www.gohabsgo.co Open in urlscan Pro
51.222.105.170 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gohabsgo.co/
Submission: On September 21 via manual (September 21st 2022, 5:26:44 pm UTC) from CA — Scanned from CA

Summary HTTP 292 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 58 IPs in 5 countries across 41 domains to perform 292 HTTP transactions. The main IP is 51.222.105.170, located in Canada and belongs to OVH, FR. The main domain is www.gohabsgo.co.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 5th 2022. Valid for: 3 months.

This is the only time www.gohabsgo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	51.222.105.170 51.222.105.170	16276 (OVH) (OVH)
5	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
22	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	52.85.61.19 52.85.61.19	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.209.43.118 3.209.43.118	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
6	54.197.83.80 54.197.83.80	14618 (AMAZON-AES) (AMAZON-AES)
4	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
11	108.138.106.15 108.138.106.15	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
6	18.208.240.0 18.208.240.0	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.150.76 143.204.150.76	16509 (AMAZON-02) (AMAZON-02)
1	23.105.12.160 23.105.12.160	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	104.105.42.146 104.105.42.146	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.192.31.127 23.192.31.127	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	199.187.193.185 199.187.193.185	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	2600:1f18:612... 2600:1f18:612b:4200:d9a2:335e:4c76:e4a1	14618 (AMAZON-AES) (AMAZON-AES)
1 1	80.77.87.166 80.77.87.166	46636 (NATCOWEB) (NATCOWEB)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
3	34.202.79.131 34.202.79.131	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.106.16 108.138.106.16	16509 (AMAZON-02) (AMAZON-02)
20	2607:f8b0:400... 2607:f8b0:4006:807::2006	15169 (GOOGLE) (GOOGLE)
1	108.138.124.226 108.138.124.226	16509 (AMAZON-02) (AMAZON-02)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.155.137 34.120.155.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.220.58.99 3.220.58.99	14618 (AMAZON-AES) (AMAZON-AES)
1	44.210.205.198 44.210.205.198	14618 (AMAZON-AES) (AMAZON-AES)
1	3.226.62.124 3.226.62.124	14618 (AMAZON-AES) (AMAZON-AES)
2 7	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 6	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.35.249.142 192.35.249.142	11742 (SPOTX-IAD) (SPOTX-IAD)
1	23.78.200.97 23.78.200.97	16625 (AKAMAI-AS) (AKAMAI-AS)
6 10	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
33	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
2 7	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1 1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:19c6:8f54:3d13:3206	14618 (AMAZON-AES) (AMAZON-AES)
4 7	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1	34.232.126.62 34.232.126.62	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4003:c3c::78	15169 (GOOGLE) (GOOGLE)
1	2600:9000:250... 2600:9000:2501:b600:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.172.24.7 54.172.24.7	14618 (AMAZON-AES) (AMAZON-AES)
292	58

52 51.222.105.170 (Canada)

ASN16276 (OVH, FR)
PTR: wb1.marqueur.com

www.gohabsgo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.marqueur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hetlmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:824::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-19.ewr53.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.209.43.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-43-118.compute-1.amazonaws.com

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.197.83.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-83-80.compute-1.amazonaws.com

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.138.106.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-15.jfk50.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:821::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.208.240.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-240-0.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-76.ewr52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.160 (Los Angeles, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

ww1772.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.105.42.146 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.185 (Canada) 2 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:d9a2:335e:4c76:e4a1 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

scm.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.166 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.202.79.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-79-131.compute-1.amazonaws.com

timber.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-16.jfk50.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:807::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.124.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-124-226.jfk50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.58.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-58-99.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.210.205.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-205-198.compute-1.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.62.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-62-124.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.67.160.26 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.142 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.78.200.97 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-200-97.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.151.100 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2607:f8b0:4006:81c::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81c::2004 (Rockville, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:19c6:8f54:3d13:3206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.72.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:809::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.126.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-126-62.compute-1.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4003:c3c::78 (Tulsa, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2501:b600:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.24.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-24-7.compute-1.amazonaws.com

vid-io-iad.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	953 KB
47	marqueur.com i.marqueur.com — Cisco Umbrella Rank: 282212	4 MB
32	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 pubads.g.doubleclick.net — Cisco Umbrella Rank: 437 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	323 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	3 MB
17	rubiconproject.com 8 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910 eus.rubiconproject.com — Cisco Umbrella Rank: 564 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936 token.rubiconproject.com — Cisco Umbrella Rank: 667 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4436 pixel.rubiconproject.com — Cisco Umbrella Rank: 335	28 KB
13	sendtonews.com embed.sendtonews.com — Cisco Umbrella Rank: 13803 s2l.sendtonews.com — Cisco Umbrella Rank: 14618 timber.sendtonews.com — Cisco Umbrella Rank: 15025 player.sendtonews.com — Cisco Umbrella Rank: 15114	206 KB
11	cloudfront.net d29xw9s9x32j3w.cloudfront.net	508 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	189 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 imasdk.googleapis.com — Cisco Umbrella Rank: 424	704 KB
10	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	1 KB
10	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 275 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232 s.amazon-adsystem.com — Cisco Umbrella Rank: 295	51 KB
8	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 as-sec.casalemedia.com — Cisco Umbrella Rank: 1353 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	6 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	7 KB
7	freeskreen.com static.freeskreen.com — Cisco Umbrella Rank: 45955 sb.freeskreen.com — Cisco Umbrella Rank: 36325	33 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	109 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3387 onesignal.com — Cisco Umbrella Rank: 1231	82 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	108 KB
4	gohabsgo.co www.gohabsgo.co	282 KB
3	springserve.com vid.springserve.com — Cisco Umbrella Rank: 6802 vpaid.springserve.com — Cisco Umbrella Rank: 10553 vid-io-iad.springserve.com — Cisco Umbrella Rank: 7556	91 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	131 KB
3	smartadserver.com 2 redirects ww1772.smartadserver.com — Cisco Umbrella Rank: 52251 sync.smartadserver.com — Cisco Umbrella Rank: 1540	2 KB
2	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 485	2 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433	176 B
2	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 342	1 KB
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 13421	914 B
2	exelator.com 2 redirects loadeu.exelator.com — Cisco Umbrella Rank: 7099	2 KB
2	tremorhub.com 2 redirects scm.publishers.tremorhub.com — Cisco Umbrella Rank: 52206	652 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 394	574 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	597 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1360	17 KB
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 543	507 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 4070	768 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 804	253 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	694 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1522	647 B
1	resonate.com cdn.resonate.com — Cisco Umbrella Rank: 8562	96 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 615	13 KB
1	hetlmedia.com www.hetlmedia.com — Cisco Umbrella Rank: 339181	204 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	42 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 654	33 KB
292	41

	Domain	Requested by
47	i.marqueur.com	www.gohabsgo.co i.marqueur.com
33	tpc.googlesyndication.com	www.gohabsgo.co b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net vpaid.springserve.com
22	pagead2.googlesyndication.com	www.gohabsgo.co pagead2.googlesyndication.com tpc.googlesyndication.com b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com s0.2mdn.net www.googletagservices.com imasdk.googleapis.com srcdoc
20	s0.2mdn.net	imasdk.googleapis.com www.gohabsgo.co s0.2mdn.net
11	d29xw9s9x32j3w.cloudfront.net	embed.sendtonews.com www.gohabsgo.co
10	securepubads.g.doubleclick.net	www.gohabsgo.co securepubads.g.doubleclick.net
7	cm.g.doubleclick.net	4 redirects eus.rubiconproject.com googleads.g.doubleclick.net
7	www.google.com	2 redirects www.gohabsgo.co b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com tpc.googlesyndication.com
7	ib.adnxs.com	2 redirects d29xw9s9x32j3w.cloudfront.net googleads.g.doubleclick.net vpaid.springserve.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.gohabsgo.co b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
6	www.gstatic.com	b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	s2l.sendtonews.com	embed.sendtonews.com
6	imasdk.googleapis.com	embed.sendtonews.com imasdk.googleapis.com www.gohabsgo.co
6	sb.freeskreen.com	static.freeskreen.com www.gohabsgo.co eus.rubiconproject.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	fonts.googleapis.com	www.gohabsgo.co embed.sendtonews.com b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
4	b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	eus.rubiconproject.com	sb.freeskreen.com eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
4	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	www.gohabsgo.co cdnjs.cloudflare.com embed.sendtonews.com
4	www.gohabsgo.co	www.gohabsgo.co
3	www.googletagservices.com	b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	timber.sendtonews.com	embed.sendtonews.com
3	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
3	c.amazon-adsystem.com	embed.sendtonews.com c.amazon-adsystem.com
3	embed.sendtonews.com	www.gohabsgo.co embed.sendtonews.com
2	googleads4.g.doubleclick.net	www.gohabsgo.co
2	as-sec.casalemedia.com	js-sec.indexww.com vpaid.springserve.com
2	search.spotxchange.com	d29xw9s9x32j3w.cloudfront.net vpaid.springserve.com
2	hbopenbid.pubmatic.com	d29xw9s9x32j3w.cloudfront.net vpaid.springserve.com
2	match.adsrvr.org	1 redirects js-sec.indexww.com
2	adservice.google.ca	pagead2.googlesyndication.com imasdk.googleapis.com
2	loadeu.exelator.com	2 redirects
2	scm.publishers.tremorhub.com	2 redirects
2	sync.smartadserver.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	onesignal.com	cdn.onesignal.com
2	cdn.onesignal.com	www.gohabsgo.co cdn.onesignal.com
1	vid-io-iad.springserve.com	vpaid.springserve.com
1	vpaid.springserve.com	imasdk.googleapis.com
1	csi.gstatic.com	imasdk.googleapis.com
1	vid.springserve.com	imasdk.googleapis.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-west.rubiconproject.com	1 redirects
1	secure.cdn.fastclick.net	www.gohabsgo.co
1	htlb.casalemedia.com	d29xw9s9x32j3w.cloudfront.net
1	tlx.3lift.com	d29xw9s9x32j3w.cloudfront.net
1	prebid-server.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	player.sendtonews.com	embed.sendtonews.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cs.admanmedia.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ww1772.smartadserver.com	sb.freeskreen.com
1	cdn.resonate.com	embed.sendtonews.com
1	js-sec.indexww.com	embed.sendtonews.com
1	www.hetlmedia.com	www.gohabsgo.co
1	www.googletagmanager.com	www.gohabsgo.co
1	static.freeskreen.com	www.gohabsgo.co
1	code.jquery.com	www.gohabsgo.co
292	69

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.marqueur.com

Subject Issuer	Validity	Valid
gohabsgo.co cPanel, Inc. Certification Authority	`2022-09-05` - `2022-12-04`	3 months	crt.sh
i.marqueur.com cPanel, Inc. Certification Authority	`2022-07-17` - `2022-10-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.freeskreen.com Amazon	`2021-12-19` - `2023-01-16`	a year	crt.sh
*.sendtonews.com Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
hetlmedia.com cPanel, Inc. Certification Authority	`2022-09-16` - `2022-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.spotxchange.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-14`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.springserve.com Amazon	`2022-09-20` - `2023-10-20`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.gohabsgo.co/
Frame ID: CFB8F0E78B0B94FB1C07078451FE8804
Requests: 125 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
Frame ID: D4CE803FBBE8FC272AEFC2553FF65C6C
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 787E362DBCB3C62050EACAF48961117C
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: E67403746112F8510AB9152D173EE51F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542527489535740&output=html&adk=1812271804&adf=3025194257&lmt=1663781195&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gohabsgo.co%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663781194814&bpp=3&bdt=346&idt=362&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8704912649666&frm=20&pv=2&ga_vid=434343873.1663781195&ga_sid=1663781195&ga_hid=2123796006&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31060566%2C31068921&oid=2&pvsid=1977519249656956&tmod=1687737663&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385
Frame ID: 74B83391A7542DF693017B810DDDA83D
Requests: 1 HTTP requests in this frame

Frame: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B607BD2661876721683F6A619765DC3B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: C00E1105A735DE5C0E0CFD116A87F771
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: E3CE49430EC4256C16F0C525292CD52C
Requests: 13 HTTP requests in this frame

Frame: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CDA957E5ECA0B79BC6EB846EA97A766
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html
Frame ID: 5A69D547AA8F33E8CF6CA9AB951851E7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B89643F243D68E0B4D524E75B4186177
Requests: 2 HTTP requests in this frame

Frame: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3EE0E371BC8052C1CC5A7FB660D1230
Requests: 5 HTTP requests in this frame

Frame: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 98D3E7A97C7093AC918C9F83E3B259DC
Requests: 15 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019
Frame ID: 6C08C84AA48566AFCC959C8825D52EEB
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRDm-U4Yv-zq0QEwAQ&v=APEucNXhFssUgSsBN_WTonHCqwE0iUz9H_sjHxooZf86e6FpyrYP5fafvDleqdizd2PnAjgzUKgoNTkOu2Fuit2fAMAqhSPSbA
Frame ID: 507D31A68618BA2946FF80A8AC22F20D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: E3489770626EA70357B6BFF6EE3331D1
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
Frame ID: 4F84CE2333323D85B2F33E5A8CD97315
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3225AA54383BD1A70ADD2E7C0C20ED16
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F14CA289FB9285B53D76A049ED672FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0C193E167CACCD13C2654B7C3A60C1B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 3662E02592D79AF7180FD375496BD961
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: D1A9893D71A658AAE5ADAD3357E1B6BD
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26ndfp%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Frame ID: BE105BCD088AA0A12AAAD8502E00A067
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: 83FCCAC59A97751E2837C28CB8DF5C88
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7DA88D9A3E167E1734C91B9EDC828315
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7CB786FF32C226954AB89DDC8D5FB8EF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26nofb%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill%2526iris_context%253D%26channel%3Dvastadp
Frame ID: 3D095AAB80822E2DA8880F1EC69934E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canadiens de Montréal - Nouvelles Hockey LNH | GoHabsGo.co

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

292
Requests

91 %
HTTPS

42 %
IPv6

41
Domains

69
Subdomains

58
IPs

5
Countries

10619 kB
Transfer

17045 kB
Size

43
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gohabsgo/
Title: FACEBOOK

Search URL Search Domain Scan URL

URL: https://www.marqueur.com/hockey/stats/nhl/scores.php?no=28769
Title: 13:00--

Search URL Search Domain Scan URL

URL: https://www.marqueur.com/hockey/stats/nhl/scores.php?no=28770
Title: 19:00--

Search URL Search Domain Scan URL

URL: https://www.marqueur.com/hockey/stats/nhl/scores.php?no=28772
Title: 19:00--

Search URL Search Domain Scan URL

URL: https://www.marqueur.com/hockey/stats/nhl/scores.php?no=28771
Title: 20:00--

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 90

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
https://sb.freeskreen.com/um?sa=7581645548811933291

Request Chain 91

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://sb.freeskreen.com/um?tlr=a50b6f233380425598610941ca268d1a

Request Chain 92

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
https://sb.freeskreen.com/um?ac=19bc7f25-5783-49a5-ad40-75e048fe6a1b

Request Chain 93

https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
https://sb.freeskreen.com/um?ni=1426bc2ee0d53528dfacee30cb4dccfc

Request Chain 144

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=L8BWD709-1H-I23B HTTP 302
https://sb.freeskreen.com/um?mg=L8BWD709-1H-I23B

Request Chain 148

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QXJUH37rRZKVi_ZEGgI-vg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QXJUH37rRZKVi_ZEGgI-vg

Request Chain 149

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bc768a32-e12c-4e8d-8f55-b3c2dfb98c41&gdpr=0&gdpr_consent=&expires=30

Request Chain 150

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/kzterboBd5fkCLOOFYD8Fsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6160754001607761012

Request Chain 151

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCV0Q3MDktMUgtSTIzQg==

Request Chain 152

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UIhiwwU4QM-pB-E9cZC0_g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UIhiwwU4QM-pB-E9cZC0_g

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH5CmPlPXgOPlfGF44PqC68&google_cver=1

Request Chain 154

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY1OGZhOTcyOWE1MzlhYWYxYzk2YWFiN2RiYzJiODhjYzliNjEwOA

Request Chain 155

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8BWD709-1H-I23B

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&C=1

Request Chain 208

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YytJTBV1Rev.nXauz8wSRgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&google_hm=2

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECQBr9O6fRYB9rB47YWQd5U&google_cver=1

Request Chain 210

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxOTgzOTg2NTE3MjI5NDYwMQ%3D%3D

292 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gohabsgo.co/ 55 KB
8 KB 71ms
17ms Document
text/html 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 987d7fa23cf2074e03d86613adefe3a7e4f23bb1ce4df623216adbc1d2c25e87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: br
content-length: 8166
content-type: text/html; charset=iso-8859-1
date: Wed, 21 Sep 2022 17:26:34 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 css.css
i.marqueur.com/css/auto/ 32 KB
6 KB 53ms
14ms Stylesheet
text/css 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://i.marqueur.com/css/auto/css.css?bg=3
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 0d0f2e242b01e1d051c2d7d6025d21e37bb64d31933577b6e7795aa375effaf5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:08:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5933

GET
H2 200 css.css
www.gohabsgo.co/css/ 331 B
228 B 12ms
10ms Stylesheet
text/css 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gohabsgo.co/css/css.css?bg=4
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 60968f769671af37c1515421777cade5f10500fccaffdabd0454d1a7d9f7037c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 18:16:51 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 162

GET
H2 200 oswald.css
i.marqueur.com/css/auto/ 44 KB
2 KB 56ms
18ms Stylesheet
text/css 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://i.marqueur.com/css/auto/oswald.css?bg=3
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: bb8c34012fba5143653013ef74900fc346dc115bc642b51859811df54354c141

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:08:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1997

