2GFGZNjoPJ-snsEPlNuGiAvIlfvoboj3tri0EbO-zcvHIhABIMv_lGdg9wGgAdyt2rsCyAEFqQI6iMAATmqyPqgDAcgDE5gEAKoEjgJP0Arlw0VnX7sEMNz8O-f9q5E7i7-kPH_au0FE-SXT5as-T-PXCnn_lKVlTMIoeQNABY9dlun1kqgzxTOtOThqVDsfyek47--b1sJwtWkkuHMIx0idGqUNbCWb5w6OGoH-1M9V0nsP4RPJAk7hgISIRetYsTn3NxbrMzQpr96brO95qihZ9Li6OqmQx5lwgqiwvIJc0Vn-PlPysHw5ywNXTlgYfw4f9qFTHZ4vbkVPb5wk6cR1Fcjaa7dOtDQWmlifdsum4G01OY3PRyfH5getf7qCpr-HFZRAY7t_I-IWKQxFh4P7YhQWOzB9MlOKkumJyHGZF8PSHZGXnQxUHvDztDeJN57PkJQcp24RWkvABJrJ9KuqBOAEA5AGAaAGdoAHjNKlxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUwNzkyNzc4OTMxNjI1MDSACgPICwHgCwGADAGwE-zqjRLIE6CI9OED2BMKiBQC2BQB0BUB-BYBgBcB6BcF&sigh=To2MHlh-hmI&label=vast_creativeview&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D12448%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1682334169771&sdkv=h.3.569.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NDY2OTc4OTA3NDJAhwQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDk1OTE0NTIyCTE4NjUxNDk3N0CyAlI2CN4HEA8lAABwQSgBOgs0Njk2MzExMDItMUIER0RCTUiIBVAAWhBNQmI1dllDVndwZ3VxbXI4GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A4DF 42 B
64 B 101ms
99ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssq0ck8zn-gRjfZl1CP8dk7w_pg2zaKdGrjmzNAXJtjdex4W61bWtb5mzhIua1cZnxO0LwRmnJvzc2ZZiEn0fSiUwgRL98d9fCRnvZvwcPN-kQvPdJWw-pTaqTryhK9FSYvE9aJ1Q&sai=AMfl-YTe_EZR-UOwNEixQBnislc6wAQSg0N_Jeai6dqxQGP4kEBytjXx5K3Lsb3_tRPUASTddKBCJJobltSEJeRejFNdSMMbCw3uQ2UeOfYD6kvE7P03fmC0_AbmPKJI&sig=Cg0ArKJSzBG-gF4UUDZwEAE&cid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8ajZkLx5mmQxgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D12450%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682334169771&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1cnLlK_C_gIVRHKkBB0Thg25EAAYACCh_PdYOhoI1_rQxAEQmsn0q6oEGKCI9OEDIIj3tri0EUITCNi0pZSvwv4CFR-WJwIdlK0BsQ;dc_rmcid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8...
ade.googlesyndication.com/ddm/activity/ Frame A4DF 42 B
401 B 244ms
99ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1cnLlK_C_gIVRHKkBB0Thg25EAAYACCh_PdYOhoI1_rQxAEQmsn0q6oEGKCI9OEDIIj3tri0EUITCNi0pZSvwv4CFR-WJwIdlK0BsQ;dc_rmcid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8ajZkLx5mmQxgB;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D951%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D12451%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682334169771;dc_rfl=0,https%253A%252F%252Fonlinehikes.com%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A4DF 42 B
64 B 103ms
101ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbLXl2GFGZNjoPJ-snsEPlNuGiAvIlfvoboj3tri0EbO-zcvHIhABIMv_lGdg9wGgAdyt2rsCyAEFqQI6iMAATmqyPqgDAcgDE5gEAKoEjgJP0Arlw0VnX7sEMNz8O-f9q5E7i7-kPH_au0FE-SXT5as-T-PXCnn_lKVlTMIoeQNABY9dlun1kqgzxTOtOThqVDsfyek47--b1sJwtWkkuHMIx0idGqUNbCWb5w6OGoH-1M9V0nsP4RPJAk7hgISIRetYsTn3NxbrMzQpr96brO95qihZ9Li6OqmQx5lwgqiwvIJc0Vn-PlPysHw5ywNXTlgYfw4f9qFTHZ4vbkVPb5wk6cR1Fcjaa7dOtDQWmlifdsum4G01OY3PRyfH5getf7qCpr-HFZRAY7t_I-IWKQxFh4P7YhQWOzB9MlOKkumJyHGZF8PSHZGXnQxUHvDztDeJN57PkJQcp24RWkvABJrJ9KuqBOAEA5AGAaAGdoAHjNKlxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUwNzkyNzc4OTMxNjI1MDSACgPICwHgCwGADAGwE-zqjRLIE6CI9OED2BMKiBQC2BQB0BUB-BYBgBcB6BcF&sigh=To2MHlh-hmI&label=part2viewed&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D12451%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682334169771&sdkv=h.3.569.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NDY2OTc4OTA3NDJAhwQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDk1OTE0NTIyCTE4NjUxNDk3N0CyAlI2CN4HEA8lAABwQSgBOgs0Njk2MzExMDItMUIER0RCTUiIBVAAWhBNQmI1dllDVndwZ3VxbXI4GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1cnLlK_C_gIVRHKkBB0Thg25EAAYACCh_PdYOhoI1_rQxAEQmsn0q6oEGKCI9OEDIIj3tri0EUITCNi0pZSvwv4CFR-WJwIdlK0BsQ;dc_rmcid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8...
ade.googlesyndication.com/ddm/activity/ Frame A4DF 42 B
107 B 245ms
100ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1cnLlK_C_gIVRHKkBB0Thg25EAAYACCh_PdYOhoI1_rQxAEQmsn0q6oEGKCI9OEDIIj3tri0EUITCNi0pZSvwv4CFR-WJwIdlK0BsQ;dc_rmcid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8ajZkLx5mmQxgB;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D951%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D16%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D16%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D12456%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682334169771;ecn1=1;etm1=0;eid1=16;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A4DF 42 B
64 B 102ms
100ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbLXl2GFGZNjoPJ-snsEPlNuGiAvIlfvoboj3tri0EbO-zcvHIhABIMv_lGdg9wGgAdyt2rsCyAEFqQI6iMAATmqyPqgDAcgDE5gEAKoEjgJP0Arlw0VnX7sEMNz8O-f9q5E7i7-kPH_au0FE-SXT5as-T-PXCnn_lKVlTMIoeQNABY9dlun1kqgzxTOtOThqVDsfyek47--b1sJwtWkkuHMIx0idGqUNbCWb5w6OGoH-1M9V0nsP4RPJAk7hgISIRetYsTn3NxbrMzQpr96brO95qihZ9Li6OqmQx5lwgqiwvIJc0Vn-PlPysHw5ywNXTlgYfw4f9qFTHZ4vbkVPb5wk6cR1Fcjaa7dOtDQWmlifdsum4G01OY3PRyfH5getf7qCpr-HFZRAY7t_I-IWKQxFh4P7YhQWOzB9MlOKkumJyHGZF8PSHZGXnQxUHvDztDeJN57PkJQcp24RWkvABJrJ9KuqBOAEA5AGAaAGdoAHjNKlxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUwNzkyNzc4OTMxNjI1MDSACgPICwHgCwGADAGwE-zqjRLIE6CI9OED2BMKiBQC2BQB0BUB-BYBgBcB6BcF&sigh=To2MHlh-hmI&label=admute&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D16%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D16%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D12456%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682334169771&sdkv=h.3.569.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NDY2OTc4OTA3NDJAhwQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDk1OTE0NTIyCTE4NjUxNDk3N0CyAlI2CN4HEA8lAABwQSgBOgs0Njk2MzExMDItMUIER0RCTUiIBVAAWhBNQmI1dllDVndwZ3VxbXI4GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vad.gif