GET
H2 200 opensans.css
i.marqueur.com/css/auto/ 60 KB
3 KB 53ms
16ms Stylesheet
text/css 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://i.marqueur.com/css/auto/opensans.css?bg=3
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 717b10593d54204f670e8962fbe282f51357d361b0cec4ec5b979429fe08f86e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:08:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2605

GET
H2 200 russo_one_3.css
i.marqueur.com/css/auto/ 61 KB
3 KB 56ms
19ms Stylesheet
text/css 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://i.marqueur.com/css/auto/russo_one_3.css?bg=3
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: e03515f92eb3f9da1542fda3aba456d358b7f77abf96502e315139ffb898ae6d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:08:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2520

GET
H2 200 css_stripe.css
i.marqueur.com/css/ 118 KB
4 KB 57ms
19ms Stylesheet
text/css 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://i.marqueur.com/css/css_stripe.css?bg=3
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: ea24f23e3904d8725fe2429924bfe5720279f477856440be7a208bee4609049d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Mon, 14 Mar 2022 16:49:41 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3643

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 89ms
39ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&family=OpenSans&family=Russo+One&display=swap

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bdca849142d892f0b6b21916a0f2ba7b35f0b222646f07d8c30f49cfbbeb1ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 17:14:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 17:26:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 17:26:34 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 62ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1140170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXpdK2d2xtSgVEx24gngrCPBPF6y%2F3CmjM03hw%2FIhA4Ol4LcurhM2MersS8gM3BevJV9kLLb%2FaP6GmLfVhgYRcA3JqHAn58uOyMyeNoD4PHyOxTWzE9cH9BlDyOwhXHhBzDz1PsMQiAuZ7JDncb%2BxAsh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e481b1cbedca53-YUL
expires: Mon, 11 Sep 2023 17:26:34 GMT

GET
H2 200 jquery-1.7.0.min.js Show response
code.jquery.com/ 92 KB
33 KB 88ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.0.min.js
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-16f44"
vary: Accept-Encoding
x-hw: 1663781194.dop008.dc2.t,1663781194.cds201.dc2.hn,1663781194.cds181.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33254

GET
H2 200 lib.js Show response
www.gohabsgo.co/js/ 45 KB
10 KB 21ms
20ms Script
application/javascript 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gohabsgo.co/js/lib.js?v=2
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 987a6fd1087e16af5b1b2df8455bcb0a79db843ba8dedfe37b89790f6f455340

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 18:17:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9897

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 96ms
46ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

431cfe713107055f1dc277e00b481a34c07433543b9ad77acdd4ffcb5c30c635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58009
x-xss-protection: 0
server: cafe
etag: 8720203226648923815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 17:26:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 133ms
63ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c5303a9f8a7d3637911b26b96bdcb5f954eb548fe928cc43118e3b05a02a1c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27755
x-xss-protection: 0
server: sffe
etag: "1340 / 3 of 1000 / last-modified: 1663758362"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Sep 2022 17:26:34 GMT

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/582/ 24 KB
9 KB 92ms
19ms Script
text/javascript 52.85.61.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/582/freeskreen.min.js
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-19.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5863de83de86bc9d0c9ca7c8a788a62ee645e6ca5a8b7ca2039464dda56832b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: sftnK54CEBMwzQ7ZG47yzEfXoV1mEmgU
Content-Encoding: gzip
Last-Modified: Wed, 18 May 2022 20:47:38 GMT
Server: AmazonS3
Age: 77357
ETag: "1edf2d8e3795906aa03ddbb3d18474e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 4b6e1bc9480bffb0b8980e408fffa59e.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Tue, 20 Sep 2022 19:57:19 GMT
X-Amz-Cf-Pop: EWR53-P1
Accept-Ranges: bytes
Content-Length: 8828
X-Amz-Cf-Id: _4QMNcaQ0xiHuUKFEl85hHje3bDLLDx1MDFQSSUWh8vVVLXBubicSQ==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 88ms
43ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74e481b2ae22ca47-YUL
date: Wed, 21 Sep 2022 17:26:34 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3239
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 24 Sep 2022 17:26:34 GMT

GET
H2 200 head.jpg
www.gohabsgo.co/i/ 262 KB
264 KB 31ms
12ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gohabsgo.co/i/head.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: fe8dcd1a6b10d7429bfd8f9cb82f643f9a0536a1db34544272c540228934f081

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Fri, 11 Mar 2022 18:17:00 GMT
server: Apache
accept-ranges: bytes
content-length: 267902
content-type: image/jpeg

GET
H2 200 embedcode.php Show response
embed.sendtonews.com/player2/ 7 KB
4 KB 125ms
45ms Script
application/javascript 3.209.43.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player2/embedcode.php?fk=1mCYXVMb&cid=12872&SIZE=400&floatwidth=400
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-43-118.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bd591aad1112cd8fd1ff7d062b45609a6e6b29df7cada5409d0c9dc0118cceba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-length: 3098
expires: Wed, 21 Sep 2022 18:26:34 GMT

GET
H2 200 173663.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 49 KB
50 KB 28ms
10ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173663.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 1f07e50ec986c01646c954cc6319e193efad792d8079c19bd249f54f451a1b6b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Wed, 21 Sep 2022 15:32:53 GMT
server: Apache
accept-ranges: bytes
content-length: 50342
content-type: image/jpeg

GET
H2 200 173595.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 16 KB
17 KB 28ms
9ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173595.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 9861be0eb98eadd4c43a9295e0092db25732a5e6c827755210f4700cd7bf6390

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Wed, 21 Sep 2022 13:55:30 GMT
server: Apache
accept-ranges: bytes
content-length: 16816
content-type: image/jpeg

GET
H2 200 173559.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 27 KB
27 KB 30ms
12ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173559.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 91c5129ae79ddb7dcb02cc0665bded8f1363b299eb1a1adc3be22fd2a2999518

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Wed, 21 Sep 2022 12:29:59 GMT
server: Apache
accept-ranges: bytes
content-length: 27832
content-type: image/jpeg

GET
H2 200 173531.png
i.marqueur.com/habsetlnh/i/photo/medium/ 156 KB
157 KB 28ms
11ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173531.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: c0f47e1bc56c908ce661ab39a5e3317eef0f02db8939cce98cd4fc13ad34ffad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Wed, 21 Sep 2022 02:37:53 GMT
server: Apache
accept-ranges: bytes
content-length: 159297
content-type: image/png

GET
H2 200 173409.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 27 KB
28 KB 29ms
11ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173409.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 0dc2bd16b44f169f0fb3afc483a75bb7b58bfba4d5fe51fd5389f8c51175ae9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 20:22:53 GMT
server: Apache
accept-ranges: bytes
content-length: 27935
content-type: image/jpeg

GET
H2 200 173550.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 17 KB
17 KB 40ms
23ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173550.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 966ff7f853427a7fbc66999baf492505019a6323c26dc4380b3b12fbb53a2afb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Wed, 21 Sep 2022 11:48:44 GMT
server: Apache
accept-ranges: bytes
content-length: 17557
content-type: image/jpeg

GET
H2 200 173397.png
i.marqueur.com/habsetlnh/i/photo/medium/ 199 KB
200 KB 39ms
22ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173397.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: b418e13d8c3e848de990b200ae6f14b5e5dd415cbcf61fb6685081e3ec92006c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 20:04:38 GMT
server: Apache
accept-ranges: bytes
content-length: 203588
content-type: image/png

GET
H2 200 173419.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 22 KB
22 KB 40ms
23ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173419.jpeg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: eed785cd7ed6df7a54fa6954a0d57d368c09543893644dfbff97603b6aaee424

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 20:31:31 GMT
server: Apache
accept-ranges: bytes
content-length: 22514
content-type: image/jpeg

GET
H2 200 173525.png
i.marqueur.com/habsetlnh/i/photo/medium/ 126 KB
127 KB 38ms
22ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173525.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 81cac50363dc681a2bd284a2625f8b1e9354d35ea9bcaa940832c7b262e5c34f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Wed, 21 Sep 2022 02:08:56 GMT
server: Apache
accept-ranges: bytes
content-length: 128700
content-type: image/png

GET
H2 200 173471.png
i.marqueur.com/habsetlnh/i/photo/medium/ 212 KB
213 KB 38ms
22ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173471.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 42458a3585c1c86b8b3594e5f367455cc426b918e730eab4c50ebae453266c01

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 22:28:21 GMT
server: Apache
accept-ranges: bytes
content-length: 217239
content-type: image/png

GET
H2 200 173435.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 26 KB
26 KB 40ms
23ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173435.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: e55916cd7df1349e9fea6a6f2bedfc00781437a91010a6ec2c0121da2d0cef5c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 21:07:24 GMT
server: Apache
accept-ranges: bytes
content-length: 26899
content-type: image/jpeg

GET
H2 200 173338.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 15 KB
15 KB 39ms
22ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173338.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 352757182a4111c9027ab48e6da797ce05aeadc65f42929ff10d8ae45e30d2e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 17:26:10 GMT
server: Apache
accept-ranges: bytes
content-length: 15082
content-type: image/jpeg

GET
H2 200 173367.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 86 KB
86 KB 40ms
24ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173367.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: da61e84f64ccc1cab5616b7198ae2065c59a100cabf24551c9c65decca1cf1e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 18:39:46 GMT
server: Apache
accept-ranges: bytes
content-length: 87800
content-type: image/jpeg

GET
H2 200 173308.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 27 KB
27 KB 39ms
23ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173308.jpeg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 8fe62254da95115e0a89bb687f1dfb6c8771045ca0f3c10935f5c6477feef09a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 16:20:56 GMT
server: Apache
accept-ranges: bytes
content-length: 27552
content-type: image/jpeg

GET
H2 200 173252.png
i.marqueur.com/habsetlnh/i/photo/medium/ 195 KB
195 KB 40ms
24ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173252.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 68d7aad25974c7a9fce0313390470a2a73ff99c9241c57ada1443855a5d0bec1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 14:59:28 GMT
server: Apache
accept-ranges: bytes
content-length: 199811
content-type: image/png

GET
H2 200 173243.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 24 KB
24 KB 50ms
34ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173243.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 55f835a17ea8b8109c0602c19762bc9c4bfbc2cf4d69cac1e90f67aef653108e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 14:41:13 GMT
server: Apache
accept-ranges: bytes
content-length: 24694
content-type: image/jpeg

GET
H2 200 173224.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 11 KB
11 KB 49ms
34ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173224.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 04daab843973e2af716697835cc5acaa35463e2352370cba035357b6ab1f35b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 13:50:40 GMT
server: Apache
accept-ranges: bytes
content-length: 11698
content-type: image/jpeg

GET
H2 200 173235.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 14 KB
14 KB 50ms
35ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173235.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 16e2d036b2c6cd583d44f200cccdc24068723d967af682117dd2642f669df93f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 14:15:19 GMT
server: Apache
accept-ranges: bytes
content-length: 14144
content-type: image/jpeg

GET
H2 200 173221.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 23 KB
23 KB 51ms
36ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173221.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 4a5fbb9b2a42797ac4cb2f27680dc3e7671068bf85c042702a18d3031086f6af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 13:48:11 GMT
server: Apache
accept-ranges: bytes
content-length: 23348
content-type: image/jpeg

GET
H2 200 173201.png
i.marqueur.com/habsetlnh/i/photo/medium/ 140 KB
140 KB 50ms
35ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173201.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: dcc1a414465f2d7173a186b6c5b9df3aa8d62e32f621514240dcd9fdbe7d0afe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 13:18:06 GMT
server: Apache
accept-ranges: bytes
content-length: 143583
content-type: image/png

GET
H2 200 173184.png
i.marqueur.com/habsetlnh/i/photo/medium/ 203 KB
203 KB 51ms
36ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173184.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 1acdd0064319bdc09bbf5c7af2b5d5637f2448fe4c1527e182e7149256c4281e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Tue, 20 Sep 2022 12:52:08 GMT
server: Apache
accept-ranges: bytes
content-length: 207696
content-type: image/png

GET
H2 200 173098.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 73 KB
73 KB 51ms
36ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173098.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 5dd8bbc24343effa7bddcc1eb054f22fdc53596f5695b678e694dbb4e9bf043e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 23:48:29 GMT
server: Apache
accept-ranges: bytes
content-length: 74805
content-type: image/jpeg

GET
H2 200 173086.png
i.marqueur.com/habsetlnh/i/photo/medium/ 136 KB
136 KB 51ms
36ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173086.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 2b51f4dc6af0594f2b62e38fe324b699d623367a83c58313ec5b9c0a9410d59a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 23:36:05 GMT
server: Apache
accept-ranges: bytes
content-length: 138917
content-type: image/png

GET
H2 200 173101.png
i.marqueur.com/habsetlnh/i/photo/medium/ 153 KB
153 KB 51ms
37ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173101.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 30871c5fc265d115995635c8d4774e9ab2706110d5752a4d881b535930ef4f76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 23:56:00 GMT
server: Apache
accept-ranges: bytes
content-length: 156661
content-type: image/png

GET
H2 200 173066.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 37 KB
37 KB 51ms
37ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173066.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 700a3f115bdee0e76d8f2232cd0be55704ef7f99d751f025c32966135b90ed76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 22:34:54 GMT
server: Apache
accept-ranges: bytes
content-length: 37921
content-type: image/jpeg

GET
H2 200 173010.png
i.marqueur.com/habsetlnh/i/photo/medium/ 159 KB
159 KB 50ms
36ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/173010.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: eb4c7163f952e98cfc00b58c179e8f2c9724c818d15af4e46d83ef7fc4560ef0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 20:08:08 GMT
server: Apache
accept-ranges: bytes
content-length: 162785
content-type: image/png

GET
H2 200 172987.png
i.marqueur.com/habsetlnh/i/photo/medium/ 194 KB
194 KB 51ms
37ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172987.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: ac96e454de35f32b4e6f7d03be9b94246189260667cf8352f21ef77acaa228b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 19:38:43 GMT
server: Apache
accept-ranges: bytes
content-length: 198981
content-type: image/png

GET
H2 200 172962.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 27 KB
27 KB 50ms
37ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172962.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 14bc10c008ab023a696820f26ce5e8199c86a2201b0f4bfd963f0e726ce4986f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 18:56:43 GMT
server: Apache
accept-ranges: bytes
content-length: 27347
content-type: image/jpeg

GET
H2 200 172941.png
i.marqueur.com/habsetlnh/i/photo/medium/ 199 KB
199 KB 56ms
43ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172941.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 7e18a25b73ab54021b820a0a4af8591d29910caa9ad89014059a07a681ba462b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 18:23:36 GMT
server: Apache
accept-ranges: bytes
content-length: 203718
content-type: image/png

GET
H2 200 172887.png
i.marqueur.com/habsetlnh/i/photo/medium/ 207 KB
207 KB 55ms
42ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172887.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: a5657bfdb3c0b6ad01ff5d6f942dba7768fa8bccfce9b7cac7377a24ef32a680

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 16:49:09 GMT
server: Apache
accept-ranges: bytes
content-length: 212134
content-type: image/png

GET
H2 200 172878.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 30 KB
30 KB 55ms
42ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172878.jpeg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: ab611647638e91f9a9337192ba8d57cd3ed279b75f46cccd25a53831b54a0bdf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 16:28:49 GMT
server: Apache
accept-ranges: bytes
content-length: 30632
content-type: image/jpeg

GET
H2 200 172856.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 20 KB
20 KB 56ms
43ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172856.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: f5d26dd5267bdbb009cb575cf1d481fd23f3039bf47fda83832083ee17af3948

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 15:55:39 GMT
server: Apache
accept-ranges: bytes
content-length: 20118
content-type: image/jpeg

GET
H2 200 172823.jpeg
i.marqueur.com/habsetlnh/i/photo/medium/ 26 KB
26 KB 56ms
43ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172823.jpeg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 188a79cff16297ad2e379f3e6099f789b6d519a70704352cd5b88f175458be94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 14:44:46 GMT
server: Apache
accept-ranges: bytes
content-length: 26178
content-type: image/jpeg

GET
H2 200 172815.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 18 KB
18 KB 56ms
43ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172815.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 5fef3aa19a7276b478171bde145b6fa8e7f34e8c002770e525ab1c29d9bc0f84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 14:25:11 GMT
server: Apache
accept-ranges: bytes
content-length: 17995
content-type: image/jpeg

GET
H2 200 172669.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 22 KB
23 KB 56ms
43ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172669.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 1ccb1e7e8d549e5b8103b4a542de54449cb24be93223096f61b9d20358ad8c56

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Sun, 18 Sep 2022 23:24:48 GMT
server: Apache
accept-ranges: bytes
content-length: 23037
content-type: image/jpeg

GET
H2 200 172762.jpg
i.marqueur.com/habsetlnh/i/photo/medium/ 17 KB
17 KB 56ms
44ms Image
image/jpeg 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172762.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 7c01c3de923397c849687eff2171bd7b502de59945a17b16715e144b410e304e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Mon, 19 Sep 2022 11:55:57 GMT
server: Apache
accept-ranges: bytes
content-length: 17581
content-type: image/jpeg

GET
H2 200 172659.png
i.marqueur.com/habsetlnh/i/photo/medium/ 198 KB
198 KB 54ms
42ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172659.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 6107126a9e9bd2b72cb0fe5b7543127e118d6bcb053a515589b4e7cb477e5745

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Sun, 18 Sep 2022 22:59:14 GMT
server: Apache
accept-ranges: bytes
content-length: 202406
content-type: image/png

GET
H2 200 172603.png
i.marqueur.com/habsetlnh/i/photo/medium/ 214 KB
214 KB 55ms
43ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172603.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 166d80f99b0cacd5c072dc702531273e2c7c6e12c899be7321974c64d772fb5d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Sun, 18 Sep 2022 20:32:30 GMT
server: Apache
accept-ranges: bytes
content-length: 218953
content-type: image/png

GET
H2 200 172585.png
i.marqueur.com/habsetlnh/i/photo/medium/ 171 KB
171 KB 56ms
44ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172585.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 41bb5f0f986e1ae00d9c40d236218e09123d924c38f19c9f9e7b925656d94584

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Sun, 18 Sep 2022 19:21:58 GMT
server: Apache
accept-ranges: bytes
content-length: 174613
content-type: image/png

GET
H2 200 172570.png
i.marqueur.com/habsetlnh/i/photo/medium/ 202 KB
202 KB 55ms
44ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172570.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 7acc0269b09952270dddfa437f4c3b14975bad2df16f086a288fdefafab0f940

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Sun, 18 Sep 2022 18:28:42 GMT
server: Apache
accept-ranges: bytes
content-length: 207078
content-type: image/png

GET
H2 200 172530.png
i.marqueur.com/habsetlnh/i/photo/medium/ 138 KB
138 KB 55ms
44ms Image
image/png 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/habsetlnh/i/photo/medium/172530.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 6be5da4682dd6e302a72bb959cfbb4d4e8a458c968034db274736e93f9c4484d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Sun, 18 Sep 2022 17:13:06 GMT
server: Apache
accept-ranges: bytes
content-length: 141375
content-type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 96ms
35ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-163163842-30

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d4bc8a4522e39ee2e0b5bc8e769c4f69dff4900108c5bd4feca23bcec03f7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42261
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 16:07:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Sep 2022 17:26:34 GMT

GET
H2 200 ad.js Show response
www.hetlmedia.com/ 122 B
204 B 59ms
13ms Script
application/javascript 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hetlmedia.com/ad.js?x=rUX2qDF79J
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 47ff6e3a6675bee601f12265614819a0bfd9dbf9b03c8328037632347b70ff54

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 17:08:51 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 81

GET
H2 200 script.js Show response
sb.freeskreen.com/publisher/ 71 KB
21 KB 218ms
130ms Script
text/html 54.197.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.gohabsgo.co%2F&usp=&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/582/freeskreen.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-83-80.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 44fa9fb9a7e9f110cf9d358b915a5136da8d4fae18dde071f76dc73d57d5e37c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
content-type: text/html;charset=UTF-8
content-length: 21265
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 stripe.gif
i.marqueur.com/ 214 KB
215 KB 43ms
33ms Image
image/gif 51.222.105.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.marqueur.com/stripe.gif?v=9
Requested by: Host: i.marqueur.com
URL: https://i.marqueur.com/css/css_stripe.css?bg=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.222.105.170 , Canada, ASN16276 (OVH, FR),
Reverse DNS: wb1.marqueur.com
Software: Apache /
Resource Hash: 4d27371d236fa7547c90c974165abffcbae1236b64a80da2c85df41d40086f83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://i.marqueur.com/css/css_stripe.css?bg=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
last-modified: Fri, 29 Apr 2022 18:52:37 GMT
server: Apache
accept-ranges: bytes
content-length: 219037
content-type: image/gif

GET
H2 200 Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
fonts.gstatic.com/s/russoone/v14/ 7 KB
8 KB 80ms
21ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/russoone/v14/Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=OpenSans&family=Russo+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 06:59:37 GMT
x-content-type-options: nosniff
age: 124017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7368
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 06:59:37 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 82ms
23ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=OpenSans&family=Russo+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:11:56 GMT
x-content-type-options: nosniff
age: 159278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:11:56 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 55ms
30ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2418808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4y7FmZ3lWMdar2kw2OFFe6gN570RcnhR%2FoKDXrTYVDst9MM%2Fuha0HOqCKuF%2FV3P0sUrX8HkJq08kwY8E2%2F3NVD%2BRSSvZRILXlY%2Fu3z2g2Kzt3rwUqNYupzhC9D5CAD6NuIhJpyAr029A4kjQpFOSOd%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e481b299d44bb8-YUL
expires: Mon, 11 Sep 2023 17:26:34 GMT

GET
H2 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/20220901/ 655 KB
193 KB 95ms
46ms Script
application/javascript 3.209.43.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-43-118.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4

Request headers

Referer: https://www.gohabsgo.co/
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 00:03:42 GMT
server: Apache
etag: "a3c23-5e7a6767c5380-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Wed, 21 Sep 2022 18:26:34 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 38ms
25ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8970b1f19d05dd6cc34c852734b07ec12ec1eb85e86b734ba9a857686a514a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74e481b31e2d7156-YUL
date: Wed, 21 Sep 2022 17:26:34 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3239
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 24 Sep 2022 17:26:34 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 118ms
74ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94d763740989b1b506ff4a5ade4be6e10549d1e4a08a63a6d8a950ff1917b131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124737
x-xss-protection: 0
server: cafe
etag: 14623636999904903373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 17:26:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/ Frame D4CE 10 KB
5 KB 67ms
19ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 33956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 08:00:38 GMT
etag: 9671129459699598864
expires: Wed, 05 Oct 2022 08:00:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022091501.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
127 KB 62ms
20ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130101
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 10:08:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
110 B 77ms
35ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gohabsgo.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f555a045aabb1f2dd16d94f3f5a579bf500195767da9ad1250dfc5ed9dfa1b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Wed, 21 Sep 2022 17:26:34 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/543f672b-09d4-42a1-8449-87b40a3ef432/ 6 KB
2 KB 49ms
37ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/543f672b-09d4-42a1-8449-87b40a3ef432/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97fbe2f4b4bb38d12492792c5678abd6fbb5d94317561e688147b6fcccd4a1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2248
cf-polished: origSize=5781
status: 200 OK
x-envoy-upstream-service-time: 25
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1e1ef047-60af-400c-a554-b4baf99121b9
x-runtime: 0.023558
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"eb631b9e116ca8afac34f7ca4345fa96"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 74e481b45825ca47-YUL
access-control-allow-headers: SDK-Version
expires: Wed, 21 Sep 2022 18:26:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
20ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163163842-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3662
date: Wed, 21 Sep 2022 16:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 18:25:32 GMT

GET
H/1.1 200
OK 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ 39 KB
13 KB 241ms
63ms Script
text/javascript 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 17:26:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 16:40:39 GMT
Server: Apache
ETag: "901637-9a4f-5e9329ae5d925"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1047
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13270
Expires: Wed, 21 Sep 2022 17:44:02 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
631 B 80ms
37ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 15:33:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 17:26:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 17:26:35 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
367 B 80ms
38ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 17:26:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 17:26:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 17:26:35 GMT

GET
H3 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
5 KB 67ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5437614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4023
timing-allow-origin: *
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dFad5GvHIqOB8e8LtyPVxsfqiVqxF6WLRt6vtOD3LVFswYzIdIBtUUJbY2PCfBLWHmYrIM0Q3Wt6jND%2FWPzi7GFMXNFZPgbnxcKym60Qvtl8JjHc4AY2auxIihC%2BNYCdgUtVDIRtte11HNy6uNLhcA1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e481b5a9c67142-YUL
expires: Mon, 11 Sep 2023 17:26:35 GMT

GET
H3 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 787E 53 KB
21 KB 64ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 164427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20502
timing-allow-origin: *
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjWzlTVHjqzupGR0L20H9fw8X3XQ4TYH%2FHKf6YvTnc7rTwun%2BwOLLi6VYOHbxHp9RttzUQSGp6xWn5fmv%2BhTx5sDCK3n1JpCbDZfKUypT03WudRqmBuTwRRNg8TndisxvJJzqhrYg3vVDc8bhoSsKMYk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e481b5a9c37142-YUL
expires: Mon, 11 Sep 2023 17:26:35 GMT

GET
H2 200 prebid.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 787E 334 KB
101 KB 127ms
61ms Script
application/javascript 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 23:36:58 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"1c7777ec3f15f66750ea282b9545a85d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: 8ftITQklqMDm6eo7HF0G0k5Altb5hrfyNYjfVI_qwLDRFQb_KZ4KCA==

GET
H2 200 comScore.gt.min.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 787E 335 KB
59 KB 86ms
21ms Script
application/javascript 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 09:09:56 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 23:25:25 GMT
server: AmazonS3
age: 29800
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: JFK50-P3
x-amz-cf-id: RjgcPDglktOnCl_i-vl0Lwggq_LtumEVc1OZXDEBCA3fppuXffqy2Q==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 378 KB
127 KB 102ms
37ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9b92b474abd6c41079a19e23fea79f0279dd70e3007c47e7773b9d3e7ca4f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128888
x-xss-protection: 0
expires: Wed, 21 Sep 2022 17:26:35 GMT

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 102ms
39ms Image
image/png 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 09:09:56 GMT
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 29800
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: JFK50-P3
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: BQk-hTsfCpyNr8oFewPan4XjFhawCOFVSYhDFH7pp_zed7Rap5CY9w==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
637 B 102ms
40ms Image
image/png 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 09:10:00 GMT
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 29796
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: JFK50-P3
accept-ranges: bytes
content-length: 322
x-amz-cf-id: pia2Hmyw1LkaHlbS41W5QlECB7kZ08liW4qbUWcG0vjGS20e1-lS6g==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 103ms
40ms Image
image/png 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 09:10:00 GMT
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 29796
etag: "8be584e844dabfe22970a0cb943c047e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: JFK50-P3
accept-ranges: bytes
content-length: 832
x-amz-cf-id: TLgFQQKem0yG8wJs6dDBLnnG0o4xOlH5zxFONvdqnCyB9ST5AfRTVA==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 103ms
41ms Image
image/png 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 09:10:00 GMT
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 29796
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: JFK50-P3
accept-ranges: bytes
content-length: 773
x-amz-cf-id: xkqu_5Qb0xIJzc3c9hcgbkKapgEeYUcw2TUPjFfrhRWNkB80Er8miA==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 80ms
24ms Ping
image/gif 18.208.240.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=eLyy2eVIKAdDuN1B&instance=281844&version=7.8.0&age=220921&cmd=PRE_INIT&key=1mCYXVMb&seq=1&order=1&absoluteTime=726.4&relativeTime=0.2&canonical=https://www.gohabsgo.co/&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-240-0.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 data_read.php Show response
embed.sendtonews.com/player4/ 34 KB
6 KB 84ms
84ms Fetch
text/html 3.209.43.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=eLyy2eVIKAdDuN1B&instance=281844&version=7.8.0&age=220921&ESG_key=1mCYXVMb&type=FULL&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-43-118.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8c6beb0224ae3ef28d3a02a71da33104ae98fb897d44e00842757cfc103b1abb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
content-length: 5587
expires: Wed, 21 Sep 2022 17:26:36 GMT

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/200302733/ Frame 787E 0
96 B 140ms
85ms Script
text/plain 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 74e481b5ebd9ab3d-YYZ
date: Wed, 21 Sep 2022 17:26:35 GMT
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 787E 167 KB
43 KB 65ms
21ms Script
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 21 Sep 2022 16:40:14 GMT
via: 1.1 77dc0904034d14a129bafe4c9d954f08.cloudfront.net (CloudFront), 1.1 ede7b7df91a2d48009a8aae6c1aa9278.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:37 GMT
server: AmazonS3
age: 2782
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: IAD50-C2, EWR52-C2
content-encoding: gzip
x-amz-cf-id: KmX4K_wo9lPtGoHVS3teGLvmGigcma_9KyhjNjI7ycHK4RbFXm3ZgQ==

GET
H/1.1 200
OK ac Show response
ww1772.smartadserver.com/ 212 B
2 KB 623ms
28ms Script
application/javascript 23.105.12.160
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=4065597362&out=js
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.gohabsgo.co%2F&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.160 Los Angeles, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 7974420
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E674
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

281 B
554 B

72ms
18ms

Document
text/html

23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=582&ut=&uts=&p_cust_params=&windowlocation=https%3A%2F%2Fwww.gohabsgo.co%2F&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Sep 2022 17:26:35 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 21 Sep 2022 17:26:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
server: AkamaiGHost

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
https://sb.freeskreen.com/um?sa=7581645548811933291

43 B
514 B

27ms
27ms

Image
image/gif

54.197.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?sa=7581645548811933291
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Server: 54.197.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-83-80.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?sa=7581645548811933291
date: Wed, 21 Sep 2022 17:26:35 GMT
content-length: 0

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://sb.freeskreen.com/um?tlr=a50b6f233380425598610941ca268d1a

43 B
448 B

25ms
24ms

Image
image/gif

54.197.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?tlr=a50b6f233380425598610941ca268d1a
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Server: 54.197.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-83-80.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?tlr=a50b6f233380425598610941ca268d1a
date: Wed, 21 Sep 2022 17:26:35 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
https://sb.freeskreen.com/um?ac=19bc7f25-5783-49a5-ad40-75e048fe6a1b

43 B
451 B

25ms
24ms

Image
image/gif

54.197.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ac=19bc7f25-5783-49a5-ad40-75e048fe6a1b
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Server: 54.197.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-83-80.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:35 GMT
Server: nginx
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Location: https://sb.freeskreen.com/um?ac=19bc7f25-5783-49a5-ad40-75e048fe6a1b
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://loadeu.exelator.com/load/?p=204&g=1300&j=0
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
https://sb.freeskreen.com/um?ni=1426bc2ee0d53528dfacee30cb4dccfc

43 B
470 B

26ms
26ms

Image
image/gif

54.197.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ni=1426bc2ee0d53528dfacee30cb4dccfc
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Server: 54.197.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-83-80.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

date: Wed, 21 Sep 2022 17:26:35 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sb.freeskreen.com/um?ni=1426bc2ee0d53528dfacee30cb4dccfc
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
694 B 86ms
36ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.gohabsgo.co&callback=_gfp_s_&client=ca-pub-6542527489535740&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00123d4a7b37f2fe99a5e401c5ccb355653e5be5ea0dc38827525755b8e0dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 93ms
45ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.gohabsgo.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
44ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gohabsgo.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 37ms
37ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.gohabsgo.co%2F&tn=DIV&id=pub_marc&cls=pt10%20pb10%20bgf%20bbd%20w3-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74B8 0
19 B 123ms
81ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542527489535740&output=html&adk=1812271804&adf=3025194257&lmt=1663781195&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gohabsgo.co%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663781194814&bpp=3&bdt=346&idt=362&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8704912649666&frm=20&pv=2&ga_vid=434343873.1663781195&ga_sid=1663781195&ga_hid=2123796006&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31060566%2C31068921&oid=2&pvsid=1977519249656956&tmod=1687737663&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:35 GMT
expires: Wed, 21 Sep 2022 17:26:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 157 KB
49 KB 1122ms
1121ms XHR
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1977519249656956&correlator=608126459825800&eid=31069673%2C31068921&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&iu_parts=117014822%2Cgohabsgo&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C980x300%7C980x120%7C980x90%7C970x250%7C970x90%7C970x66%7C750x100%7C728x90%7C1x1&ifi=2&adks=2433666164%2C527246759&sfv=1-0-38&ists=2&fas=8%2C0&fsapi=false&prev_scp=position%3Doop%7Cposition%3D1%26refresh%3Dtrue&eri=5&cust_params=hostname%3Dgohabsgo%26page%3Dstory%26lang%3Dfr&sc=1&cookie_enabled=1&cdm=www.gohabsgo.co&abxe=1&dt=1663781195277&dlt=1663781194468&idt=750&adxs=-9%2C310&adys=-9%2C10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.gohabsgo.co&loc=https%3A%2F%2Fwww.gohabsgo.co%2F&frm=20&vis=1&psz=0x-1%7C1600x-1&msz=0x-1%7C1600x-1&fws=2%2C512&ohw=0%2C0&ga_vid=434343873.1663781195&ga_sid=1663781195&ga_hid=2123796006&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

394262f8a6eca6de17bac497d18ef6c70da576aaec7631ed35e8661d7f5afe1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50269
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gohabsgo.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B607 6 KB
4 KB 105ms
39ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:35 GMT
expires: Thu, 21 Sep 2023 17:26:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022091501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022091501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf86535ac07bc30b581c28a2e15e74fad7e3e53076658faa7f453d23b3fe2a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 10:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13591
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Sep 2023 10:43:53 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 62ms
19ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 19:19:45 GMT
x-content-type-options: nosniff
age: 166010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16756
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 19:19:45 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 117 KB
44 KB 500ms
499ms XHR
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1977519249656956&correlator=3849917519930139&eid=31069673%2C31068921&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&iu_parts=117014822%2Cgohabsgo&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C336x280%7C300x250%7C1x1&ifi=4&adks=2759967084&sfv=1-0-38&fsapi=false&prev_scp=position%3D2%26refresh%3Dtrue&eri=5&cust_params=hostname%3Dgohabsgo%26page%3Dstory%26lang%3Dfr&sc=1&cookie_enabled=1&cdm=www.gohabsgo.co&abxe=1&dt=1663781195349&dlt=1663781194468&idt=750&adxs=211&adys=707&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.gohabsgo.co&loc=https%3A%2F%2Fwww.gohabsgo.co%2F&frm=20&vis=1&psz=869x250&msz=869x0&fws=0&ohw=0&ga_vid=434343873.1663781195&ga_sid=1663781195&ga_hid=2123796006&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a11b98bae8d7d601232ea5c765613717c1705b2711ff32f8f4d1d1519b5b0f5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPb2i_mzpvoCFUfk4wcdTK0JJA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5700122134273263366/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPb2i_mzpvoCFUfk4wcdTK0JJA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5700122134273263366/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 21 Sep 2022 17:26:35 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gohabsgo.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 475ms
474ms XHR
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1977519249656956&correlator=72642874174157&eid=31069673%2C31068921&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&iu_parts=117014822%2Cgohabsgo&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x600%7C300x250%7C160x600%7C1x1&ifi=5&adks=196147614&sfv=1-0-38&fsapi=false&prev_scp=position%3D5%26refresh%3Dtrue&eri=5&cust_params=hostname%3Dgohabsgo%26page%3Dstory%26lang%3Dfr&sc=1&cookie_enabled=1&cdm=www.gohabsgo.co&abxe=1&dt=1663781195354&dlt=1663781194468&idt=750&adxs=1082&adys=382&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.gohabsgo.co&loc=https%3A%2F%2Fwww.gohabsgo.co%2F&frm=20&vis=1&psz=419x250&msz=419x0&fws=512&ohw=0&ga_vid=434343873.1663781195&ga_sid=1663781195&ga_hid=2123796006&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03adab7079429419ce5ea31cc6ed8661b4057aa5a535007aa6e818ae07242a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11695
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gohabsgo.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 76ms
33ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=2123796006&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gohabsgo.co%2F&ul=en-us&de=windows-1252&dt=Canadiens%20de%20Montr%C3%A9al%20-%20Nouvelles%20Hockey%20LNH%20%7C%20GoHabsGo.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2007316270&gjid=1293286780&cid=434343873.1663781195&tid=UA-163163842-30&_gid=2337213.1663781195&_r=1&gtm=2ou9j0&z=2068687630