onlinehikes.com/porpoiseant/ 43 B
120 B 242ms
241ms Image
image/gif 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinehikes.com/porpoiseant/vad.gif?e=%7B%22ad_filled%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fonlinehikes.com%2F%22%2C%22pageview_id%22%3A%2220624c51-d2a0-45be-6bcb-107e740ffeef%22%2C%22visit_uuid%22%3A%225da98512-be15-4855-6edf-47c0fbf8ca9f%22%2C%22template_id%22%3A134%2C%22domain_id%22%3A273299%2C%22video_ad_impression_id%22%3A%22cd70fd75-52ff-4e63-9d89-40f972792639%22%2C%22vab_test_id%22%3A%22%22%2C%22vab_test_val%22%3A%22%22%2C%22uuid%22%3A%22cd70fd75-52ff-4e63-9d89-40f972792639%22%2C%22play_cnt%22%3A0%2C%22pause_cnt%22%3A0%2C%22completed%22%3Afalse%2C%22errored%22%3Afalse%2C%22skipped%22%3Afalse%2C%22clicked%22%3Afalse%2C%22viewable%22%3Afalse%2C%22ad_position%22%3A%22start%22%2C%22video_impression_id%22%3A%2227073152-5533-4f96-8418-9582fc04b297%22%2C%22ad_client%22%3A%22Google%20IMA%22%2C%22ad_system%22%3A%22Google%20Ad%20Manager%22%2C%22total_ads%22%3A1%2C%22ad_index%22%3A1%2C%22owner_domain_id%22%3A124077%2C%22player_name%22%3A%22ezvideojs%22%2C%22is_outstream%22%3Afalse%2C%22ad_length%22%3A15%2C%22has_companion%22%3A1%2C%22impression_id%22%3A6955167364553976%2C%22ad_unit%22%3A%22273299-shared-video-1%22%2C%22ad_src%22%3A%22https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fcorrelator%3D73921134683%26description_url%3Dhttps%253A%252F%252Fonlinehikes.com%252F%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26sz%3D400x300%257C640x480%257C640x360%257C300x168%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fonlinehikes.com%252F%26ad_type%3Dvideo%26ciu_szs%3D300x250%252C728x90%26hl%3Dfi%26max_ad_duration%3D18000%26min_ad_duration%3D4500%26npa%3D0%26tfcd%3D0%26vad_type%3Dnonlinear%26vpmute%3D1%26vpos%3Dpreroll%26iu%3D%2F1254144%2C22485590223%2F273299-shared-video-1%26vid_d%3D48%26vid_kw%3DYouTube%2Btips%2Bfor%2Bentrepreneurs%252CHow%2Bto%2Bget%2Bstarted%2Bon%2BYouTube%26vid_t%3DYouTube%2Bfor%2BEntrepreneurs%253A%2BTips%2Band%2BStrategies%2Bfor%2BSuccess%26vpa%3Dauto%26cust_params%3Dap%253D1%2526d%253D273299%2526eb_br%253D60474211daf1dfd4d90000ea01f56c30%2526ft%253D0%2526ic%253D1%2526iid1%253D6955167364553976%2526plat%253D1%2526t%253D134%2526tap%253D273299-shared-video-1-6955167364553976%22%2C%22param_gen%22%3A%22ParamPositionOptimizationExperiment-V1%22%2C%22position_gen%22%3A%22Even%22%2C%22vad_type%22%3A%22nonlinear%22%2C%22skippable%22%3Afalse%2C%22min_ad_length%22%3A4500%2C%22max_ad_length%22%3A18000%2C%22ad_type%22%3A%22video%22%2C%22allowed_ad_sizes%22%3A%22400x300%7C640x480%7C640x360%7C300x168%22%2C%22t_pageview_time%22%3A1682334156%2C%22bidders%22%3A%22%5B11315%2C10050%5D%22%2C%22received_bidders%22%3A%22%5B%5D%22%2C%22video_position_id%22%3A3996%2C%22auction_retry_count%22%3A6%2C%22fallback_type%22%3A%22linear%22%2C%22bid_floor_gen%22%3A%22defaultVideoAdBidFloor%22%2C%22multiplier%22%3A3%2C%22winning_bid_floor%22%3A0%2C%22max_hb_bid%22%3A0%2C%22bid_floor_type%22%3A0%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:50 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 23 Apr 2023 11:02:50 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E442 23 KB
9 KB 62ms
61ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 160882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 14:21:28 GMT
expires: Sun, 21 Apr 2024 14:21:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame E442 36 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 08:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 08:32:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E442 0
20 B 99ms
99ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.569.0&bgai=BIFA_2WFGZJX5JcTkkdUPk4y2yAsAAAAAOAHgBAI&bg=!UFOlUwfNAAYfNdXmPzU7ADkAdvg8Wjh_jVbf4G-Q8__YzpGp1O_QvCEtNbvBvI5cAk03BIJ6chnzDSjIhT8UmYIlVNxGH0DgCzMCAAAAnFIAAAACaAEHmQL-wTwRoJNqBzMdfpu5X_uui-afH9g7RTcbmUTRW2iSte8ZrfFipplOH6sHsW0NySHxNvXFmu5AVPi2MWHFQj0kEbjgsbUfTnFi7BSTZrvqQhx18CKxDT8bJGjJbVyIC1oIr4nWpnjewAmTUcYnapTPoasaJjjvjKwgzdaPUP7LxP8UXv5gVrYO0PiOLo0SSLlaOoj14nj_rvghX0qHgxtSPnlgz_MsINEJd30iDaCmPlnaumFIiFmgPNJHmk9E63ojqSCsWjuVjGZiWZ3UqmlZH-PBWCseaIvHP6qFOk2StJHcDFe9tvA-R2HQZ4xXuoBf_4PKr2W878A23ABShOW3Si4Gh_RfxF1bRosVgO9p7QEaiFr8PHlOYkotRjf278G86mmfiOJO01nM4d_NWrLk_4Ky1H8ONawxqhj0LhuDBcOnMy50oHxpvEj9jD_0lVm3yrWVCBt3-zNNr2Awx0KLbl5ZDu0o-AUowNmWaeEGcozQJnzfH_IYXcRcFOLlqH47gewfIYwyxx4-CmVvv7iAsT_sFxh2SP_UqSsEBG49B39Qul-m-dXYYxdmHgtBY1JZ4gIrrT9oiazGiHLqefehIFSIj1IgvV85ReihB-2YRmdymppH9TaIZ0xXRcXUgWhUj7SS1N4hFG8p-MM9EfFp4DmLIHz4d0b7BpLt_34HwBVfvzhmBAUTB1UTD92S-7Q8z1gLI7Ay6KnfbbEvb25L_cd5UHPw_nEu6nVlcZM5SNVIA5BdFPHf3WqUfiLVO5HiFjxbuzTQBLfNkK3Dc_jLdV6poCPvcfritt3YwwPOBGzhfP2lzfISYToDJyS4GSXp8W8WU6ioRN-LqkqTt9bnNprVt8aEMPwZUaIzwstB_p1XvetimAO9ehg5lxIBEyChlVxCeKwVe-obT4xvRKEef2tZr_JmbavdsX-AN8MQIk1eW7Tdv4wdRd1BJ2U9d9Uxc8BHIyr_ZNsHNSWpeoQVsD_Z5iSsuds1stte7fhgsQEza8cVM3-8efP0KuBbsA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 audio_016.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 239ms
239ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_016.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1885b7e52ab006818b77a121701d3d083119d232ec87b85c421bd03e1a9e8d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:51 GMT
via: 1.1 20e9cd7a84a4b4e0dce285f587c43f9a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40968
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "d73d6ad80f5e11e9c5de2aeb5163ad0b"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtDtXhb%2FuScFXfrYOm1C%2F8dhxRe%2FbDBgFyZHBgEM5E%2BaNk%2FGl9%2BmySDUiDUbUVbHnWXvQMBbkLcXume9cbOw9MUzBO4%2FjALLyvtcY3p3SNPvE6yBLza0cDsC4dlyZOjJcPzBYWfnhhmK2oQ8Lz%2FQ0sog"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb37fbb1d943-HEL
x-amz-cf-id: tuqhn-IHGWBT9RZlJRGi4TVKLpB6mEh6FDEuI1KmZ1WuWxUczWvbpQ==

GET
H3 200 audio_017.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
40 KB 621ms
621ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_017.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc50765e66d76cc574a3c0f70d626e4aa562ff608b46b41c31fdcd4981a0c5af

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:51 GMT
via: 1.1 06ede6e80e9cd4fa59b8d9b8a98391a8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40505
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "5c7133d9d8d61304a1599e3e436bf5f5"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwBA8ZA0VwRxBmlhsdHfCS15a53xDpwa1qHYRyfM1Psc0zV3rvofZ9THuxxJRAOtNal8hegENW2EDqG8g86JIB2LisYRpucrOe9P41AY8NfGzVQTAQBr15n1J0BHmpRuL%2B9t6OcI3dDCWrgJcFwvaaOA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb3a1a59d943-HEL
x-amz-cf-id: aE_KiGTWPfjyEMaKmXMcsHZKdaLIH5-ClKlJRIQFDMJoKMg7YK09qQ==

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_014.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 137 KB
137 KB 762ms
762ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_014.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18bbd438f3e5d62373efe274e1bdd6aeabaa1f78db6b4dab43f21b8b0325f01

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:52 GMT
via: 1.1 007499d01faac26a60f04831409d062e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139784
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "249d98b9d353d12feddc69b4cf418464"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhUlZWyl%2FVbA3K0KZ9JvzGpkiFQiEz6n5gDrZ%2Fl7LW1n7hHgln2bAB3p0zAO7ZrL0xuRNXe3xiqyOJeklEbVBt%2BRfsKfnG0KXaRvES1KjYaStr%2BNbtq105WBqyr6ZOr%2FW%2FuCN9XS376RAt%2F2a%2F%2BwCfzj"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb3a8c0bd943-HEL
x-amz-cf-id: TFFz9bbJwqnnZSk5fqoVMCYRQhb_SEqadn0XzhUzOzXG46c0bHpmuA==

GET
H3 200 audio_018.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 611ms
611ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_018.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 318988fd48342d61727c108244a2eedb2e293fe725d7a8232e8b6fcc6b045154

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:52 GMT
via: 1.1 f9d8d85c1cdd8d752a5fcdb241623dfa.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40991
last-modified: Wed, 29 Mar 2023 19:08:49 GMT
server: cloudflare
etag: "c5b2806ea4cdcc8828b612881a8343f7"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoVyrqr9w9Ced2LomJ1pxMCH%2FsmhoQLR%2BRxU07hYgA6rmXK4Vr5PGRYbIZ3%2FctLyOrBPOiPBDn4Q9ylcWEb%2BtpT5HYfEJnq%2FT9JgMjHGVO3k2uOHGQnjK6G%2FQTOcMKGLiwwyUjEBV%2FwUDFgYKBnKn%2Fu6"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb3e98edd943-HEL
x-amz-cf-id: BimAUsSFbiPYri_dWTm0qduo_U1T1pC1wDmy16nq8a5nbAY0ZhdU3g==

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_015.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 116 KB
116 KB 768ms
768ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_015.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf0b44687a23a8fd0336a440411dafb7312bf0f1674639952228b3aefce2686

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:52 GMT
via: 1.1 209eb3c6f1b9e1174696d24afc301618.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 118515
last-modified: Wed, 29 Mar 2023 19:08:51 GMT
server: cloudflare
etag: "001bb0b0f54eb1e9345be0f468c5b770"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnhxkDnBe%2FdkkP2GMmkyaJbfPlR1v9gOlgnV%2Bs9RHVNVM56P40KI6LtAxw56z3qTVGwDov%2BUFpWhUm7x7eLiSr0ERnggDx0%2FG%2FqCZ9q6zxvmhM6DfvTKxC81EGTAoptPUoqDM8NERh57Ub5UeN5PAQii"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb404d8ed943-HEL
x-amz-cf-id: dUgPs63MiLZEGBqyPvItVF2lHakZF6xL9-0u6skhZFVWxSnc96w43Q==

GET
H3 200 audio_019.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 39 KB
40 KB 648ms
647ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_019.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d5244c31d5d3e4749afe6d1f42182e5d8780e784e6b68f17a27b430e69c7d82

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:53 GMT
via: 1.1 db89633bf3348e057f316c437d2aee7a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39876
last-modified: Wed, 29 Mar 2023 19:08:50 GMT
server: cloudflare
etag: "9d918d961985ee194942f1f478859e88"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abmgrn9agYcv5AZN76q48mVso4pxkmbaD30avCrP3wgGHs9ifIqSFyeExgEcK4l63sxhlf7McLJEfq%2Bo%2F%2BuXiTN%2FZckHOC1ut%2FOiAj64SzU6Enh108xb%2Fkaf%2BC5L%2Ff%2Fw3oK5aTPUGSLtYenDJFbKg6fa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb430d64d943-HEL
x-amz-cf-id: iNc0ijGNqSlUjFyqKHz1NmLabJU70MxrC8ai7uXswD2l8NDCmBxtMA==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A4DF 42 B
64 B 103ms
103ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssq0ck8zn-gRjfZl1CP8dk7w_pg2zaKdGrjmzNAXJtjdex4W61bWtb5mzhIua1cZnxO0LwRmnJvzc2ZZiEn0fSiUwgRL98d9fCRnvZvwcPN-kQvPdJWw-pTaqTryhK9FSYvE9aJ1Q&sai=AMfl-YTe_EZR-UOwNEixQBnislc6wAQSg0N_Jeai6dqxQGP4kEBytjXx5K3Lsb3_tRPUASTddKBCJJobltSEJeRejFNdSMMbCw3uQ2UeOfYD6kvE7P03fmC0_AbmPKJI&sig=Cg0ArKJSzBG-gF4UUDZwEAE&cid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8ajZkLx5mmQxgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D750,480,1110,1120%26tos%3D2014,0,0,0,0%26mtos%3D2014,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2230%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D619%26pst%3D417%26dur%3D15018%26vmtime%3D2088%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D2014%26dvpt%3D2214%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483641%26psv%3D7%26psfv%3D7%26psa%3D0%26ptlt%3D14671%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2014,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1682334169771

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_016.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 101 KB
102 KB 795ms
794ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_016.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2742572fbedbbd153f7a809fe9a92e6ee98c4aec4808e4db5e04482ab1d0248

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:53 GMT
via: 1.1 27c8fa1293b3ecca6804886739b2d020.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103841
last-modified: Wed, 29 Mar 2023 19:08:52 GMT
server: cloudflare
etag: "0d593404cfd6c786a626b4f559143011"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XadUCM%2FIEpcqzuJImeX4y1YJJOkcQtpFeGgjJZIyAC%2Bh5yD03Dk4yP7v9XK5gks3tji8Zzn5zjZnUBAkbSyULN31iUULSDkniNDO68J74dCly9UPs5wEG3CnvXIWEfMd3Y%2BqjzXuRm%2FFVReh0DconDFn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb45ecf8d943-HEL
x-amz-cf-id: iCGELyyuorvynBpz1vAt3nJpScR7wYpJF3MPnKzTwfORkO-BpvN3Qw==

GET
H3 200 audio_020.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 40 KB
41 KB 614ms
614ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_020.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ad750fcb6916ee5d55b71600eba96a833237cbe6a5aeeafe8d194eceb308ce