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gohabsgo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 26ms
23ms Ping
image/gif 18.208.240.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=eLyy2eVIKAdDuN1B&instance=214281844&version=7.8.0&age=220921&cmd=GET&key=1mCYXVMb&c_id=12872&seq=1&order=2&absoluteTime=1075.6&relativeTime=349.4&canonical=https://www.gohabsgo.co/&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&playerCfg=BR
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-240-0.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
143 B 120ms
60ms Ping
text/html 34.202.79.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=1mCYXVMb&ES_key=1mCYXVMb&ES_ID=33624&S_RKEY=i3UOGHhp74&USR_ID=214281844&ST_usrKey=eLyy2eVIKAdDuN1B&SM_ID=2251824&C_ID=12872&C_companyName=H%20and%20L%20Media&version=70080000&sC_ID=8619&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.79.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-79-131.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 17:26:35 GMT
cache-control: max-age=1
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 21 Sep 2022 17:26:36 GMT

GET
H2 200 0.js Show response
player.sendtonews.com/bidderFiles/ 4 KB
2 KB 118ms
18ms Script
application/javascript 108.138.106.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-16.jfk50.r.cloudfront.net
Software: Apache /
Resource Hash: 7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450

Request headers

Referer: https://www.gohabsgo.co/
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:30:01 GMT
content-encoding: gzip
age: 3395
x-cache: Hit from cloudfront
content-length: 1394
access-control-allow-origin: *
last-modified: Thu, 03 Mar 2022 21:08:40 GMT
server: Apache
etag: "e75-5d956cd664600-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: JFK50-P3
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: KQP_DjykkipBUT5VLy07NBN6CSb0yabIbUAgdjJGlW1kWCXlG-LIIA==
expires: Wed, 21 Sep 2022 17:30:00 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
125 KB 22ms
21ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 20:39:21 GMT
x-content-type-options: nosniff
age: 506834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 20:39:21 GMT

GET
H2 200 b70bn7tpfovxw50db2oxmdfqligm1s09.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 24 KB
24 KB 60ms
22ms Image
image/jpeg 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/b70bn7tpfovxw50db2oxmdfqligm1s09.jpg
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c4e12092b9a1749fe7494e96225c96ea3185854c41290896bbf1c492d895927

Request headers

Referer: https://www.gohabsgo.co/
Origin: https://www.gohabsgo.co
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:25:03 GMT
via: 1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
age: 92
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 24416
last-modified: Wed, 21 Sep 2022 17:05:30 GMT
server: AmazonS3
etag: "973c666eb9e2acc5c01b32897cf53127"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop: JFK50-P3
accept-ranges: bytes
x-amz-cf-id: TGmnJdzj1WJvgLted9Mj__lflZqgYnkSsO2vE8OiLJodBsOjyThSsQ==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 24ms
23ms Ping
image/gif 18.208.240.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=eLyy2eVIKAdDuN1B&instance=214281844&version=7.8.0&age=220921&cmd=RTP&key=1mCYXVMb&c_id=12872&seq=1&order=3&absoluteTime=1104.1&relativeTime=377.9&sC_ID=8619&sm_id=2251824&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&playerCfg=BR
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-240-0.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
142 B 5094ms
5062ms Ping
text/html 34.202.79.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=1mCYXVMb&ES_key=1mCYXVMb&ES_ID=33624&S_RKEY=i3UOGHhp74&USR_ID=214281844&ST_usrKey=eLyy2eVIKAdDuN1B&SM_ID=2251824&C_ID=12872&C_companyName=H%20and%20L%20Media&version=70080000&sC_ID=8619&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.79.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-79-131.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 17:26:40 GMT
cache-control: max-age=1
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 21 Sep 2022 17:26:01 GMT

GET
H3 200 bridge3.532.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C00E 638 KB
207 KB 66ms
20ms Document
text/html 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 112051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211807
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 10:19:04 GMT
expires: Wed, 20 Sep 2023 10:19:04 GMT
last-modified: Tue, 20 Sep 2022 10:12:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 108ms
47ms Script
text/javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Sep 2022 17:26:35 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 787E 6 KB
3 KB 58ms
18ms XHR
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:09:05 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 26251
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
via: 1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: d48Bcoye-LuMGlVqp80m7bammpe3WFGmWmsvRlnxGXtNiASWFX35dw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 787E 248 B
596 B 20ms
20ms XHR
application/json 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gohabsgo.co&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:31:11 GMT
via: 1.1 ede7b7df91a2d48009a8aae6c1aa9278.cloudfront.net (CloudFront)
server: Server
age: 6923
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.gohabsgo.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C2
content-length: 248
x-amz-cf-id: zgRowKC2w0Yd8VRtzJ9k3mPQRImny-RGovGjJMZ-hN08SZlQZwnIHQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 787E 23 B
461 B 89ms
36ms XHR
text/javascript 108.138.124.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gohabsgo.co%2F&pid=m2mS6TiTj0mqL&cb=0&ws=300x150&v=22.9.81452&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2Cu77xS6h91Ai4mByBcC_3vg%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.124.226 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-124-226.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
via: 1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-amz-rid: Q34BD7WP8NC2F2GSQ553
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gohabsgo.co
access-control-allow-credentials: true
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2boNMllPV2wAwCV0_ZMpsOCkfQ4xoXxqu6iD7OZ6cftX3rdnNZ6bCA==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 88ms
25ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 023e1cb990dcdf02e698072d0dd4bd0a20bf645ff65b3768a5dd2be09dfc257b

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gohabsgo.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 21 Oct 2022 17:26:35 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
253 B 77ms
48ms XHR
text/plain 34.120.155.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.gohabsgo.co
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 550 B
768 B 122ms
60ms XHR
application/json 3.220.58.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.gohabsgo.co
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.58.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-58-99.compute-1.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: e4f2bd021423db3e4429ab45ef042fc39debba49a2def1fe454b40447cb06536

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.gohabsgo.co
date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.2
vary: Accept-Encoding, Origin
content-type: application/json

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E674 31 KB
10 KB 19ms
19ms Script
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c948008e85bad263dc49df013408d09c061b0833fa4f502ed1c743dd5f313044

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 17:26:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30783
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9421
Expires: Thu, 22 Sep 2022 01:59:38 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 787E 186 B
410 B 532ms
306ms XHR
application/json 44.210.205.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.205.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-205-198.compute-1.amazonaws.com
Software: /
Resource Hash: 9303cfb2d0a6889084b8b62f5cf844e965dfed5d69cc29bd5198eeea4ec47107

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: gzip
x-prebid: pbs-java/1.98.0
content-type: application/json
access-control-allow-origin: https://www.gohabsgo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 787E 19 B
507 B 132ms
57ms XHR
application/json 3.226.62.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fwww.gohabsgo.co%2F&tmax=3000

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.62.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-62-124.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gohabsgo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 787E 137 B
830 B 64ms
18ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

59b534f8997c09c843b494425e17693bb612ff3c61b2ae9b9a4a380a70a08fdf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:35 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: c53d8c3e-9a5f-46b5-826a-137325e13b58
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gohabsgo.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 787E 0
116 B 205ms
73ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gohabsgo.co
date: Wed, 21 Sep 2022 17:26:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 787E 36 B
561 B 127ms
66ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2291362d57376bd5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.gohabsgo.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.gohabsgo.co%2F%22%2C%22keywords%22%3A%22Canadiens%2CMontr%C3%A9al%2CGoHabsGo%2CHockey%2CLNH%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210abb87ae480648%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A400%2C%22h%22%3A227%2C%22sizes%22%3A%5B%5B400%2C227%5D%5D%2C%22playerSize%22%3A%5B%5B400%2C227%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22u77xS6h91Ai4mByBcC_3vg%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d14d790b7ab2f252031133c08a966ded6627f62e6f2dd34c9eb083a0f271224

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8RUmZ8ZtWvy4MUFIzdpQgZipTZ6FQPcxa4YtmU4pRmew6bxSumeu5VoXAGfNhkswJg9PQfoohrtBVE9PEvatYYaL%2FuzbYPbeHLeSkB3AupqzLPjYp8rAfU9VlysY97FEDMaF2nr"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gohabsgo.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74e481ba1deaa1e4-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 229991 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 787E 0
952 B 454ms
391ms XHR
application/json 192.35.249.142
SPOTX-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
x-spotx-timing-transform: 0.003067
x-spotx-timing-spotmarket: 0.076807
x-spotx-timing-page-require: 0.003539
x-fe: 154
x-spotx-timing-page-misc: 0.015690
x-spotx-timing-page-cookie: 0.000051
x-spotx-timing-page: 0.105155
pragma: no-cache
x-spotx-timing-page-context: 0.000748
last-modified: Wed, 21 Sep 2022 17:26:36 GMT
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary: 0.076807
access-control-allow-methods: POST, GET, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.gohabsgo.co
x-spotx-timing-page-exception: 0.000001
x-spotx-timing-spotmarket-secondary: 0.000000
x-spotx-timing-page-uri: 0.000021
x-spotx-timing-page-mux: 0.005231
access-control-allow-headers
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 787E 54 KB
17 KB 187ms
49ms Script
application/javascript 23.78.200.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.78.200.97 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-78-200-97.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:35 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 20:10:31 GMT
server: Apache
etag: "d71e-5e830058020dd-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17404
expires: Wed, 21 Sep 2022 17:41:35 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E674 284 B
934 B 127ms
28ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
Content-Type: image/jpg

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
505 B 101ms
56ms XHR
text/plain 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.gohabsgo.co%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2lN33LYeE1gE2FXK2%2BkfT7Yc%2F2nIPpzq8kNG8JJIUhwbAUg%2FVKXIb9aOLsvhBX9jOvPYm0uJw68%2BFfbAByM5xMl69Z6y%2BbsGVgzQXMUtQkGPefRWDl9khoO0PzZVyrCxmFr097rztI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.gohabsgo.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74e481ba9beda1e1-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame E3CE 220 KB
61 KB 89ms
19ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:55 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3CE 14 KB
5 KB 121ms
51ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:55 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3CE 94 KB
28 KB 122ms
53ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3CE 5 KB
2 KB 129ms
61ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:55 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3CE 40 KB
13 KB 130ms
62ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:55 GMT

GET
DATA 200
OK truncated
/ Frame E3CE 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6e1c2a64891f9f3e9b38a72e6e8e64f695390f433868929291cc2cd8bb53021

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15923129958742371840
tpc.googlesyndication.com/daca_images/simgad/ Frame E3CE 71 KB
71 KB 70ms
20ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15923129958742371840

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb68e6e5e03e43bf00e3878d8ea1ebd3e4ec3509209344414a0c49b4f1a9f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 05:10:15 GMT
x-content-type-options: nosniff
age: 216980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72503
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 17:32:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 05:10:15 GMT

GET
H2 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E3CE 3 KB
3 KB 90ms
41ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:26:30 GMT
x-content-type-options: nosniff
server: cafe
age: 10805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 12021612326893382710
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Thu, 22 Sep 2022 14:26:30 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E3CE 295 B
757 B 68ms
20ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:14:52 GMT
x-content-type-options: nosniff
server: cafe
age: 83503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:14:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E3CE 0
0 88ms
38ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSx0ghfWRCxXwLi5UI9dt0mmO2-n44odpcSDNAdohvsqZ2fHj6gVJPX0DYfcZvCPNKYs7qt-rvjTplKzpIzGl9mcyTKjQ
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E3CE 0
0 52ms
51ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPbVgS0krY42qGYSOlAOO7pbQB7LAu5Js84Di6NMQ38aivcABEAEg3cngfmD96KKB8AOgAbzbwOEDyAECqQLn1z2LYxypPuACAKgDAcgDCKoE8gFP0JmjnaG6RSbNaF_r5zG5JYM3dQXYSoCEf_9LZbF9MbBaIApjCQ6hu4z4FsM6vxSctmHUf-dWVX41VhJ2jhMmBHshmHDfuKkEw_fCOJDpgIkU7kP9Ijo-x0_8o14Bxh3KOPYyrWNb9v-1YveqN2wdWyVBK1-hoq9rDoVcOUtD7-goJctfvjvusZ0XmYZyCEzHD2MMAFrC8ZndptIqVFnRidU0Bl9aCqJ1BAv_iMY6syKWjcYIbCs-_OgJHUR1cY_ZmyC4u7qvgI5vvOCSU8ifGET5JNh2WeOxVdaOt9fmyaqclgfhe9cW5-x-jWiQ5uVaR8AEvsrQpI8E4AQBoAYCgAespL8eqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_vZO0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTk2NDc4MzY5NDIxMDM2NTYYtpwa&sigh=tRJsr4bFGlc&uach_m=[UACH]
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 container.html Show response
b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CDA 6 KB
3 KB 63ms
20ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:35 GMT
expires: Thu, 21 Sep 2023 17:26:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
24ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74e481bade157156-YUL
date: Wed, 21 Sep 2022 17:26:35 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3231
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Oct 2022 17:26:35 GMT

GET
H2

200

um
sb.freeskreen.com/ Frame E674
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=L8BWD709-1H-I23B
https://sb.freeskreen.com/um?mg=L8BWD709-1H-I23B

43 B
554 B

26ms
26ms

Image
image/gif

54.197.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?mg=L8BWD709-1H-I23B
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: H2
Server: 54.197.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-83-80.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://sb.freeskreen.com/um?mg=L8BWD709-1H-I23B
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Expires: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 78 KB
18 KB 67ms
21ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce1e41225655458a099cb7f828fc78c279d138f8ded66fb227783aae7b69bdc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 439974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18332
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 15:13:42 GMT
expires: Sat, 16 Sep 2023 15:13:42 GMT
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9CDA 0
0 54ms
53ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrBeZS0krY7alGcfIj-8PzNqmoAKi_uf9a9qonoO-ENzZHhABIN3J4H5g_eiigfADoAGmreHFA8gBCakC59c9i2McqT7gAgCoAwHIA0iqBOsBT9Awb63LTSctl-YbCAhyBbATHJZrc_ndB_UyzPbN9XnmzgVQR6p5A3v5ZNfkn4qOOPD1EgspuMGI6J-pxtSaDDu_CwoqXILo46VwMoNbn8hKRXOtIhTH5mY3a-6EJqwGsyzTNzp25tYcMGb9fBSCXqvrQQQ_eFtKmPYNLObItlZzXaKCSTQozGT5QNODpq2FJx-mzVLL57qB9pI-M9_cNIzf1HqDP3khiyKgVqE15yLu2YG31u8W8MRaMQExdPEVg2ql7pAsJuk396QNBn9bfsA7HF3NKro3wSV2-qKPeWF-GcfE30RvOJcOecAErvHmvv8D4AQBoAYugAfC0p46qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQz7gz0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTk2NDc4MzY5NDIxMDM2NTYYtpwa&sigh=3Uc5R5ataYc&uach_m=[UACH]&template_id=419
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 9CDA 23 KB
9 KB 62ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:21:04 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E674
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QXJUH37rRZKVi_ZEGgI-vg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QXJUH37rRZKVi_ZEGgI-vg

43 B
479 B

105ms
104ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QXJUH37rRZKVi_ZEGgI-vg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:36 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 7XA9297ZT6TVBGKJA5H9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QXJUH37rRZKVi_ZEGgI-vg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c3b5432477546c086cd062707f625a76
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E674
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bc768a32-e12c-4e8d-8f55-b3c2dfb98c41&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

176ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bc768a32-e12c-4e8d-8f55-b3c2dfb98c41&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bc768a32-e12c-4e8d-8f55-b3c2dfb98c41&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E674
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/kzterboBd5fkCLOOFYD8Fsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6160754001607761012

42 B
691 B

101ms
27ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6160754001607761012
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: f72efbd84733ea5ba734e4e8fe0395a3
Content-Type: image/gif

Redirect headers

date: Wed, 21 Sep 2022 17:26:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6160754001607761012
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E674
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCV0Q3MDktMUgtSTIzQg==

170 B
243 B

51ms
37ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCV0Q3MDktMUgtSTIzQg==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCV0Q3MDktMUgtSTIzQg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c3b5432477546c086cd062707f625a76
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E674
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UIhiwwU4QM-pB-E9cZC0_g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UIhiwwU4QM-pB-E9cZC0_g

43 B
479 B

31ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UIhiwwU4QM-pB-E9cZC0_g

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:36 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: XHFHTYZVHZ127E4D6APX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UIhiwwU4QM-pB-E9cZC0_g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c3b5432477546c086cd062707f625a76
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E674
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH5CmPlPXgOPlfGF44PqC68&google_cver=1