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:53 GMT
via: 1.1 f74ebd28d1b7fe154fb59d89abda909a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40818
last-modified: Wed, 29 Mar 2023 19:08:50 GMT
server: cloudflare
etag: "c53c4f7b992cb719252ff1eb6db579a2"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMw9hpSteDy53UtNnRLEeHC4JWJpijPLTiOsi0EosKtFwePd0jvkkEeBTIKvzYMmjNI5Py8OPzOY73Js2kPQ6FudJ5eAK4E94h%2BMFMJ3heKEApOJaWHiBFcLAky39VuZWj4AGDcppDZfsP6BEFzOmPVc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb47a9fbd943-HEL
x-amz-cf-id: IvcIuG-ywQk-KdH1Lil_POsR5YUbvMg0xXWgnhbziiEP2iYaIRi9qw==

GET
H3 200 t1677756445_01_640x360p_30Hz_800Kbps_017.m4s Show response
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 153 KB
153 KB 322ms
321ms XHR
binary/octet-stream 2606:4700:3032::6815:55f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_017.m4s
Requested by: Host: onlinehikes.com
URL: https://onlinehikes.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y23-5y25-3y26-4y27-7y28-57y2b-130y2f-132y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x23x25x26x27x28x2bx2fx33x3ax3bx5dx61x68&abt=Banger
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127798e1d5224044f402e7d45a9ab0efe8c3578de7a2feab5e96fc93d4daf670

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://onlinehikes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 11:02:54 GMT
via: 1.1 79b38e01cf5e16de2ad2a0ec2187e7f4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 156221
last-modified: Wed, 29 Mar 2023 19:08:52 GMT
server: cloudflare
etag: "d1b9a6cfc031ee839cc4e4d395b60bdc"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQXBS3r0yurPP5rr8IAU%2BBgke%2BxxoAReVlhPmCMXisFB0boSbEG27gCvm9jGrnsMdPPbsVQVDF8nZWBoIUZhu11%2FyG4eeCAbkKSeZ4tw6E3qNNtRkbTPUUi2avIkCGkRugWGu6lOgGiZMpvvi%2F8ZSSXx"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7bcddb4b7edcd943-HEL
x-amz-cf-id: 9ddhVX8OHAcJgM4UitCb9t0v0N_CPeydTIiExzGfw19nIcu288ewPA==

GET audio_021.m4s
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 0
0

GET
H2 200 dc_oe=ChMI1cnLlK_C_gIVRHKkBB0Thg25EAAYACCh_PdYOhoI1_rQxAEQmsn0q6oEGKCI9OEDIIj3tri0EUITCNi0pZSvwv4CFR-WJwIdlK0BsQ;dc_rmcid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8...
ade.googlesyndication.com/ddm/activity/ Frame A4DF 42 B
107 B 107ms
103ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1cnLlK_C_gIVRHKkBB0Thg25EAAYACCh_PdYOhoI1_rQxAEQmsn0q6oEGKCI9OEDIIj3tri0EUITCNi0pZSvwv4CFR-WJwIdlK0BsQ;dc_rmcid=CAQSPABygQiDO7ucolFtuYFhjQNjE8InNL9CIXFoaJi5aUIuQjm4SnSYvJAFXCi4-qHkU2T4Hv8ajZkLx5mmQxgB;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D951%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D750,480,1110,1120%26tos%3D3781,0,0,0,0%26mtos%3D3781,3781,3781,3781,3781%26amtos%3D0,0,0,0,0%26mcvt%3D3781%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3997%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1020%26pst%3D417%26dur%3D15018%26vmtime%3D3947%26dtos%3D1767%26dtoss%3D2%26dvs%3D1767%26dfvs%3D1767%26dvpt%3D1767%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3781,3781,3781,3781,3781%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D16440%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3781,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1682334169771;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A4DF 42 B
64 B 101ms
100ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbLXl2GFGZNjoPJ-snsEPlNuGiAvIlfvoboj3tri0EbO-zcvHIhABIMv_lGdg9wGgAdyt2rsCyAEFqQI6iMAATmqyPqgDAcgDE5gEAKoEjgJP0Arlw0VnX7sEMNz8O-f9q5E7i7-kPH_au0FE-SXT5as-T-PXCnn_lKVlTMIoeQNABY9dlun1kqgzxTOtOThqVDsfyek47--b1sJwtWkkuHMIx0idGqUNbCWb5w6OGoH-1M9V0nsP4RPJAk7hgISIRetYsTn3NxbrMzQpr96brO95qihZ9Li6OqmQx5lwgqiwvIJc0Vn-PlPysHw5ywNXTlgYfw4f9qFTHZ4vbkVPb5wk6cR1Fcjaa7dOtDQWmlifdsum4G01OY3PRyfH5getf7qCpr-HFZRAY7t_I-IWKQxFh4P7YhQWOzB9MlOKkumJyHGZF8PSHZGXnQxUHvDztDeJN57PkJQcp24RWkvABJrJ9KuqBOAEA5AGAaAGdoAHjNKlxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUwNzkyNzc4OTMxNjI1MDSACgPICwHgCwGADAGwE-zqjRLIE6CI9OED2BMKiBQC2BQB0BUB-BYBgBcB6BcF&sigh=To2MHlh-hmI&label=videoplaytime25&ad_mt=3948&acvw=sv%3D951%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D750,480,1110,1120%26tos%3D3781,0,0,0,0%26mtos%3D3781,3781,3781,3781,3781%26amtos%3D0,0,0,0,0%26mcvt%3D3781%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3997%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1020%26pst%3D417%26dur%3D15018%26vmtime%3D3947%26dtos%3D1767%26dtoss%3D2%26dvs%3D1767%26dfvs%3D1767%26dvpt%3D1767%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3781,3781,3781,3781,3781%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D11359%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D253020923%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D16440%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3781,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1682334169771&sdkv=h.3.569.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NDY2OTc4OTA3NDJAhwQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDk1OTE0NTIyCTE4NjUxNDk3N0CyAlI2CN4HEA8lAABwQSgBOgs0Njk2MzExMDItMUIER0RCTUiIBVAAWhBNQmI1dllDVndwZ3VxbXI4GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 11:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET t1677756445_01_640x360p_30Hz_800Kbps_018.m4s
streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D

Domain: streaming.humix.com
URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/audio_021.m4s

Domain: streaming.humix.com
URL: https://streaming.humix.com/contents/yOYignddahSMfuCW/1680116923/t1677756445_01_640x360p_30Hz_800Kbps_018.m4s

Verdicts & Comments Add Verdict or Comment

429 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlinehikes.com/	1970-01-20 11:18:55	Name: ezoadgid_273299 Value: -1
.onlinehikes.com/	1970-01-20 11:19:01	Name: ezoref_273299 Value:
.onlinehikes.com/	1970-01-20 20:04:30	Name: ezosuibasgeneris-1 Value: 5409fee8-4f39-4a56-637d-453f2f69f2eb
.onlinehikes.com/	1970-01-20 11:19:01	Name: ezoab_273299 Value: mod46
.onlinehikes.com/	1970-01-20 11:21:46	Name: active_template::273299 Value: pub_site.1682334156
.onlinehikes.com/	1970-01-20 11:19:01	Name: ezovab_273299 Value: vmod1-c
.onlinehikes.com/	1970-01-20 11:18:55	Name: ezopvc_273299 Value: 1
.onlinehikes.com/	1970-01-20 11:20:20	Name: ezepvv Value: 0
.onlinehikes.com/	1970-01-20 11:18:55	Name: ezovid_273299 Value: 1160676071
.onlinehikes.com/	1970-01-20 11:18:55	Name: lp_273299 Value: https://onlinehikes.com/
.onlinehikes.com/	1970-01-20 11:21:46	Name: ezovuuidtime_273299 Value: 1682334157
.onlinehikes.com/	1970-01-20 11:18:55	Name: ezovuuid_273299 Value: 5da98512-be15-4855-6edf-47c0fbf8ca9f
onlinehikes.com/	1970-01-20 20:54:54	Name: conv_person Value: {"$visitNum":1,"$fvDate":1682334157}
onlinehikes.com/	1970-01-20 20:54:54	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
onlinehikes.com/	1970-01-20 20:54:54	Name: ezohw Value: w%3D1600%2Ch%3D1200
app.convertful.com/	1969-12-31 23:59:59	Name: session Value: o43n678nnir3u9vb685j8js739
app.convertful.com/	1970-01-20 11:18:55	Name: site_3240_session_id Value: c159584fe1f9f10c60b09c5ca6168f7602691faf~3240
.onlinehikes.com/	1970-01-20 20:54:54	Name: _ga_LX9X88H2DE Value: GS1.1.1682334158.1.0.1682334158.0.0.0
.onlinehikes.com/	1970-01-20 20:54:54	Name: _ga Value: GA1.2.1773331551.1682334158
.onlinehikes.com/	1970-01-20 11:20:20	Name: _gid Value: GA1.2.1320421169.1682334158
.onlinehikes.com/	1970-01-20 11:18:54	Name: _gat_gtag_UA_126691063_1 Value: 1
.quantserve.com/	1970-01-20 20:49:08	Name: mc Value: 644661ce-660b4-945b9-43ec9
.onlinehikes.com/	1970-01-20 20:43:22	Name: __qca Value: P0-302685860-1682334157966
.doubleclick.net/	1970-01-20 20:40:30	Name: IDE Value: AHWqTUkTRi-nFCkjF0kh70USp9-yJTXOccD_pFuHzQsKtkKtvP2ohWI2sHb7s3OsVlw
.onlinehikes.com/	1970-01-20 20:40:30	Name: __gads Value: ID=a1ab864f712d8fb7:T=1682334158:S=ALNI_MZyERDWyYg7-LOMIRmH-zmBI4DTkg
.onlinehikes.com/	1970-01-20 20:40:30	Name: __gpi Value: UID=00000c08d172b0d6:T=1682334158:RT=1682334158:S=ALNI_MZr16JNZJI40V-7DcBpIA5e52srfQ
onlinehikes.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 100
.openx.net/	1970-01-20 20:04:30	Name: i Value: f93f9182-a6cd-40e9-8a0f-3c33d2102be4\|1682334160
.criteo.com/	1970-01-20 20:40:30	Name: uid Value: 02f503d9-ccef-4d07-8a1e-10424f0a86e4
.uuidksinc.net/	1970-01-20 20:04:30	Name: jcsuuid Value: JmT2TrWp3xc9do6HE0bZ
fksnk.com/	1970-01-20 11:28:58	Name: AWSALBCORS Value: apQV5r0GyIBHOpNP5QvZkYjn+dxaKs2ZazzkPWcb9JtQFwAQ8NvObuyYcwzIxYcp93ewV2JruPCryBRXhxNROm94ug8xHJ5o7BeeKFsOZ74Jg5kDj4tlG0yKYAOY
.fksnk.com/	1970-01-20 13:28:30	Name: f_001 Value: 15881E7C376E0299
.fksnk.com/	1970-01-20 11:20:20	Name: g_001 Value: 1
.de17a.com/	1970-01-20 19:57:18	Name: guid Value: 1.2130031478888809012
onlinehikes.com/	1970-01-20 12:02:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.media.net/	1970-01-20 11:39:03	Name: data-g Value: CAESEFgMM7tclNfHosrwWQ7J-8Y~~3
m.stripe.com/	1970-01-20 20:54:54	Name: m Value: 99c7f940-f058-4394-86d3-ec900bdc8712633886
.onlinehikes.com/	1970-01-20 20:04:30	Name: __stripe_mid Value: 9834168b-7dd2-4f2f-8c1f-0d451f3cb3a41b75f5
.onlinehikes.com/	1970-01-20 11:18:55	Name: __stripe_sid Value: 34dd586d-b902-4a94-9dbb-9d3a65c7c415ff1a22
.casalemedia.com/	1970-01-20 13:28:30	Name: CMPS Value: 5165
.casalemedia.com/	1970-01-20 13:28:30	Name: CMPRO Value: 5165
onlinehikes.com/	1970-01-20 20:04:30	Name: ezux_lpl_273299 Value: 1682334162453\|20624c51-d2a0-45be-6bcb-107e740ffeef\|false
.media.net/	1970-01-20 20:04:30	Name: visitor-id Value: 3253357625474373000V10
.casalemedia.com/	1970-01-20 20:04:30	Name: CMID Value: ZEZh0p3M-8m45Yg1gcsq0gAA
.rfihub.com/	1970-01-20 20:40:30	Name: rud Value: H4sIAAAAAAAA_-MSsjA3NzWwsDAxNTAzsTQ3MTE1F-Iz1HXzrjCPNw3PTUkscAQAhNArPyQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dS0wT0wpTq4wd_My8HA2Ss30K7XISAcA0cU6wh4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjA3NzWwsDAxNTAzsTQ3MTE1F-Iz1HXzrjCPNw3PTUkscAQAhNArPyQAAAA