42 B
691 B

100ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH5CmPlPXgOPlfGF44PqC68&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH5CmPlPXgOPlfGF44PqC68&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E674
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY1OGZhOTcyOWE1MzlhYWYxYzk2YWFiN2RiYzJiODhjYzliNjEwOA

170 B
232 B

37ms
37ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY1OGZhOTcyOWE1MzlhYWYxYzk2YWFiN2RiYzJiODhjYzliNjEwOA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY1OGZhOTcyOWE1MzlhYWYxYzk2YWFiN2RiYzJiODhjYzliNjEwOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E674
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8BWD709-1H-I23B

0
574 B

108ms
62ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8BWD709-1H-I23B
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7E1642B437A94571A996D2876FDA2C8F Ref B: YTO01EDGE0806 Ref C: 2022-09-21T17:26:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpMz8wzM9HxetCGwhl9A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8BWD709-1H-I23B
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E3CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

54ms
54ms

Image
text/html

2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: H3
Server: 2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date: Wed, 21 Sep 2022 17:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5A69 16 KB
6 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 00:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 22 Sep 2022 00:21:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5A69 33 KB
13 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
server: cafe
etag: 10485928763175976200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 22 Sep 2022 08:16:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B896 143 B
166 B 23ms
20ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 16:40:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9CDA 3 KB
1 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:24:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9CDA 17 KB
7 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:20:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9CDA 0
0 40ms
40ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEj5WUPLBDf2s8kigcrA5TIo85lZ9h5uJfsHYxMMQVHru8BbR_cDn2vWdN9zyhKiGRryNtwrZUceGBW8u4MXEojj5EhQ
Requested by: Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CDA 140 KB
44 KB 99ms
50ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:26:36 GMT

GET
DATA 200
OK truncated
/ Frame 9CDA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c4c480151f17c92dba8e1de51727dd09b8f51df6da5fa37f492286253cd8f2c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B896
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:36 GMT
expires: Wed, 21 Sep 2022 17:26:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 17:26:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A69 36 KB
16 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:30 GMT

GET
H3 200 300x250_succursale_AOUT4_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 52 KB
52 KB 24ms
21ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT4_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ddafc7c64fc419d23666a57f965643dc3e191583eca4afab855dbde9d4fcef1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52778
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H3 200 300x250_succursale_AOUT7_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 52 KB
52 KB 47ms
44ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT7_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3f5cf1744d0d73eaae16b06407a952447e7ed738e423ecdb951262e1cc9c701

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53207
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H3 200 300x250_succursale_AOUT8_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 46 KB
46 KB 55ms
51ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT8_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8551742d5ddf7cf859efab1c28b377dacf5bb89ed041b51ec13607ed2d2f2a63

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46912
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H3 200 300x250_succursale_AOUT9_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 51 KB
51 KB 63ms
58ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT9_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64cb5ebb201be8e8e71e5bb8b58889762d117d91c8c943817a5b0af87f9531b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52399
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H3 200 300x250_succursale_AOUT11_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 53 KB
53 KB 58ms
54ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT11_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3596d7a1d5ab84ba889665f6e62273d38193a1ae44de2fef5030acde2efe835e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54221
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H3 200 300x250_succursale_AOUT12_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 67 KB
67 KB 67ms
62ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT12_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5543a9a71ce0252ebed49eb700c97738ceed4eebf1c0f404700d4400ac406e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68126
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H3 200 300x250_succursale_AOUT13_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 59 KB
59 KB 65ms
61ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT13_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e080255cac7f5718f00b93b6f3fe836f7fbe997ac6445c55b37217dce1e07448

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60606
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H3 200 300x250_succursale_AOUT14_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/ Frame 5A69 52 KB
52 KB 28ms
23ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5700122134273263366/300x250_succursale_AOUT14_1.jpg

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cc8e1326512533b14d77f14bbcafca06e6cacf7312bb0e5ee1f22b7fa4244a9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 442427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53474
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:09:01 GMT
server: sffe
date: Fri, 16 Sep 2022 14:32:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 14:32:49 GMT

GET
H2 200 rssp9rr1r72855r0sqpnr35o178q1ns2playlist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 291 B
834 B 91ms
91ms XHR
application/x-mpegurl 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/rssp9rr1r72855r0sqpnr35o178q1ns2playlist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c0b77cb1efb3e452d6ec37bdd7b2f2628a023ba7312504750fc7fc6d2dd0ef1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:37 GMT
via: 1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Wed, 21 Sep 2022 17:06:49 GMT
server: AmazonS3
etag: "823a82f0cfe414fa92bb868fa1146ed0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: fwDjFmOGf2fUxPRvsYHZ1IZlUu_PzsKBJsL3FPfVERkvbGhSrr1uQw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 25ms
25ms Ping
image/gif 18.208.240.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=eLyy2eVIKAdDuN1B&instance=214281844&version=7.8.0&age=220921&cmd=IMA&key=1mCYXVMb&c_id=12872&seq=1&order=4&absoluteTime=1981.8&relativeTime=1255.6&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&playerCfg=BR&recoveryMethod=SSAI&imaVersion=3.532.0&blocked=false&recovered=false&hasAdParams=true
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-240-0.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 25ms
25ms Ping
image/gif 18.208.240.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=eLyy2eVIKAdDuN1B&instance=214281844&version=7.8.0&age=220921&ldt=BIDS&key=1mCYXVMb&c_id=12872&seq=1&order=5&absoluteTime=1982.3&relativeTime=1256.1&sm_id=2251824&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8619&load=1&status=LVFNMNIY&ac_id=2008&prebid.cid=0&prebid.bidders.rubicon.time=589.3&prebid.bidders.triplelift.time=169.9&prebid.bidders.appnexus.time=132.9&prebid.bidders.pubmatic.time=218.9&prebid.bidders.ix.time=165.9&prebid.bidders.spotx.time=479.4&prebid.start=1373.5&prebid.time=590.2&prebid.timeout=3000
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-240-0.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 93ms
45ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.gohabsgo.co

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
45ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gohabsgo.co

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 container.html Show response
b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3EE 6 KB
3 KB 20ms
20ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:35 GMT
expires: Thu, 21 Sep 2023 17:26:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 98D3 6 KB
3 KB 20ms
20ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:35 GMT
expires: Thu, 21 Sep 2023 17:26:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rssp9rr1r72855r0sqpnr35o178q1ns2.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 972 B
1 KB 111ms
111ms XHR
application/x-mpegurl 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/rssp9rr1r72855r0sqpnr35o178q1ns2.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f19c07c1d0f57c8cf4c9e8ada0fd7c78e6d13dda5937604313904236ee1f212

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:37 GMT
via: 1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 972
last-modified: Wed, 21 Sep 2022 17:07:10 GMT
server: AmazonS3
etag: "11a450144331ead5f8d86df70e525f99"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 1ykOYspqPJAME9-YQhLk2aAydbduWvl_ucLf-gF8XuyHx-_cF82RBw==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C00E 14 KB
2 KB 152ms
91ms XHR
text/xml 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C117014822%2Fgohabsgo-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.gohabsgo.co%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2251824&us_privacy=false&cust_params=sessionKey%3D214281844-eLyy2eVIKAdDuN1B%26schain%3Dsendtonews.com%2Cu77xS6h91Ai4mByBcC_3vg%26content%3D8619%26placementType%3DPremium%26embed%3D1mCYXVMb%26domain%3Dgohabsgo.co%26player_size%3Dlarge%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00142%26rand%3D4%26us_privacy%3Dfalse&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&sid=6C6B4013-3E4D-4EC5-86B8-C6D3472A0206&nel=0&eid=44748969%2C44750823%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.gohabsgo.co%2F&dlt=1663781194468&idt=1413&dt=1663781196540&cookie=ID%3D38412afc78c8276b%3AT%3D1663781195%3AS%3DALNI_MblCa7pMF9IyzZcR0zle5V8LOXsMg&gpic=UID%3D00000869770d080f%3AT%3D1663781195%3ART%3D1663781195%3AS%3DALNI_MYDorPQvgBo2r7PrEIDYakGVC5ZYQ&correlator=976306840814888&scor=4329823131544079&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78198e34c6f4334405aa4dd069794eaa028c10b03666e294ebd6be4e5c172add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1315
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C3EE 4 KB
636 B 36ms
36ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 17:00:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 17:26:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 17:26:36 GMT

GET
H2 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame 6C08 10 KB
4 KB 80ms
28ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 18:17:56 GMT

GET
H2 200 2e4af17640cb32bc996b7903b1b5a7cb.js Show response
www.gstatic.com/mysidia/ Frame 6C08 19 KB
8 KB 81ms
29ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7793
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 16:56:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6C08 2 KB
539 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 17:10:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 17:26:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 17:26:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6C08 2 KB
902 B 26ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:19:57 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 6C08 6 KB
2 KB 91ms
41ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 18:46:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 6C08 23 KB
9 KB 22ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:21:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6C08 3 KB
1 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:24:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6C08 17 KB
7 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:20:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C08 0
0 39ms
38ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTK5RbfZrSl9jqyOj_E0lIGHzVgNJsWWVlsTOp6UWQceCzbjvsBgah7lKmMpfQQidVtUgvsfUPuIAH8U7vdxOpGjvk1ug
Requested by: Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C08 140 KB
44 KB 135ms
89ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:26:36 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 6C08 33 KB
14 KB 71ms
23ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 18:09:39 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame C3EE 19 KB
8 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12420716543898108158
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 16:52:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C3EE 205 B
296 B 85ms
43ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:40:56 GMT
x-content-type-options: nosniff
age: 153940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Sep 2023 22:40:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C3EE 604 B
920 B 83ms
42ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 00:11:42 GMT
x-content-type-options: nosniff
age: 321294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Sep 2023 00:11:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 507D 624 B
299 B 54ms
54ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRDm-U4Yv-zq0QEwAQ&v=APEucNXhFssUgSsBN_WTonHCqwE0iUz9H_sjHxooZf86e6FpyrYP5fafvDleqdizd2PnAjgzUKgoNTkOu2Fuit2fAMAqhSPSbA

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:36 GMT
expires: Wed, 21 Sep 2022 17:26:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 98D3 118 KB
37 KB 84ms
83ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D72dbSxDv38lmp_How6BPVQH87AQlf_oz7uWEQinfiDukOY86eE9DKlxX2Hzg-21_mYEuRDiubUKjQHSGAc0EhP893JXnq8U06jVYSg-QHSkFSZT1kUVe5LivLB5TPyUIsJRCxPJ5SJQXEMj3sjZaEzxQszw&dbm_d=AKAmf-B0O8EIJkz9k68DElp1jv9msanSStaBNj8tl0eYghic1wuMDR4qeLnAZasHr2G2_vlDI-2ouE7JLEWsfwlKTVYPkWfroFOU-MrJ0_p5hPwE4ZbFZuxDQXWvT3VmSTY8j5-N4TIx5zmVBiV389TIz8c6W2iavV6XBmjMmrycRqUT8wZqujKjGxEaXPEbmWbihGSb2uVJL35OIZabP5ZQuuVStmRT5mTW-W2W1OF4DEs3jYJ8jiTBH91TfLmVbbUK1voHoqibWv1qKmYyJEIKrhRP3kQaM_rD27NrA8yWv59eI-sJGGcntl46pzOdzYzYM0PZgP15e3BMO9abChS1tBgD60QLW1XbihhV6DO-kMdV4k9ecT3cVtUUMWgz-Z8EXcBu4rPB6aftsC1MmK8PuXkorp5GM9p6RnUiYZYT9lnKM8vzZe08GeotDj8zCGbws9LKq_i5DdPXhWKRYTCFiOuEN_V22FTE-ygvmj_omk1lnVBVE4m8_A-1uKLyJ9vFA0KyT-0sqonarOANRoJpER5VEqTtrITPqIoZhK-0FaTvSbXg_M0RZiBZBAM6aZ79rCJtF43WbD7MmQpC_tIhpoFjODOXB4BRRe-bPJfVt6Soc1-mqOk7GJeb9gutXIpQ6djV8_GcK80yPqYq6-4fsQoZEfvyMiB0zDvzOFogabKZPfXO8Y35VQRnWZc6gUecyWGLuDQ7Paiw2YXmAIxSWj6k_loIbupuF1G54oKA82YcMRSiQOqZXZuUP1fKQ7KfacmUDpot1w0Np2VWUWvhgPZDblIPMtWmxYX0kNDW5bV9kN18ojiZTtVPhkc7XK5M8syrFvzIB5C-dhzl09LS-dHpzLGUgy0jTvPHCESNPK32Z6vmYj-7q26abUw8PZ2fDqUvPRml3Hh9PJSJvX088d86N8qPJMNvJm0cQWi-fn3OMEmA76xxi763WM9uIyeru22FmtbMBDwn8ADPIRmy7KLxr7PhWXyy010Kemh5kS4bWdXa5OvH8XbjaYsLoGc6brkEN3X8--1hxjT3D4FYqarakKUkuxnBIB6i2VZLXRTJWlBk7mnd0F6ptfU5Mh2tS8aF5MYHruPq7C0tIZVjNbdjQKvSLW8A9DSSVWbM649AROcxSYE--MJEptBwB-2oaPo2mMLR-bId1apkPcmmsFKeX6oOuFPJ-37-9nOMPX09kk4DkDd3Ykq2XKRr5FGQNA2kZ7O_ScCA5V-qxCfOVuVVKzBMc86T7SwCrnadQgMJE62InqUl94n2vbdaHcnz0Y6DNp77ZPdZQsQLk9hvHmBM54QvZhhEaMeoUHiDhSaxSWdCX_tdAUv9-kANy2SJH_ntPZylWhDBt4NdyeIn26xM7p5kG14BcNQ_OqCmE9fO-B1uiv64pDjltbrxSo3An-u09EikT9O0XRoaXAPuthjm9ViiVIEYHDgDJbSCXaFdWolrWoOHHPn-TZMbBUReDsk8Wi6_hI3SYtofKqT_I0YOjXJcZb6Xvugxvkg1R92m3OryRyE1TULTRHEF2BfcIRLww-M8G3WQhCK9xLOeRwhlEp-mbtjeJX9lPG6cb8ZndM_p97Asa9RDcV9AlUYjbRM56l5raV_Z6ucnh-k5yWPGdkwZuZLu73jMAQcbuw9OpfeB9WptTYXndnmY-TX0MEkpUWKHZD5u8hw8IHXPJJEPuTpiBnXzBzChv0z0SguqD-tc5JHHLYqhGccrqXg9R4Oe-VH-C6gDcOShfy6KE1M57KJcQay_jVK0_hPx2wcHDY-FKrBr42JxU56v7DXNNo4_HyaybZbWQhDEfkyfZ4-g8wGCguxj9B7pKRcPrNM7GOfdww8zC82pDGhIqIxYtcCxjIJiKBCbW3nSGKwB9VOsvXK_cp5gItkXFYCeh-bt1-IqDI-b9Wwa4bs_BRA3rLXS2pjEyTGHa7ziiwvLI1kpSR5cUHLidC5qEQEGfKHoQLaDKTY6QYfpnj1r_2zqAWVt0Bx8iz0VhkpyYEPLLSqrA_dPewqkuasFlLdxPJSQM-wTfVeHRMVbkvAypDtsKP_w0K4dQwU1YPhlrKXgwvrhTvHj3qbo0jIMWK8sICB9B5hfO_2ll_drYuM7vBUJIzOXqqnpIOPnCQJS8I11-hADuaMgY2c0yd9CD-agJAVC7schlI2M3pe5y1gEfEUTVhkyS-Mov2PQuRPm8NlE7HbxueMD2jXjQ7yI6NgNXz9dakHfWRTxXA0QA76qOoNOuCdchcA4M4BLgAiN0LT8617h2Qz0tOwu_zqXo7WcLO4jlSlTl67MUE8SyrJXWeDpTdIwp4kWfBa3kzLHDeUehxG-wkyGZKzVGE2Ewpome1iEDCn0UDOraTtsBO-4GMWogCuiVJ11CdgKJlx61-B4RmcFkirnnEc_2TkI8tWyjVRJKqzH1MWXwLH5s3FUbDbUSkeZDSIvt4guMAkC5ddVFVmufCuK08tktNGLgvF-KHMti7G_B1q6flJaEAy7jF29efV6xd9h7vVBnZpl61AHEHV76_LMUKVQlcs-JTZ74iIL-bn-ZLbgEW3--g3Y2sllIT8pUWsUEWrNUIIf3xU5MmdQoja_PVq7Yv9l_kynQlWBxda2EC6W8KRmitcL1GyomWwOFAm_K5AXOa_I9rp_FpdTPSkrp2IDSHDyAGDI_vkLMx0IWpX84hZrLfOrVW5yXs-gInKMEq8-XGi2UjVaF3Gjtuzeb0KPxt5JfPFyg-XR5GboOnBh9gqStdq7wNYg85OOpPZ3MBhihgl1lCHcfMgyB9QvzloC11xFLYTA2gi6G38I5NnSlAi0VtHxoQxJPvBEJUdVy6Ap33Pn-uVMYlNzxaKMzjag2X8NsUpblyUvtt_ylhXFzWbwEyL7hgogXAPih4MQ5ue2Ov3SDyOBpo2RExYfveMXgvHcXfdK6Qb8JZEu046OID6jAluHJDoa2_xdsN8fu6ua35hzbLGBgeV2p4Fk7rbZ-GA9dmAhhjALj1CDXtHoKC-ekRz8Xl32XIuokxJD07PGeQd4x9GoSO6JxI7Qfr_jKWOcfpGspFNGBofwNWPpoBrFQ3IBCVLm6vS9S9kFRRfAZ8IziY9MtsDueOWJFnl-fu3E4I3esdERB9-MVQS_-cY7tLOfJzChaNmw4WPtAJU5r82bOfayM7wrpeV3IxjggcztYGKmO7fSsvnAny3QCBoCM_NrC_hUSMnrzkezhHrmeviZ0IXnoVX2G-Im_w&cid=CAASJ-RoQfi-dMT1wgku-RYYCSg_e3MPKSIp9TXIjdt45-NnvW5R3vJ7Cw&rfl=1%2Chttps%253A%252F%252Fwww.gohabsgo.co%252F%240