.bidswitch.net/	1970-01-20 20:04:30	Name: tuuid Value: f2c1d672-6b43-42f7-8197-c85f19578eab
.bidswitch.net/	1970-01-20 20:04:30	Name: c Value: 1682334162
.bidswitch.net/	1970-01-20 20:04:30	Name: tuuid_lu Value: 1682334162
.pubmatic.com/	1970-01-20 11:20:20	Name: KTPCACOOKIE Value: YES
.c.appier.net/	1970-01-20 20:04:30	Name: _auid Value: 1o5OxoxbABWza_Tv0mFGZA
.c.appier.net/	1970-01-20 12:02:06	Name: _gu Value: CAESEKZrbB6XlaPbWgzA6WzwKco
.pubmatic.com/	1970-01-20 20:04:30	Name: KADUSERCOOKIE Value: A2951ABB-C06B-415C-853B-A4F86CB806C0
.zemanta.com/	1970-01-20 20:04:30	Name: zuid Value: dA6zrCGDtCxWtrWyj4q2
ads.avct.cloud/	1970-01-20 20:04:30	Name: uuid Value: 5c3c05b8-d8a2-4755-87b9-9a1107d80457
onlinehikes.com/	1970-01-20 20:54:54	Name: conv_lastEvents Value: {"15870":[1682334163]}
onlinehikes.com/	1970-01-20 20:54:54	Name: conv_session Value: {"start":1682334157,"shown":[15870],"startUrl":"https://onlinehikes.com/","referrer":"","expires":1682335963,"isNew":false,"pageViews":1,"ab":[15870]}
onlinehikes.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 226
onlinehikes.com/	1969-12-31 23:59:59	Name: ezouspva Value: 5
.rfihub.com/	1970-01-20 20:40:30	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dS0wT0wpTq4wd_My8HA2Ss30K7XISA_iNTSzMDI2NjE0MzEytnzFiMw3MQAA_pZg-T0AAAA
.scoota.co/	1970-01-20 20:54:54	Name: tuuid Value: 35865027-ad7e-4af1-b842-6a2016ca28b8
.scoota.co/	1970-01-20 20:54:54	Name: c Value: 1682334164
.scoota.co/	1970-01-20 20:54:54	Name: tuuid_lu Value: 1682334164
.doubleclick.net/	1970-01-20 11:18:57	Name: DSID Value: NO_DATA
.onlinehikes.com/	1970-01-20 20:40:30	Name: cto_bundle Value: yWFfll8ycWtORTZqZXdXRkdKVW9FTnJyaUNaN2RXdCUyRmpqT25zb1UlMkY5djY4TjRKT2RLYVR0MHklMkZxcDV5STlFaHZLeGU2Q3k5R1REZnFGNmlBZ2RFeDQlMkJ6WGJZT2UzMzNlJTJGTE5GRmdoWUpSYld5cjgzV21CYkwlMkZzTjBXS1hPR20lMkJBSkxBVmV3SUd1UDEzY0xxZ0lUOVZVa1BFZyUzRCUzRA
.betweendigital.com/	1970-01-20 20:04:30	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 20:04:30	Name: tuuid Value: 582baff5-17d1-5272-b2ed-d852d6abb984
.betweendigital.com/	1970-01-20 20:04:30	Name: ss Value: 1
.betweendigital.com/	1970-01-20 20:04:30	Name: ut Value: ZEZh1gAIHiBnylxUlK3dPaanc6QIfXzdeBIfLg==
.bidr.io/	1970-01-20 20:47:27	Name: bito Value: AACKOE7IjMQAACC_HI6pYg
.bidr.io/	1970-01-20 20:47:27	Name: bitoIsSecure Value: ok
match.sharethrough.com/	1970-01-20 11:28:58	Name: AWSALBCORS Value: vSQuZYIK4kEgN0jczcBgOCVxZZXlYlzrQ5ACf52j7nzLqlWMgu3S0mz3LpNJ22+D7xsbSwI/P1vpXA8QxM8gdwhQ38dbSVvfzqSwmv+CeGrYv8q4LGzV6DPmqRH3
.creativecdn.com/	1970-01-20 20:04:30	Name: u Value: jh9108M8WmOcxqvKpd8d
.creativecdn.com/	1970-01-20 20:04:30	Name: ts Value: 1682334166
.ads.stickyadstv.com/	1970-01-20 12:02:06	Name: UID Value: 35ea5ccb1d7cf646d71f91ff6b2ebf8a
.turn.com/	1970-01-20 15:38:06	Name: uid Value: 3013302386049305321
.adnxs.com/	1970-01-20 13:28:30	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2GU^MMj%q!@wnf-Te9(SNP7Qd)KmvZ0s#KWx8f^FueczFSTDfE<^ihDCT+2D>IsfV?DyPElvb_sFAA?(j'5?)fy*.SZO2F
.adnxs.com/	1970-01-20 13:28:30	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI5ODdiY2E5MWMwYTg0OTI3MDI4NGQ0ODQxOTljMGJmOSIsImV4cGlyZXMiOiIyMDIzLTA3LTIzVDExOjAyOjQ4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA0LTI0VDExOjAyOjQ4WiJ9
.1rx.io/	1970-01-20 20:04:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/	1970-01-20 20:04:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-82e2f180-a0c3-4cbf-972a-1edbe6a06dae-003%22%7D
.smilewanted.com/	1970-01-20 20:04:51	Name: sw_user_params_infos Value: r6J4mlKcelBQrG%2FP55%2Ft8om1nYSlR%2FUdpJZAxEglHvENt%2F2TqWidw%2BjM%2FT6uMoqvHuhqBZ0lJNE8lz3OWxDobjUXNb%2BSdgxlCng9oAqjFvJ9v%2Folubp5AKKZ7%2F3Y9HXrtZWR1RPt81HJa6PzguWoZbd6j%2F5wa3KsyhH4gU85TIAPjxSJkndWj0onK8CQkr%2FqHxnoSrrTgi6AgsXTC%2BNPnBnuRGXiRTYYEkKy6OJjZLrBUraJ6A9994bLEF24Q60i66Kn5Qm2VhpuOaGCC4Cyxr5hreZ%2BgXNyDc%2FFqp%2Bler9HKgN7T7WMK3cPG5c4ILIbIBtX6zAsrBbPHZV4L6funeAOvZW1ylNZLvaY7XsR0yE%3D
onlinehikes.com/	1969-12-31 23:59:59	Name: ezux_et_273299 Value: 0
onlinehikes.com/	1969-12-31 23:59:59	Name: ezux_tos_273299 Value: 15

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9771e6c2532a277d52f4c2a55f6dafdb.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.betweendigital.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adservice.google.fi
ap.lijit.com
api.fouanalytics.com
app.convertful.com
b1sync.zemanta.com
basher.ezodn.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
c.bannerflow.net
capi.connatix.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
code.jquery.com
creativecdn.com
cs.media.net
csi.gstatic.com
csync.smilewanted.com
d5p.de17a.com
esp.rtbhouse.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
gcdn.2mdn.net
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
js.stripe.com
lb.eu-1-id5-sync.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
onlinehikes.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid.smilewanted.com
pubads.g.doubleclick.net
q.stripe.com
r.scoota.co
r2---sn-5hneknee.c.2mdn.net
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.uuidksinc.net
s0.2mdn.net
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
streaming.humix.com
sync.1rx.io
sync.richaudience.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tpc.googlesyndication.com
unpkg.com
us.ck-ie.com
videosvc.ezoic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.onlinehikes.com
x.bidswitch.net
streaming.humix.com
sync.richaudience.com
104.18.33.52
104.22.68.131
139.162.78.222
141.95.33.111
141.95.98.64
142.250.181.226
142.250.184.226
15.197.193.217
151.101.128.176
172.217.18.2
178.250.1.11
18.192.83.3
18.194.221.34
18.213.43.223
185.184.8.90
185.64.190.78
185.80.39.216
185.86.139.101
185.98.54.153
188.42.196.115
193.0.160.130
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
213.155.156.181
213.19.147.45
216.52.2.30
23.35.228.23
2600:9000:211e:d200:1b:5138:8a40:93a1
2600:9000:223c:400:6:44e3:f8c0:93a1
2600:9000:2250:3c00:a:e047:752:b361
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:20::681a:70
2606:4700:20::681a:8a9
2606:4700:3032::6815:55f9
2606:4700:3037::6815:2ef1
2606:4700::6810:5714
2606:4700::6810:7daf
2606:4700::6812:ae65
2606:4700:e4::ac40:a602
2606:4700:e4::ac40:a702
2606:4700:e4::ac40:a821
2620:116:800d:21:ef75:8280:f209:5ba1
2800:3f0:4005:407::2003
2a00:1450:4001:800::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9a
2a00:1450:400e:8::7
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::c
2a02:2638:d::a
2a05:d014:776:a63f:551c:5660:31da:fe01
2a06:98c1:3121::3
3.72.161.227
34.102.146.192
34.120.107.143
34.208.115.43
34.96.70.87
34.98.64.218
35.186.253.211
35.190.39.111
37.252.171.52
51.89.9.252
52.212.164.179
54.171.31.74
54.186.23.98
54.246.170.47
54.247.79.230
54.72.22.153
63.32.87.212
64.233.184.156
65.9.66.122
69.173.144.165
70.42.32.191
8.2.110.114
95.101.54.217
99.86.4.122
004c8a0f7d1413ab1fa301e0136099bb7346541ea81045c5d6456e028b167997
00ad750fcb6916ee5d55b71600eba96a833237cbe6a5aeeafe8d194eceb308ce
011320eba21b56c24d673e0f362793d4760291f036ee94a090ef03d7963b24a0
03d96db9efe1e9f0d000ebb92e4e1f4c5b513084209c2bd3310d1048522ea354
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
0809390e3150521f5add76fee2c09ae7212b937dcc9f3c01dcf770d18d35e75a
08f9966298220687808afbc8aafdabec798180d8dc44438bcd07b6273a595283
09a4f646ed9291f4c8a93216140087d71607cdfc2fe9c2f6ac3732672cc2efa1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d11f3b492f1fcae2dacbae4719e0c9b5b329f7d71928eb2ea029cbc2107541b
0e17f9a671121630c0e8539deccc35e3c517a0b756b58ae5358d11ea03f973d8
0fd02abc0d2510f9ddabfc2238b08308b7861fb341df462c3360199df3eb1835
127798e1d5224044f402e7d45a9ab0efe8c3578de7a2feab5e96fc93d4daf670
13579d49d70f2a1e642dd8146e524aef66756cc5c8a637bcadfaa786f8096ab1
13f85d1a5d720678036c9a0003a255cf164c1aa5bdb0437cc17abe7b2ae4be28
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
16b812cd5e88e56a3d00fd634fab88cbdcd675805ce837affad79390ce86976b
16bc17048cc4a434d653e858bc93b7a4e048477bfc9b7c46b3c101743978f6e4
173c4bd1da60e56c4ddfa4a9c404be184a8b464b62f2e98c761c2bc79e3bd474
18b1105f000ee53996c9372a05b339026eb727e065b4e65b778ba0e21a48b520
18daf2a6cb3dfe9ececd611ad081f269ab8824a0c8c0b9b9a3f4a3b163863918
18ea077555cd3fae9fcebbbffca6043a25d99ebae2fa2b1398f29b19f76ca9ee
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2
1b2a42a0ef5d28aca6939b7701ef798c0d8776416716ad35beb454ff237cb3f7
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e1885b7e52ab006818b77a121701d3d083119d232ec87b85c421bd03e1a9e8d
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f779cb15b5d3053757898dfb57b747b8a0eff10554d426c1e588559b8b8816f
1f91dd101acc5294894c5dbe08ec99bf003376e029cc8a873f2b9bd321d4966a
20014d357c99cdb2774f28f252e588644c55be2e006ea9b25172d161176cdab5
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20eb590f84065974bd0cfd89083f00c7b70f00d315e75b381bce3bf9fe7b0b6f
237bd5f1fd786c6e2db3e1538dafb1cf7c03892b520efc75a6f86278cecc254f
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24c3971e721280f91cca7373eaa229cbcc01fbe4de055ca90f5784805f0f90bb
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
26496fcfef2da9ebfaa80d8afb005688ebde40bc77f3f3f68c3c2c94872afdaf
267971697e6b4a8a5c5118e363736f49e16d5607ce93ff54141fae4ba886cd2b
28ef7d683e59de8ed362a4613f1d44a006e387b383d465aa0fb4221a734fc13a
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
2c03ab66542cca583defd0c369e098ee4cc364a1eeaa0de7ccdafbe5281691df
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
2cc52cbaeab90cf070de5c9552f708de892b8bb527d82b993284141cf60ca7b8
2d76e9808cb6eabd8764fb7b8d1d14d051b005683b136d0ea70cc4da7880b0d0
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318988fd48342d61727c108244a2eedb2e293fe725d7a8232e8b6fcc6b045154
33334d50a0df2e9ec8f0d059e98c23f1bbd0538cd20da08c8eb9e916492250bd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b51237a514c8362d64d43c17abd3d4fd2e3a586c8a55c32bfde0c0e1c114aa
3919770e02fec69b5d2ada8c8d5693c90da60766714795000b84dad168d45606
39ea08c71daeca5b34f851f208133d5d57aa37854fedde6e0f232a6275a08a26
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
3acb8501ca0ccf2b3312b14248b75d76f2724759b0044d822ff7a56d83323651
3ad6b4cd9fdd1156ea742d8806d7d22f787ac9570a365aaa3a4903e25fc820c6
3b0fd93dcc3bdca19d91ca1c1ace0b8c063d65dfa683d06f584592ec22b96d32
3c272c1715dfaaea2f30e7f06029b07d50868b6251a4f802edff7b9bf88b5263
3c49fa98089c47a1b07ff44f2d1b88fb8af00f813aa90c2de15bccb6ea7ea450
3ebc4b940b84e904bcf7849dcdf7e8f0a8a8f1e3f130e6e17caccf84b9e3d2d8
40ce09d06c81a221a73b8fb5b99aec7e77d3040a7fc2cc4c171b2a0bea03d491
42c61068bd173843fd9acbb57e9952f3f992b5cae3b7e7303dc71f4308445849
437aaab801f623ed2c7fc510f8547038c9c2b22a7ce1646576fb0f62746e0a79
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
478eb7c753d917eaec1f96a0b86447e091229acfe3319377b240e03412be3e2e
48142db38e1b9560e206d1bd0d480656c912a41a165df1dffaed5a8a0818db5f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce5dd47a0e09f8e275b457f87c2ad6479f41aca2abcd9380f14de820e1e0299
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de0624ddd97d350c60e4f32b945a846d2a8059704bb9e153cb465daae59fc22
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eff98a45b4e751ca45b72aa191b2597969901162c8bcba469d0c59febb000e9
524bfe83fbc8a2866b79b93e4e16ce6d250b783b68318fa0cebfbe6f0f6057a7
52b75d8c4e3bc01837b478a68a14007a8c02336ce82f86aad3e732d4fa5f89b4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54880117fc22b1cabed2ebf66a05d73a40a2dc95da7cf13ab255300d3c655f13
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
58af2444003e3b3ad7ca4d04b6ebb46fa1837561849aeb1572a058d13c72947c
58b00fc3a2009a8b1f71b68c32783c04f4ac208881f6ca7bbb5e8f9db096f67e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59ed27e06a2bdc7f5397ecbf4398cb40e2bac5bcfec5ed7ae294ef13a5ea37cf
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
5b6e344101d75e8d56ba0182c8a91f8b337635d0229baee8319fc30eb4a66397
5ba531e93a04800be25647177e212c6e0380c254d91cf25d02393f7ad72697b5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd6bb0ab026ddfbfedfe45b533388eefd7e831a753454095d745526526e8a11
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626540ed605b8dfe556dea8121b4a05c0085e2068862da5bb1070d8ebaee77aa
6334ceb12d67c20263fcf14d4359519789b55246d876bfb634897d6fe2c77798