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

194193cbea061ea811b02035c54d7cd1c08d5e45fdca2b9b1148fdac40f1928b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98D3 42 B
63 B 45ms
43ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CTXMNIS_UU7e-CCQngSe250GT0k7X4N9-2QuAC00zXU12LSU8k5qoteNCyGZAAHvMqyZrlYYFZg4QG4-WVtooNGO9cOux0TAYgoiHdFvX1X3zSQUk

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 98D3 3 KB
1 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:24:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 98D3 17 KB
7 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:20:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 98D3 0
0 41ms
39ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaw43MuALUJ5MxMk6jmsPyjFiJUTKwEXpvQ1NU2xeCoOP0jUq7scf5x7WUyegygWaNt98CHctQdAkeW5_og_QknvnbZw
Requested by: Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98D3 140 KB
44 KB 153ms
121ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:26:36 GMT

GET
H2 200 rssp9rr1r72855r0sqpnr35o178q1ns2-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 314 KB
315 KB 62ms
62ms XHR
video/mp2t 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/rssp9rr1r72855r0sqpnr35o178q1ns2-00001.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae4d5bd2c992f3e6d42699703b4334e7b091b781a853a201b60bbd285eba1735

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:37 GMT
via: 1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 321668
last-modified: Wed, 21 Sep 2022 17:07:07 GMT
server: AmazonS3
etag: "43b2e1a832ec3992a572577f03f96ca0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: oPKb4whnmvroQFhK9aCJC6t70mTfWUFVdFPNc9RPQlFLAaQnx_g4dw==

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 507D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&C=1

43 B
842 B

57ms
57ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRDm-U4Yv-zq0QEwAQ&v=APEucNXhFssUgSsBN_WTonHCqwE0iUz9H_sjHxooZf86e6FpyrYP5fafvDleqdizd2PnAjgzUKgoNTkOu2Fuit2fAMAqhSPSbA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74e481c0c92da1de-YYZ
pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDrk7WyT3yYkIY5uzE1C0C9OQbvcgw3zBn7TCE3FbBKK5IVkC6BoZI2HzxeNmC1XfJ4Gv%2BJ%2FumuED9FsSAXH1BmAbbtCStyvJQYQ55lyk2YQMkhZK2xIaeYZt1j18Iq%2Bhp9NB5VgAMD7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX6eMBv8rAIDRda%2F7AWFM2XAVT%2FUc99Ao4Wlec5lFElrHD9ALIcpqrc9Z5gj4a10waIxXUE8oyXDRFJcpfxqYNh38QK9GrmLS%2BJVLWxDuuQxjDXjePMctUDC08FlNVL0OMmyTciVcZULZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&C=1
cache-control: no-cache
cf-ray: 74e481c03b22a1e4-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 507D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YytJTBV1Rev.nXauz8wSRgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&google_hm=2

43 B
844 B

71ms
70ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRDm-U4Yv-zq0QEwAQ&v=APEucNXhFssUgSsBN_WTonHCqwE0iUz9H_sjHxooZf86e6FpyrYP5fafvDleqdizd2PnAjgzUKgoNTkOu2Fuit2fAMAqhSPSbA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74e481c20b42a1de-YYZ
pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCnE7nB71Q8xdt35xKN1rgsYF2BclsRxC97vAJIac9uyGxae5wZEb%2BkGH1m%2FIqyivEDNPmuFU89CDFKKM4zk%2BqlxYrjjtY1qiN3%2BQIzLVrA%2BPUaAhSuy5LoMNo97nraaduVa3Ug5slh%2BPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVf2anKOAiEXdYziMif9Ps&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 507D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECQBr9O6fRYB9rB47YWQd5U&google_cver=1

43 B
1018 B

46ms
21ms

Image
image/gif

68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECQBr9O6fRYB9rB47YWQd5U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRDm-U4Yv-zq0QEwAQ&v=APEucNXhFssUgSsBN_WTonHCqwE0iUz9H_sjHxooZf86e6FpyrYP5fafvDleqdizd2PnAjgzUKgoNTkOu2Fuit2fAMAqhSPSbA

Protocol

HTTP/1.1

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:36 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: ff262dad-5949-4904-b855-3b05aac2bca4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECQBr9O6fRYB9rB47YWQd5U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 507D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxOTgzOTg2NTE3MjI5NDYwMQ%3D%3D

170 B
188 B

38ms
37ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxOTgzOTg2NTE3MjI5NDYwMQ%3D%3D

Requested by

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:36 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 18fad984-850b-4897-a1c1-c4d32ef60081
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxOTgzOTg2NTE3MjI5NDYwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 25ms
24ms Ping
image/gif 18.208.240.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=eLyy2eVIKAdDuN1B&instance=214281844&version=7.8.0&age=220921&cmd=INV&key=1mCYXVMb&c_id=12872&seq=1&order=6&absoluteTime=2346.4&relativeTime=1620.2&alt=0&sC_ID=8619&sm_id=2251824&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&playerCfg=BR
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-240-0.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
142 B 59ms
58ms Ping
text/html 34.202.79.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=1mCYXVMb&ES_key=1mCYXVMb&ES_ID=33624&S_RKEY=i3UOGHhp74&USR_ID=214281844&ST_usrKey=eLyy2eVIKAdDuN1B&SM_ID=2251824&C_ID=12872&C_companyName=H%20and%20L%20Media&version=70080000&sC_ID=8619&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.gohabsgo.co/&REF=https://www.gohabsgo.co/&PLAYERWIDTH=400&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.79.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-79-131.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 17:26:36 GMT
cache-control: max-age=1
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 21 Sep 2022 17:26:03 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 98D3 170 KB
59 KB 63ms
21ms Script
text/javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
Origin: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 09:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 09:29:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 98D3 8 KB
3 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D72dbSxDv38lmp_How6BPVQH87AQlf_oz7uWEQinfiDukOY86eE9DKlxX2Hzg-21_mYEuRDiubUKjQHSGAc0EhP893JXnq8U06jVYSg-QHSkFSZT1kUVe5LivLB5TPyUIsJRCxPJ5SJQXEMj3sjZaEzxQszw&dbm_d=AKAmf-B0O8EIJkz9k68DElp1jv9msanSStaBNj8tl0eYghic1wuMDR4qeLnAZasHr2G2_vlDI-2ouE7JLEWsfwlKTVYPkWfroFOU-MrJ0_p5hPwE4ZbFZuxDQXWvT3VmSTY8j5-N4TIx5zmVBiV389TIz8c6W2iavV6XBmjMmrycRqUT8wZqujKjGxEaXPEbmWbihGSb2uVJL35OIZabP5ZQuuVStmRT5mTW-W2W1OF4DEs3jYJ8jiTBH91TfLmVbbUK1voHoqibWv1qKmYyJEIKrhRP3kQaM_rD27NrA8yWv59eI-sJGGcntl46pzOdzYzYM0PZgP15e3BMO9abChS1tBgD60QLW1XbihhV6DO-kMdV4k9ecT3cVtUUMWgz-Z8EXcBu4rPB6aftsC1MmK8PuXkorp5GM9p6RnUiYZYT9lnKM8vzZe08GeotDj8zCGbws9LKq_i5DdPXhWKRYTCFiOuEN_V22FTE-ygvmj_omk1lnVBVE4m8_A-1uKLyJ9vFA0KyT-0sqonarOANRoJpER5VEqTtrITPqIoZhK-0FaTvSbXg_M0RZiBZBAM6aZ79rCJtF43WbD7MmQpC_tIhpoFjODOXB4BRRe-bPJfVt6Soc1-mqOk7GJeb9gutXIpQ6djV8_GcK80yPqYq6-4fsQoZEfvyMiB0zDvzOFogabKZPfXO8Y35VQRnWZc6gUecyWGLuDQ7Paiw2YXmAIxSWj6k_loIbupuF1G54oKA82YcMRSiQOqZXZuUP1fKQ7KfacmUDpot1w0Np2VWUWvhgPZDblIPMtWmxYX0kNDW5bV9kN18ojiZTtVPhkc7XK5M8syrFvzIB5C-dhzl09LS-dHpzLGUgy0jTvPHCESNPK32Z6vmYj-7q26abUw8PZ2fDqUvPRml3Hh9PJSJvX088d86N8qPJMNvJm0cQWi-fn3OMEmA76xxi763WM9uIyeru22FmtbMBDwn8ADPIRmy7KLxr7PhWXyy010Kemh5kS4bWdXa5OvH8XbjaYsLoGc6brkEN3X8--1hxjT3D4FYqarakKUkuxnBIB6i2VZLXRTJWlBk7mnd0F6ptfU5Mh2tS8aF5MYHruPq7C0tIZVjNbdjQKvSLW8A9DSSVWbM649AROcxSYE--MJEptBwB-2oaPo2mMLR-bId1apkPcmmsFKeX6oOuFPJ-37-9nOMPX09kk4DkDd3Ykq2XKRr5FGQNA2kZ7O_ScCA5V-qxCfOVuVVKzBMc86T7SwCrnadQgMJE62InqUl94n2vbdaHcnz0Y6DNp77ZPdZQsQLk9hvHmBM54QvZhhEaMeoUHiDhSaxSWdCX_tdAUv9-kANy2SJH_ntPZylWhDBt4NdyeIn26xM7p5kG14BcNQ_OqCmE9fO-B1uiv64pDjltbrxSo3An-u09EikT9O0XRoaXAPuthjm9ViiVIEYHDgDJbSCXaFdWolrWoOHHPn-TZMbBUReDsk8Wi6_hI3SYtofKqT_I0YOjXJcZb6Xvugxvkg1R92m3OryRyE1TULTRHEF2BfcIRLww-M8G3WQhCK9xLOeRwhlEp-mbtjeJX9lPG6cb8ZndM_p97Asa9RDcV9AlUYjbRM56l5raV_Z6ucnh-k5yWPGdkwZuZLu73jMAQcbuw9OpfeB9WptTYXndnmY-TX0MEkpUWKHZD5u8hw8IHXPJJEPuTpiBnXzBzChv0z0SguqD-tc5JHHLYqhGccrqXg9R4Oe-VH-C6gDcOShfy6KE1M57KJcQay_jVK0_hPx2wcHDY-FKrBr42JxU56v7DXNNo4_HyaybZbWQhDEfkyfZ4-g8wGCguxj9B7pKRcPrNM7GOfdww8zC82pDGhIqIxYtcCxjIJiKBCbW3nSGKwB9VOsvXK_cp5gItkXFYCeh-bt1-IqDI-b9Wwa4bs_BRA3rLXS2pjEyTGHa7ziiwvLI1kpSR5cUHLidC5qEQEGfKHoQLaDKTY6QYfpnj1r_2zqAWVt0Bx8iz0VhkpyYEPLLSqrA_dPewqkuasFlLdxPJSQM-wTfVeHRMVbkvAypDtsKP_w0K4dQwU1YPhlrKXgwvrhTvHj3qbo0jIMWK8sICB9B5hfO_2ll_drYuM7vBUJIzOXqqnpIOPnCQJS8I11-hADuaMgY2c0yd9CD-agJAVC7schlI2M3pe5y1gEfEUTVhkyS-Mov2PQuRPm8NlE7HbxueMD2jXjQ7yI6NgNXz9dakHfWRTxXA0QA76qOoNOuCdchcA4M4BLgAiN0LT8617h2Qz0tOwu_zqXo7WcLO4jlSlTl67MUE8SyrJXWeDpTdIwp4kWfBa3kzLHDeUehxG-wkyGZKzVGE2Ewpome1iEDCn0UDOraTtsBO-4GMWogCuiVJ11CdgKJlx61-B4RmcFkirnnEc_2TkI8tWyjVRJKqzH1MWXwLH5s3FUbDbUSkeZDSIvt4guMAkC5ddVFVmufCuK08tktNGLgvF-KHMti7G_B1q6flJaEAy7jF29efV6xd9h7vVBnZpl61AHEHV76_LMUKVQlcs-JTZ74iIL-bn-ZLbgEW3--g3Y2sllIT8pUWsUEWrNUIIf3xU5MmdQoja_PVq7Yv9l_kynQlWBxda2EC6W8KRmitcL1GyomWwOFAm_K5AXOa_I9rp_FpdTPSkrp2IDSHDyAGDI_vkLMx0IWpX84hZrLfOrVW5yXs-gInKMEq8-XGi2UjVaF3Gjtuzeb0KPxt5JfPFyg-XR5GboOnBh9gqStdq7wNYg85OOpPZ3MBhihgl1lCHcfMgyB9QvzloC11xFLYTA2gi6G38I5NnSlAi0VtHxoQxJPvBEJUdVy6Ap33Pn-uVMYlNzxaKMzjag2X8NsUpblyUvtt_ylhXFzWbwEyL7hgogXAPih4MQ5ue2Ov3SDyOBpo2RExYfveMXgvHcXfdK6Qb8JZEu046OID6jAluHJDoa2_xdsN8fu6ua35hzbLGBgeV2p4Fk7rbZ-GA9dmAhhjALj1CDXtHoKC-ekRz8Xl32XIuokxJD07PGeQd4x9GoSO6JxI7Qfr_jKWOcfpGspFNGBofwNWPpoBrFQ3IBCVLm6vS9S9kFRRfAZ8IziY9MtsDueOWJFnl-fu3E4I3esdERB9-MVQS_-cY7tLOfJzChaNmw4WPtAJU5r82bOfayM7wrpeV3IxjggcztYGKmO7fSsvnAny3QCBoCM_NrC_hUSMnrzkezhHrmeviZ0IXnoVX2G-Im_w&cid=CAASJ-RoQfi-dMT1wgku-RYYCSg_e3MPKSIp9TXIjdt45-NnvW5R3vJ7Cw&rfl=1%2Chttps%253A%252F%252Fwww.gohabsgo.co%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:17:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 98D3 30 KB
11 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 17:17:03 GMT

GET
BLOB 200
OK d26ae895-a51d-41a1-be5f-29b1310e67bb
https://www.gohabsgo.co/ 93 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gohabsgo.co/d26ae895-a51d-41a1-be5f-29b1310e67bb
Requested by: Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 94924
Content-Type: text/javascript

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C00E 32 KB
5 KB 137ms
95ms XHR
text/xml 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fgohabsgo-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214281844-eLyy2eVIKAdDuN1B%26schain%3Dsendtonews.com%2Cu77xS6h91Ai4mByBcC_3vg%26content%3D8619%26placementType%3DPremium%26embed%3D1mCYXVMb%26domain%3Dgohabsgo.co%26player_size%3Dlarge%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00142%26rand%3D4%26us_privacy%3Dfalse&url=https%3A%2F%2Fwww.gohabsgo.co%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.gohabsgo.co%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=6C6B4013-3E4D-4EC5-86B8-C6D3472A0206&adk=2458199627&correlator=976306840814888&dlt=1663781194468&dt=1663781196815&ged=ve4_td3_tt1_pd3_la3000_er418.145.643.545_vi0.0.1200.1600_vp100_ts0_eb24171&idt=1413&is_amp=0&omid_p=Google1%2Fh.3.532.0&osd=2&ptt=20&scor=4329823131544079&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44750823%2C44754420%2C44760950%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.532.0&sdr=1&vconp=2&video_doc_id=2251824&vpa=auto&vpmute=1&nel=0&cnc=117014822&kfa=0&tfcd=0&ctv=0&cookie=ID%3D38412afc78c8276b%3AT%3D1663781195%3AS%3DALNI_MblCa7pMF9IyzZcR0zle5V8LOXsMg&gpic=UID%3D00000869770d080f%3AT%3D1663781195%3ART%3D1663781195%3AS%3DALNI_MYDorPQvgBo2r7PrEIDYakGVC5ZYQ

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e91a48af848815f4131b6e1fb18a5873281a6413dec2f19691cc182cb82539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5110
x-xss-protection: 0
google-lineitem-id: 4965960683,4909252477
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138260991709,138401840962
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame E348 36 KB
16 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:30 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C08 0
20 B 40ms
40ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoSCAEqDmltYWdlLXdpdGgtY3RhCgoIAioGc2VydmVyCioIBCombXlzaWRpYV9hbmFseXRpY3MsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRArIQAAAAAAAChAMAQKDRADIQAAmJmZaWJAMAQKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAuQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAAA7UQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAGhmZhZrQDAECg0QFCEAAAAAwNjUQDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAADAzM-NtQDAEEhpDUHZHaF9tenB2b0NGYk1nc3dBZG1zUUp4ZyIqaW1hZ2UvaW1hZ2VfdmlnbmV0dGVfdHJhbnNsdWNlbnRfdjJfbWVyZ2VkKCM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 98D3 41 KB
15 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 10:05:01 GMT