63c4b65d4faa76172d62c4a181350c5a0afc5a334844535f0432239f667bab6a
64dd1748937ebb38b49b0ebfc019a0124bda5b1f52bdf815695c9c494fd2a18d
65f277119572469457505c574167e34d60ade9b7145fdc37e6fa428e4715303a
6682a9413abbfc3521276d752a35ec7be74245228e33f46850d5941e5cb2fd19
67cad45cafdc3c1f5cd60efcc6ad2a46481a03389a96129a9d447e40c9810a6e
6904da84360decdba3a7858e1d4b937dd064eea0c455fc8ae7fbead55695538a
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6931e33d83824263b3d1129193d4d145bff943a65b126c84e0f43de01192cb05
694b47afce1ce6fb118454a061c95624d8e738717bce39930c40ce19954e8504
6ac48a7c704eb512addd8690ff165f87f9757f986d2ecf6b3f12c2ff077cecbf
6b8569c3c0dcf9688812cadadc38e482ef9f48b772bc345cef2c893e046534b9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cff3f2db8da4d56046ae2909c76a66f2b856558c7be9a044c6afcc0cdc4e0f1
6d5dc98f8fcc90d2c6db9f621b2441523be518c0be537aa8a7afda440b863487
6ec8689f0579f760ee7d27651532bfc948f159d97b09b866d778186fd7e40697
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
720e93cac39d69e7b931f74fbb57f470370069b9ea96c3f264b68bf28adbfcca
739e3e00ba1779d6bcbdabf5d9e5045f4de8cbb150424908d61da1ff94748d3f
74dcc1a1abc9b09ae9c21b7048ba8898cf1cabf17af4bad64accc38ea6155898
751044432f7a199d062f4f68e0f6228ad07a5bd38ebce2cd3cb5ab68eb46bae3
7566a3bebc23fc52335c665a15f9134545403f52ea80d5674239725e57be6be9
7805a5f4fa01d8be4743c01a6f8582f4a16d520ed955fc627b4fc89497355210
7982286c34d6b7a2b3e48e790790da4a95dc66a85aa359a7db9085efb7fcc0d8
7d61cfa7979eb5c12a8b5dfb4d11cca4bfdfa0fbca11ee38eaca0a819762ddb9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8062db11dbf7fab9548e63f78fae1a9977df058cbead1d3e123732658dfbadc5
80f209c6f826eefe7fd31940173a19e3e6ef055cda717d9ff8f652df667fde3f
8267fff83812be963aa5b742d19ba72a9e05a352c420a84666681e3931aeb654
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
83b7ecebe64d2f474924070171c64b5d1eb7fbb4e372ba3fe8f59bc4819be083
83dbbfecf67fc311ea465148ecbf0fdc4bbe89bfd59ad1ef6792c3b9fa4c96d1
844f927aa74d164ccbbed08e7f24cc8aa952188afde943e26ca79ce51b1268e6
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
8a0de0cc1a598ea51e03622da3ba3894955d574274be6fd2fce5c0bf03a52d8f
8ac29b3dafaf80097d78b9cbf67c548a9bb92eec92c21278f777e09394964db3
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff
8bf0b44687a23a8fd0336a440411dafb7312bf0f1674639952228b3aefce2686
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e19b1f4221e6d0540a35aa0c7771dbcfb0913176e199d5ec30c68ed342cb1a6
9013dcd3fc04383344f40217cfe7b73491dcd7c7cfbe5cd6b56af7e4cd999845
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93270958678dd382c1a6b232913a06cc2eb6d07a21a40a519acd3bf985afb0c2
93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501
95fddd05f6ed8292c1dacadbbdbcc5debea42bd04c7d3dba3eca5a71f371e8cc
98636ef0d0cb95418b186ecc74f67edda39b000438a4d541edd97b32e8e195a2
99475a603969ff00fb09bc2beec2e3f0cf66d8bea8f16f78719edb344ade2dc7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d5244c31d5d3e4749afe6d1f42182e5d8780e784e6b68f17a27b430e69c7d82
9e849e8e5c625e50fb7cb4e8d83324a1df27879012fd15888d3425c6752be7b6
9f058d8771936f2b6729952bd7cca12634051931e1c56f2196814540d98731e2
9f0d654f743c9321fa231c5bfddd26df8293c658f73b44e17eba86beb838856d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5242d2e5d2b87110d894c303a479b0a7a94662e21979e27d565a92d43f4ed29
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a653b3656efa4427530c03d65c78d8677a4d7ae68e4a67760fb88d1b9d356636
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa57b70198baab2f7f95185f7002369b800d9202bd325beeb930d5b85bf808e7
ac1d92db9c0978b83183e37ea341dfcc5745be4e07b6153b8c4256fe7b2dbfba
accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b2688cef498c5c9245b237de41211d6181adde39aff48eb5aa7535da9ea9daaf
b2742572fbedbbd153f7a809fe9a92e6ee98c4aec4808e4db5e04482ab1d0248
b70bd5ce8c7a5018e98bbde4b2967c003553b795ac78bbc0fa577f0ae890420b
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7f27db79db050005c1655e81e7279c1c53aac53e708a733b8dbef8e093d90f4
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bb1f56f4887b08941278f0b72350649741e96c70999e6033fb4e2aeeb638bf24
bbd3e5220e9eda0e6982e9b3e3c1c3168e9c26e43a3b6662ace2f03dde6e217d
bc50765e66d76cc574a3c0f70d626e4aa562ff608b46b41c31fdcd4981a0c5af
bee2628f7e2c17f64a87d5733d7c9870ed5a12d8b9e13ee1fd6b4b24fb4f20bd
bfb824cac00a2a1d170cb0ee9ec87c303a59215db4e36e921cbc758cf627d053
c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3
c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab
c18bbd438f3e5d62373efe274e1bdd6aeabaa1f78db6b4dab43f21b8b0325f01
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c5630153cbcb33b5638bfe160f6207cbb748130665d642463391af3e53f14fa8
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c6cd899a2d5fadbdd3fefc8794d51f1cae685e7104b8d9bfd3b884b6e036c57b
c712c9ffdac7afa59a94f1356782bdfa755754b2eee0cbc134a550b6e6c2ac90
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb203da91b3fee59f83138992e73681d4c74baa97fbabe103a81185edcb105f1
cc13a70a18b4b3413cebe8adc9c5cb7a2ea01734d933cb16658be1e19bf978a9
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cdd44723401b3320d5cf27895641b666dae1fc5d8cd32e2ee941bfeb4b397369
cea8d55947cad12ee2eaa41e305389090b076a49d6823cd14bc6d7edde5ea706
cf27d74d62af90b9bcbe2d87feb150c433c700e11ede5bb8456b3e1801e3816d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d36140b823749ba56bdee43ebf48281c24eab18bdd65f1c1d68e9fbe99428d
d12ebdf4cd37f38ba09bd4cb87c832d8321e0c9a232f2eefb66b497884cb776f
d30b7eb0f4253a072d49cabc0744e4a4ef900f35f0c263042e8233d9d21ced38
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d9665d0f43eeaa1e524c084ce3d845df58d397050a1246e18a70b9dfcd271a59
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd52a5b62fc343de80869af721c27421538c1ff8dad774fdffef48775ed04914
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df5b1c75167903b6b7ac21d651ce1052867767ce36258b85ff6f37799d4ca253
df754855dc8830cd823df187699d05b70145d5fc1b53f02fae970fc48ca7ae99
e0a421e28ac9dccdada9a45232766c61f29ff47bf64b27dc8ade73d4ce5e1b41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44e3af2cace163bf2dcde9d45a3d566c9204bee21bdfd552389a7b07349f1f4
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e88015657f68b0a20e6f685cf6612abf047345617d75c293a1d82e1ed3145f68
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
eaf8db3ac7109bc52b68f8049852dbb5dee3e39f24e399d7040144f87ee53be8
eb4831b29e7c65c6c5484bc66b70add2cb401671c0b553a1cdc04a7ef212ef3f
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eeb24752805c8987b7afd3858a9c131ffcb22b26e5878218ec6b4f157d33aa2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb9ac9a4eb7de0ca8bd6199c75a7e1daa87c547ebee395ffdb1dd7c434dbbba
f0f9d8610ec0f13c5e6f6862a1fa0a76fe4240eaf2302a21bf8aa21b399d573a
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2601fb72337e9d492df6cbf2c768c2eba584edae07f187de72402374ecb1454
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f62946e59569ef366be7965afeabee46e2c5cce77e8e72b9ede743d0489408ab
f6e929d9f93ac649078b2bbc3b8cebef2f5ee76c1d8be36e19f7ff878c15923f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8cb1119b48ed35418c93fe7663043a318d4c9e223ff887feb58d229d668f0ba
f8d69a31988e66478a4bf667b88eb72ffe6273bb8a7d570448f16459437ba4b6
fbfbdcfc35eb13cf8bab789717ba94c308a40cc82189b898e09f1252dad6d175
fdee3a3a36ac0545d4e302737dc029e4ab4c3370da8d11d7ee86feca140ee550
fe9589b8f223094e638bd6f550f77006121760878b777b9eafb9dee43f45595e
ff5e3211a286bc29c854a3f5d5d07cb92f30af3a0258291305f851353ae64ea6

onlinehikes.com Open in urlscan Pro 2a05:d014:776:a63f:551c:5660:31da:fe01 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

458 Requests

90 %HTTPS

48 %IPv6

69 Domains

102 Subdomains

75 IPs

13 Countries

10833 kBTransfer

18411 kBSize

84 Cookies

6 Outgoing links

Page URL History

Redirected requests

458 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onlinehikes.com Open in urlscan Pro
2a05:d014:776:a63f:551c:5660:31da:fe01 Public Scan

Screenshot
Live screenshot

Full Image

458
Requests

90 %
HTTPS

48 %
IPv6

69
Domains

102
Subdomains

75
IPs

13
Countries

10833 kB
Transfer

18411 kB
Size

84
Cookies

458 HTTP transactions
18 data transactions