GET
DATA 200
OK truncated
/ Frame 98D3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6c27c262c987587f7ec48c8ab41e5c38b5d0ba1d039775ac109db893514bcd0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6171360345861390336/ Frame 4F84 9 KB
2 KB 75ms
34ms Document
text/html 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1458353fee7510cb367b6805469e450e1cc6dd6e9e9666ab0fe50e6d40f2b24c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1628
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:36 GMT
expires: Thu, 21 Sep 2023 17:26:36 GMT
last-modified: Mon, 11 Apr 2022 13:44:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 98D3 0
622 B 111ms
58ms Ping
image/gif 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstw3OPjLchhz0TTC-0Ui5yn1zqVNA1FLGczCHOx-37UJs6Tc--Q2u_MbMf8mDS4cyNRYLdce6wpYneJTjuIz-aXPyQmIC2aPATxGWoP_JzOlQOXqh4L8gmUIF2KQGTjUyV0ckoUgqK_ztEVj2SOfBLRBXu-mCPmxAcZuPs9IWHsI2hUJSU162W7E-QvoQw-gVi0xc1EEe_So48b5EA2ENyS8cgHajqJFTAKU8Co8ekrITc11WmEVDMK4MJODGHbyRUixqmwmx0r77eHDhjEhrlW-5THz56AFEdlrnjrC_FksuEI4T6NZYG2VsSB65aAoecVpkhvQC5fU4lToSdpB66m7q8fWBcis3qhnZbG-vfrN_3rHInNOhkkw1Fe6o3ze2nTWrNovEp2GcNpLf8MCRSgFIYW-79TylpN-3pn_lDNu6GP5Ui2xzPoqEb6OJ46LSPDk6foQjmgMIEvKxGpFLIN-SPs3dXmy0jjVS9Np4NEEiGpHQ_ViQIgXCV130zPWav9SPx29VAtip9UIinUDZRJBVH6DsWoVCbJBAI3ltHviMMMnEKzzDpohNQjfzE_UAT7YM2cB-CWO-jrKysgSbvrgrEecQWwrwMv-fR5_-SLUg5bTgbmT3T_Gfhxr0ZPnTjRukA8X6gYsRFY8NJrulDqepx9G2FPbaiH39QTsfqOfNEJvkMC2hlCZWVIB0S_T0mDNFOh0UWcJpXAtK_Jd729SVnS3KCoZBDF_rwtE31NT4mVJ2Kc8Lgaza2wfEn6tpO-tqCEhabm4T9byVWVmpLMQX0_ztoEr3gwP47M0HotoOKZHWQ9ALyeT0eRD5rgMj_bx8X8rNH3BTkq2EzNIUsq_kR4W15AYifP7OJqgcHfkXuGg_0P7-id0HqBve2cQHNq3QflgYbqQZIvm5m1s86grO7J0RzbgEj16yLBatxK_DeXPpGUPNLbyje-ITyfN0TStfMNLJyAXqP9L6Dkznf-WBu7-VoPQVyFHgDJi1vojIBUlNngp5bd9QkV3uYT5HEBGCGUSXQeoMJtlC_uOmrNYkl1S5sgJOWZH1lVUKVDeBsrC2SZ8-q0pn3ErzcKaOsm4IaJYicBr14lw6_pjEUagUBABc7AP5fuPsm3tTALjxhchuvRdDbzedEla45k_7gXO0lzhpaTzY1lp7DWTuSdBQlcA5AZnHQYgJVw0B0&sai=AMfl-YS0RBSAZrJbDIxIYRXHg779FN6rHNMv3VL-yw9Dk7AWQII98bHEUEN0MpcxS5FfX_000IskXGAAPVkojp0V8W_hcYI4q2sTml7fiHGFtDnVy4euJCwplgB4yHYhkULUmlJVnhPI2WaSSPg0khGLT_yCIqfWQLh0gNz7QhK4hGLU9wNETX9b__WPuAuv0sLRHfMJaC_1NJBh1nv37IMXgkL2D-nHEb4&sig=Cg0ArKJSzIXaei7fh6lPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=146&cbvp=1&cstd=138&cisv=r20220915.11171&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 21 Sep 2022 17:26:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3225 22 KB
8 KB 20ms
20ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 177084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 16:15:13 GMT
expires: Tue, 19 Sep 2023 16:15:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rssp9rr1r72855r0sqpnr35o178q1ns2.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 972 B
1 KB 41ms
41ms XHR
application/x-mpegurl 108.138.106.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/rssp9rr1r72855r0sqpnr35o178q1ns2.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-15.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a2f76eb37604b23e7cc93daaaba80d4e2d01be69a832580e9b3965c5d5b26e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:38 GMT
via: 1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 972
last-modified: Wed, 21 Sep 2022 17:07:17 GMT
server: AmazonS3
etag: "c938affa1c3a6eafd324b87a7c631ded"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Hr8LTAa778V3uHXYDe-4_na3neH84AbCQY4TxsDphc8UBw8y5BMTkQ==

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 4F84 118 KB
40 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 07:12:18 GMT

GET
H3 200 gsap_3.8.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4F84 62 KB
25 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.8.0_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25068
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 20:06:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Sep 2022 17:26:37 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C00E 156 B
142 B 299ms
299ms XHR
text/xml 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x360&iu=%2F7326%2C22597733940%2Fen.sendtonews_nhl.web&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.gohabsgo.co%2F&description_url=https%3A%2F%2Fwww.sendtonews.com%2F&cust_params=stn_sport%3D%5Bsport_go_here%5D%26stn_site%3Dgohabsgo.co&correlator=976306840814888&vconp=2&vpa=auto&vpmute=1&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=false&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&sid=6C6B4013-3E4D-4EC5-86B8-C6D3472A0206&nel=0&eid=44748969%2C44750823%2C44754420%2C44760950%2C44765701&dlt=1663781194468&idt=1413&dt=1663781197105&cookie=ID%3D38412afc78c8276b%3AT%3D1663781195%3AS%3DALNI_MblCa7pMF9IyzZcR0zle5V8LOXsMg&gpic=UID%3D00000869770d080f%3AT%3D1663781195%3ART%3D1663781195%3AS%3DALNI_MYDorPQvgBo2r7PrEIDYakGVC5ZYQ&scor=4329823131544079&fbidx=-1&ged=ve4_td3_tt1_pd3_la3000_er418.145.643.545_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3225 36 KB
16 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 98D3 0
26 B 88ms
47ms Ping
image/gif 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstw3OPjLchhz0TTC-0Ui5yn1zqVNA1FLGczCHOx-37UJs6Tc--Q2u_MbMf8mDS4cyNRYLdce6wpYneJTjuIz-aXPyQmIC2aPATxGWoP_JzOlQOXqh4L8gmUIF2KQGTjUyV0ckoUgqK_ztEVj2SOfBLRBXu-mCPmxAcZuPs9IWHsI2hUJSU162W7E-QvoQw-gVi0xc1EEe_So48b5EA2ENyS8cgHajqJFTAKU8Co8ekrITc11WmEVDMK4MJODGHbyRUixqmwmx0r77eHDhjEhrlW-5THz56AFEdlrnjrC_FksuEI4T6NZYG2VsSB65aAoecVpkhvQC5fU4lToSdpB66m7q8fWBcis3qhnZbG-vfrN_3rHInNOhkkw1Fe6o3ze2nTWrNovEp2GcNpLf8MCRSgFIYW-79TylpN-3pn_lDNu6GP5Ui2xzPoqEb6OJ46LSPDk6foQjmgMIEvKxGpFLIN-SPs3dXmy0jjVS9Np4NEEiGpHQ_ViQIgXCV130zPWav9SPx29VAtip9UIinUDZRJBVH6DsWoVCbJBAI3ltHviMMMnEKzzDpohNQjfzE_UAT7YM2cB-CWO-jrKysgSbvrgrEecQWwrwMv-fR5_-SLUg5bTgbmT3T_Gfhxr0ZPnTjRukA8X6gYsRFY8NJrulDqepx9G2FPbaiH39QTsfqOfNEJvkMC2hlCZWVIB0S_T0mDNFOh0UWcJpXAtK_Jd729SVnS3KCoZBDF_rwtE31NT4mVJ2Kc8Lgaza2wfEn6tpO-tqCEhabm4T9byVWVmpLMQX0_ztoEr3gwP47M0HotoOKZHWQ9ALyeT0eRD5rgMj_bx8X8rNH3BTkq2EzNIUsq_kR4W15AYifP7OJqgcHfkXuGg_0P7-id0HqBve2cQHNq3QflgYbqQZIvm5m1s86grO7J0RzbgEj16yLBatxK_DeXPpGUPNLbyje-ITyfN0TStfMNLJyAXqP9L6Dkznf-WBu7-VoPQVyFHgDJi1vojIBUlNngp5bd9QkV3uYT5HEBGCGUSXQeoMJtlC_uOmrNYkl1S5sgJOWZH1lVUKVDeBsrC2SZ8-q0pn3ErzcKaOsm4IaJYicBr14lw6_pjEUagUBABc7AP5fuPsm3tTALjxhchuvRdDbzedEla45k_7gXO0lzhpaTzY1lp7DWTuSdBQlcA5AZnHQYgJVw0B0&sai=AMfl-YS0RBSAZrJbDIxIYRXHg779FN6rHNMv3VL-yw9Dk7AWQII98bHEUEN0MpcxS5FfX_000IskXGAAPVkojp0V8W_hcYI4q2sTml7fiHGFtDnVy4euJCwplgB4yHYhkULUmlJVnhPI2WaSSPg0khGLT_yCIqfWQLh0gNz7QhK4hGLU9wNETX9b__WPuAuv0sLRHfMJaC_1NJBh1nv37IMXgkL2D-nHEb4&sig=Cg0ArKJSzIXaei7fh6lPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=409&vt=11&dtpt=263&dett=3&cstd=138&cisv=r20220915.11171&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 99ms
43ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220915&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2a46bdc1e4e8525df073026bc0fc803a42a84a62b4841e7e8f6f17f90756371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11363
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E3CE 42 B
64 B 54ms
52ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBoIYo8rP96dnOau8a8OonvVvLrmGYDUj22igpDxnyNsxK8d3daHK9GX5qZoObUaoEj-meAg--f-L7i6m4k7PwAOhNXpKb42ORp7OHww6GZ2k9lNEQrV7qbOoaavuIsQhpPvVdz1Xu0RiIfGbg-_tgaMjdqv1QcIAWNgy5GBbu88Vxuls9M5yzlZi9GhTmzIosYUiy4z5yyxrEds3jd9XkxUtXrFEeAlqo0GPpFVzV24yPxDhwop2amnxar53i29gu8Hkto7hiQ7gl64BSNKR6GDALvofuYBimpWAoj4VSDz9rTd5qlGLnwSsos-yWByftPlKs3QT7aaduS2sva9cYuAgTYEdal0JlA5Q_ixfZAkfYKbxLVJUgCjnaBxUN0tR-GLXPOztmNJA4RGNtfyp6D_3jV_e_UV4ZlSP5o2C7haABeWZ4xoSrzCusUwIsaXD77M2UponzEfm9ppkDeXTzrx1xg7jvjR5JvyV3AwYucZNT6lvZ56q7fU8qDnl4epaxomu0ICZccORU1PMb8oR2y2S11hoc0kF6FhI0xg-kclUr71ikExJHlpdzY8RDnRE0qxDmNOYK3h7uCeRQ6LmOljySQfNhCd-lEX2AXtJ8r8AhdH6Njrs_gRRp3aZegT_6nWvaq_o98umeAFsXHfjVcDLCBJEq80-0HAJMGmoQD3WHK-d3h3Vjq7DAxNXsgOdXCuOotpse9w0Wrec8N46kbDPCNBoVyUcREwoi97bAzhLKwBCSD64NApAdqv5mKQNAGjK3cRLurflyabq0Yh-G3cz_zNNJlBWAPA6eSjPj6EB4wQVr0LrYg0j9QEhBwCDdyd7U1daXrzZm5uYRApZloSgDZv2LNjaEy7XafIB51JBHmUh6r-sd5-x72sivhyPhruI57qdRB-9a2qRIFUGNE6xI24qdssvHA0wBVCcTvBKhkEzC1lcOYlPEFwLY5S6fqLxUg2Kovf8ms8GoikGMQUvWKkHnOVBpqoGLghEk7_a0C8SP4TwvW2pcysJY&sai=AMfl-YTnkE0ngdxxYLxDBd_pm8VDB5_o9kZvjiO9_Y_gHep7H3kZaPkLsX4B1AIwjp6P56en6Nx5I01T6EmaGxr_hE7ce18W3OUMdbrdJsD8V0qBN7PtT2uANgrZgB3ceObfvCtiKNWIMC0&sig=Cg0ArKJSzIPj7Z2GjN98EAE&cid=CAASFeRom7mRNC93q4Q0nf6jgE5BrQTsrw&id=ampim&o=1100,383&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1020&mtos=0,0,1020,1020,1020&tos=0,0,1020,0,0&tfs=311&tls=1331&g=100&h=100&tt=1331&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6171360345861390336/ Frame 4F84 2 KB
720 B 22ms
21ms Stylesheet
text/css 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6171360345861390336/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4085a45ae6b7aa4643fd5cecb3cd37117a0d90c187b84cabb1db0903422b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 691
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 18:38:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4F84 7 KB
6 KB 40ms
39ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83daa68ea0ce27a96e826f54554e15caec6a9b119c652b345059f7190d0e019b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0

GET
H3 200 controller.js Show response
s0.2mdn.net/sadbundle/6171360345861390336/ Frame 4F84 6 KB
1 KB 20ms
20ms Script
application/x-javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6171360345861390336/controller.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c477fc15d9cc9fec40806831ec9560947ba3dbe766e980903e0359a278b6798f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1279
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 18:38:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:26:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F84 17 KB
6 KB 70ms
69ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:26:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3225 0
20 B 43ms
42ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By_iVTEkrY725KcTwzgXFnr3oDgAAAAA4AeAEAg&bg=!ZWalZiLNAAZqQh0mSkI7ACkAdvg8WrPg_dsFdUU-357GKFDkqSR1IgXq9My-uqxopatqkaK9Umg76AIAAAC_UgAAAAJoAQeZAudWRZ6c65bV9O6tAFm-3rjek_Y6vk-EGkKPij9pdx1hUzGk20vFZY55naa3eRWDNJrIytSl-6lmCBqRASW9TzSVf6oTAQM8j_KRcwf6f13X20zoIA58FsCbluEsxm23tnKNIQyJC5dbiPIEXhgA3sunf1SiPJW0YcTvU0eOLazfyn2XnaQlHSMs8kpdjAxb3Xxud_U44hu2gF0QxOaQkBV6gGs3zHrvXsYTty0BegntdeIJeTdGH18h-aUJmJ0RMm6ZBRAMsCGMPqndkzWyFFTTC0TMEIcthknTd0j5FxOasH8lKoPkGwdbMY2N57iyntXSBDdRl9WZ8BWzjkN72iHrSyVP1QI3X9hokSee5VTJhpxIBf-BIY9_nFi8PDoDkeoaGXM6HCyueDYdiRLFp1W0vMGfVoSonYGyUfjA4L2wXmxyG3KZuT-Tf5Ji5ggL57VbBWBOY-vpoLTc-jtrIPgYWOpa9QBn5JTo79yVOdizNn9ylR-2kCVwL6LR3Y69z62LH-PPLbCjqN34f9czmOpmMMQXauME2j6z-zWhBu2rhOUQbmC6fLCXn2ivuFygWfP6J5nfaK_T0MAkyUmYUbrC162TsQKNnDpSmD6y1KaLdZteeoUACMbDwMttG0iHBm_XVdTSh6l2yRF8gpd6yQyzQuUODXwZC_VPfrUpNMC_a5mHKKutWqlxNY42dhPg6FlhlecDASR0sEG2BCw3poZ9jZIR4B36r3LDx7dhcK0YaPGmMJcT7rZN1gi55n0MV99cMlG7QC03k9vbg0wRRHAErxIGdPIMHi-GNGNvTfnmrMhM1FacZ0qeeg2ROpiVxfsFJECDr66SKUsWGV9EkqNjl1VYhjdhbRlO2GJpAAAS82uMahosxDBgYzgVYRjb5VlxnXOeckgifJiaSCUQPLV5z4UiytHaakMrw3Njp0NttRAVVHUUpgbYx_TP4VQGXwSVzTkPeXCzqYwRXjhpAmGaPKk7S_vG0g

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 feed.js Show response
s0.2mdn.net/sadbundle/6171360345861390336/ Frame 4F84 37 KB
3 KB 21ms
20ms Script
application/x-javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6171360345861390336/feed.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

675f4d908f222badbf05a406b41c8d9091187f0a83bdcf3455281e519fd6a20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3390
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 18:38:52 GMT

GET
DATA 200
OK truncated
/ Frame C00E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame C00E 42 B
64 B 38ms
38ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BbLaoTEkrY_DQNpuDjvQPpN2NCMil-fdFAAAAEAEg0b23PTgBWN2d_YeDBGD96KKB8AOyAQ93d3cuZ29oYWJzZ28uY2-6AQs0ODB4MjcwX3htbMgBBdoBGGh0dHBzOi8vd3d3LmdvaGFic2dvLmNvL5gCn7UBwAIC4AIA6gIaLzkyMDU2MjgxL2dvaGFic2dvLXByZW1pdW34AvLRHpAD4AOYA4wGqAMB0ASQTuAEAdIFBhDrl_q_EpAGAaAGJKgHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4AcB0ggPCIBhEAEYHTICigI6AoBA2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=llQYDPjoIkk&label=videoplayfailed303&sdkv=h.3.532.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjQ5NjU5NjA2ODNA7gFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 643699 Show response
vid.springserve.com/vast/ Frame C00E 9 KB
2 KB 87ms
28ms XHR
application/xml 34.232.126.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/643699?url=https://www.gohabsgo.co/&cb=1049344558&desc=Holland+says+Virtanen+%27has+a+short+window+to+impress%27+during+pro+tryout&ic=IAB17&ap=0&vid=2251824&did=&r=4&keyword=hockey,nhl&content=8619&w=400&h=227&bid=&adunitid=22673351270&play_code=2008&player_size=large&level1=sports&level2=hockey&player_type=barker&owner=rogers_nhl&ad_rule=0&schain=1.0,1!sendtonews.com,u77xS6h91Ai4mByBcC_3vg,1,,,&ad_key=&stn_domain=gohabsgo.co&iris_context=&iris_id=&conde_nast_contentid=&gdpr=&consent=&us_privacy=false&coppa=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.126.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-126-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 175713c8d9a3b8ea9507cccc2e39155844116dd7bb02c1f0c81adb25027c422c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Wed, 21 Sep 2022 17:26:37 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H3 200 60005477_20220404223702693_Frame1.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 386 KB
386 KB 22ms
22ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220404223702693_Frame1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c54f1a6b6e9e7ef98b5791a649e30e4c0aba0add76d6c38377fabc0838dd5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 22:41:07 GMT
x-content-type-options: nosniff
age: 67530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 395347
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 05:37:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Sep 2022 22:41:07 GMT

GET
H3 200 blank.png
s0.2mdn.net/ads/richmedia/studio/pv2/64676957/dirty/ Frame 4F84 176 B
202 B 56ms
52ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/64676957/dirty/blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8fadfdebcc65982f3ec100c3ef0c3e23f0ebe1c2475b075875afd9f44e352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 10:04:52 GMT
x-content-type-options: nosniff
age: 26505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 176
x-xss-protection: 0
last-modified: Wed, 28 Feb 2018 18:15:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 10:04:52 GMT

GET
H3 200 60005477_20220318221944290_LogoWhite.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 3 KB
3 KB 64ms
60ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220318221944290_LogoWhite.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b301f7f15d1d29d7d124cb30e579935adfbdafbf369b3ecd7ef574f4ced3ed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:50 GMT
x-content-type-options: nosniff
age: 6587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3082
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 05:19:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 15:36:50 GMT

GET
H3 200 60005477_20220404223705883_Frame2.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 190 KB
190 KB 56ms
53ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220404223705883_Frame2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d701bfd79e049012fe13ef4ec06667c4067e3702879ab71a3ee9c062626229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:03:35 GMT
x-content-type-options: nosniff
age: 4982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194425
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 05:37:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 16:03:35 GMT

GET
H3 200 60005477_20220404223708885_Frame3.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 144 KB
144 KB 60ms
57ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220404223708885_Frame3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d47d909aef41c0b5d1b881d10c20f0519e17ceb462a64cb520d517af76765d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 22:41:07 GMT
x-content-type-options: nosniff
age: 67530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147051
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 05:37:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Sep 2022 22:41:07 GMT

GET
H3 200 60005477_20220404223757325_Frame4.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 299 KB
299 KB 64ms
60ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220404223757325_Frame4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bb6d09453b6cce0600524f9c2a04f27d00fb27314e4846d8bfeffadbe2c4db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:40:40 GMT
x-content-type-options: nosniff
age: 20757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306516
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 05:37:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 11:40:40 GMT

GET
H3 200 60005477_20220404223835684_Frame5EZ.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 1 MB
1 MB 67ms
63ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220404223835684_Frame5EZ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af261be68803c5616f1c52c0ace0a87654ca80815d36b8716cfd625698393547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 12:32:49 GMT
x-content-type-options: nosniff
age: 17628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1302395
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 05:38:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 12:32:49 GMT

GET
H3 200 60005477_20220406100124617_EyeCatchFrame5EZ.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 23 KB
23 KB 68ms
64ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220406100124617_EyeCatchFrame5EZ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

970a6da993b9c2a98460ba4436b44ed943b5df2f008c54ed77800fbbe6449f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 12:32:49 GMT
x-content-type-options: nosniff
age: 17628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23487
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 12:32:49 GMT

GET
H3 200 60005477_20220318221940467_LogoBlue.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame 4F84 3 KB
3 KB 69ms
66ms Image
image/png 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20220318221940467_LogoBlue.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208756ec43c2fd4161fcc49e6f9225b37813a36d48ced6b4c2452a47f56933fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:12:10 GMT
x-content-type-options: nosniff
age: 4467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3087
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 05:19:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 16:12:10 GMT

GET
H3 200 HyundaiSansText-Regular.woff2
s0.2mdn.net/sadbundle/6171360345861390336/ Frame 4F84 54 KB
54 KB 32ms
29ms Font
font/woff2 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6171360345861390336/HyundaiSansText-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:38:52 GMT
x-content-type-options: nosniff
age: 254865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55536
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 18:38:52 GMT

GET
H3 200 HyundaiSansHead-Medium.woff2
s0.2mdn.net/sadbundle/6171360345861390336/ Frame 4F84 53 KB
53 KB 28ms
25ms Font
font/woff2 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6171360345861390336/HyundaiSansHead-Medium.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6171360345861390336/index.html?e=69&leftOffset=0&topOffset=0&c=hWBcgppTlu&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:38:52 GMT
x-content-type-options: nosniff
age: 254865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54212
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 18:38:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CDA 42 B
64 B 54ms
53ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6c2uyA0OrL-zO0ixFkZwnbYhHVFYvY3fAhsmZcshf-xS4NgcB5paC8-lj5gF3Me7CEzRwZOdvDL_9yFIkGTuO8T1LuUhKnol1LLsjw4c18zOPaOh02Mki1PCl7AwnXtLrIRh8eanxclGOtYOEnPMjySVAqQyWO3y5W8beoYvnI99tjh_4Gf9TVRSpypJPSbS0gyQpKleuhFeOckFDg5YnV41TvMDgO-rRWZm1bXVoetndMeBWTMhYMGn2SM1dhmWOU2xhHPfBogdGkPQ_cWG8V6le-hCrc-4X6khq_QezcR8O85L-zQunVCUpGgk74r6hdnsfVu4p_Gr3am91m4sgMd5A_W86qOluMtTR2K5Bkkr19FYFkN5EbC_gZ4dP50zgaLaihaIOQ6xhhbah4PojcvNWxIVjhF34AgT8dsAKXBvY-vp0uw5B_wViPyc_xGUJoCxoGLvBSXbwoLYMmrSAfFKyWsEBuOBPuROaElVWiODm2jFiNPFBDwcujQVyk1IL6RdOEACoO-YxK8w1E7xGtk110NmDd6gI4i7UNNLfYSoSwfQYT4wInZzLZgnG3dRCWWzsCSiBk4d6c9FKPSom8Y24e2fLMuTV5XuXbxsdQi_XyEgFY3KLNZ6Q350_1p1PEl2k7rCoW7ZxV8s_x0vkVgeplp0NSAILETvbSHFQmJaBWVMnuoTtZK4acA6JglkpGhrwjhas5iJ7QYIzCnPcTV8QoHeZZKDuDz5IA59sfGqnE4DavemKBIbCbQ3drqj9yR4Uo78ZD0-29wu-3MoMgMVULknwOIFIxgIKAQc-4Q4YPQsqzze_mrny7ry6UN3tqN7fxoZhq5w0ByP_l5q55W2_DgkRg5M1HZnuUEmaQI6rxUXIjReN4yp0LL1ygsZzhZRi3tqCi7t3nlEYO2lwvbL-TnwVURorvZqQyxHRn_HmVXOyCR4g7tmjjPRe2DMtAYgExGZ9JyZLU0rvWiZqCB8akUlsrr4hsSShyZrwIB9s2Y5PJg&sai=AMfl-YSjk0Mw2IrStIxkU2B_BUiF76C-oK1f1mhft22NInK4NK59s7r2qa6mIeKKxq06RwGvo_z3s5MzkdgYg7SOkEA4zgVTIa5r1agq-_CrWRpLV8Xdn1qpyL7mnyGnNt_9ceMRAG_5qura&sig=Cg0ArKJSzHovzj4XuB0IEAE&cid=CAASFeRoRf_dHF3KtRToJ1jIx6MELLDC3w&id=lidar2&mcvt=1023&p=975,425,1225,725&mtos=0,1023,1023,1023,1023&tos=0,1023,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=2&adk=2759967084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663781195933&rpt=527&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F14 13 KB
5 KB 22ms
21ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 199293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:05:04 GMT
expires: Tue, 19 Sep 2023 10:05:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D0C1 783 B
535 B 41ms
40ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

185f141b3e45aaf48606d1037111a10b57cc2408aa36d8fd28433ed0a4fdb0e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BCA7_MnLATVnJcb0G9BQ_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-BCA7_MnLATVnJcb0G9BQ_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:26:37 GMT
expires: Wed, 21 Sep 2022 17:26:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3662 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:30 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C00E 0
327 B 153ms
53ms Ping
image/gif 2607:f8b0:4003:c3c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8bwd6wv&c=8704912649666&slotId=4352456324833&qqid=CPCm5vmzpvoCFZuBgwgdpG4DAQ&gqid=TEkrY_LqNYavngSO1ayQBA&fb=ima_html5-lima&sdkv=h.3.532.0&ppt=stnvideo%2Fplayer&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&ghmsh_eids=44748969%2C44750823%2C44754420%2C44760950%2C44765701&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c3c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame C00E 42 B
64 B 40ms
39ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BIJ7ITEkrY42KOJuDjvQPpN2NCKCJye1FAAAAEAEg0b23PTgBWML-kcuDBGD96KKB8AOyAQ93d3cuZ29oYWJzZ28uY2-6AQs0ODB4MjcwX3htbMgBBdoBGGh0dHBzOi8vd3d3LmdvaGFic2dvLmNvL5gC3FDAAgLgAgDqAhovOTIwNTYyODEvZ29oYWJzZ28tcHJlbWl1bfgC8tEekAPgA5gDjAaoAwHgBAHSBQYQ_f70pBKQBgGgBiSoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHAdIIDwiAYRABGB0yAooCOgKAQNgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=jmogD1dBC0k&label=video_ad_loaded&sdkv=h.3.532.0&vci=[CREATIVE_PLAYBACK]

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C00E 0
26 B 39ms
38ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZhwGhkSL7ZyrIjDIP5m-F9ZpzEok2CUYHq4d-0WFkBEDhnJjGpR7hRJ7SB46wkDYlxi0vmCWSs7yOteW_Xuu3esGJLFf_se6K_ddyqu1E0_1pTmCD6uJ4wkXZnnHXsZ9yORopNAZi6YljHByfkCxAh-Y0_j23IC3JDqT_wSoTPEFDqOxbje4uU5xN3vb6EOQ0FCqVybd8alLfBfNLHTKbHPx0V7eSYXspk7e3FVjFDjw7bWcwRE9qYkhY8Vk9-__F6HQONnKq0ylklXQUXac7-MJarK-x-MTsDYK934gbZqVy_TqelcWPrhe9GVe2wJRBYkoUykfgMAs&sai=AMfl-YS1-6TVmwidfWF64ni1GyFQ8IROyGS92kIPmreDCD-kge-YsC3WDosqe5CZwohhdqgIRq5e4hWOmOHzuRyhjmUFLljtQvhienmyhuSz3RYBCxpKHlwl1N9XbZEEpA&sig=Cg0ArKJSzI3fqjSrUE7GEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.532.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjQ5MDkyNTI0NzcyDDEzODQwMTg0MDk2MkDuAQpPCAESE3ZpZC5zcHJpbmdzZXJ2ZS5jb20aC1NwcmluZ1NlcnZlIAMqBVZQQUlEQIEBUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D1A9 52 KB
18 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56486ad961dd0d7efd7756d4f271434b71ef350a51e561f26127bce35288b7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18731
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 16:09:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:28:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0C1 0
0 38ms
37ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220915&jk=1977519249656956&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F14 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:30 GMT

GET
H2 200 vpaid_6d8da985.js Show response
vpaid.springserve.com/production/ Frame D1A9 506 KB
88 KB 131ms
27ms Script
application/javascript 2600:9000:2501:b600:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2501:b600:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:06:03 GMT
content-encoding: br
last-modified: Thu, 28 Jul 2022 16:39:44 GMT
server: AmazonS3
age: 642035
etag: W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: IAD55-P5
x-amz-cf-id: RiEMufN3EiH6CHeEwabRTQ4CoUe1dRjIAwBXfr1hX6muf9_kjeLuDQ==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98D3 42 B
64 B 47ms
46ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1r1GsGxV1sOERB9EuVSWe14FxaYbCOkmFzmCrKViTmHpQThG-bpZy5ecNLLuiXAslcOsxxxgI7S_gOQFVGLsn7D4X1u-HvoZU2pDAbkXVHKAsBnxEjMcri7Xqny9aiQVQVclM&sai=AMfl-YT09thtIwiuGHqNuxiH4g8BQP6r0WVBs41bQ0y3D8aTs6apE4zPrUfcsDmDHoVIYp7oRcMFUHc_oBIRzF4AjqvUSTYYrhNQ00io-J8tko3S6lKQ03tRf75i2n-sqIE&sig=Cg0ArKJSzHpicFrbDjJyEAE&cid=CAASJ-RoQfi-dMT1wgku-RYYCSg_e3MPKSIp9TXIjdt45-NnvW5R3vJ7Cw&id=lidar2&mcvt=1012&p=10,315,260,1285&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=527246759&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663781196495&rpt=410&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame D1A9 1 KB
654 B 37ms
36ms XHR
text/xml 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2FSTN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26ndfp%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill&type=all

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53d20ef574eb05e7150a7d34825840bd14e0340f15fad92d74df344d3df7fcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.gohabsgo.co
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 626
x-xss-protection: 0

POST
H2 204 229636 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame D1A9 0
951 B 320ms
320ms XHR
application/json 192.35.249.142
SPOTX-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/229636?src_sys=springserve-cs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Sep 2022 17:26:38 GMT
x-spotx-timing-transform: 0.006836
x-spotx-timing-spotmarket: 0.116894
x-spotx-timing-page-require: 0.006718
x-fe: 089
x-spotx-timing-page-misc: 0.018972
x-spotx-timing-page-cookie: 0.000044
x-spotx-timing-page: 0.159197
pragma: no-cache
x-spotx-timing-page-context: 0.002507
last-modified: Wed, 21 Sep 2022 17:26:38 GMT
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary: 0.116894
access-control-allow-methods: POST, GET, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.gohabsgo.co
x-spotx-timing-page-exception: 0.000000
x-spotx-timing-spotmarket-secondary: 0.000000
x-spotx-timing-page-uri: 0.000022
x-spotx-timing-page-mux: 0.007204
access-control-allow-headers
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 cygnus Show response
as-sec.casalemedia.com/ Frame D1A9 58 B
557 B 83ms
61ms Script
text/javascript 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?fn=indexResponse8812f10557&v=8.8&s=305079&r=%7B%22id%22%3A%228812f10557%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gohabsgo.co%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.gohabsgo.co%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A227%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A7%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22u77xS6h91Ai4mByBcC_3vg%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%22false%22%7D%7D%7D
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30accff26cbd0b07f77feba3268bf9aa1661b875e052d14cab9cd360589625ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn9wM37TqY0lgilaPuwj3gPdIyA8anVDNJnDXCd4hfbK39MSr7L1rASmUOgWiB4UtnJg0UoQzAR%2FIr0gZdy2je6bsyuZ3r%2B73dHaF7MuOfd4I1%2FxKvY%2F7TxdEbVVD%2F8qw38V%2BkQU5fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache
cf-ray: 74e481c7b9e8a214-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame D1A9 0
60 B 53ms
53ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gohabsgo.co
date: Wed, 21 Sep 2022 17:26:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D1A9 159 B
1007 B 36ms
36ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b3617223ea8adbb874d9fadcde91390d2340716c88dbb98b3f93b00701ec8172

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:38 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 63fc9792-154f-48c4-840e-5a9b39f77448
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gohabsgo.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame D1A9 1 KB
658 B 95ms
95ms XHR
text/xml 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2C6686%2FSTN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26ndfp%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill&type=all

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e220a59a1a24f1bcd1e89a7065c5a66940dfde8cdb377de6cb949bf8597d01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.gohabsgo.co
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 630
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F14 0
12 B 22ms
21ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6BEWig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BE10 44 KB
16 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26ndfp%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp

Requested by

Host: www.gohabsgo.co
URL: https://www.gohabsgo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03c998934375ba1e78f0df86ce497a279b443dbe3c591f811e516a7ab4aceae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16256
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 16:09:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:41:38 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BE10 378 KB
126 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26ndfp%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9b92b474abd6c41079a19e23fea79f0279dd70e3007c47e7773b9d3e7ca4f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128888
x-xss-protection: 0
expires: Wed, 21 Sep 2022 17:26:38 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE10 0
20 B 38ms
38ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.06461117834812846&wt=1663781198112&sdkv=h.3.532.0&xai=undefined&url=2,https%3A%2F%2Fwww.gohabsgo.co%2F$0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 17:26:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.532.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 83FC 638 KB
207 KB 22ms
21ms Document
text/html 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 112054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211807
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 10:19:04 GMT
expires: Wed, 20 Sep 2023 10:19:04 GMT
last-modified: Tue, 20 Sep 2022 10:12:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BE10 44 KB
16 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Sep 2022 17:26:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BE10 107 B
122 B 46ms
46ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gohabsgo.co

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7DA8 37 KB
13 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12926
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 21:40:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 21 Sep 2022 17:27:33 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 83FC 156 B
142 B 511ms
510ms XHR
text/xml 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2FSTN_6_Audience_extension&description_url=https%3A%2F%2Fwww.gohabsgo.co%2F&url=https%3A%2F%2Fwww.gohabsgo.co%2F&tfcd=0&npa=0&sz=480x270&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1824297659710898&ord=1663781197494&ndfp=1&cmsid=2460952&vid=2251824&cust_params=play_code%3D2008%26domain%3Dgohabsgo.co%26content_cid%3D8619%26excl_cat%3Dstn_backfill&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.532.0%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2526868894&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&sid=00480F57-96AC-4E26-8802-82619B95986C&nel=0&eid=44740340%2C44748969%2C44754420%2C44760950%2C44765701&dlt=1663781198061&idt=294&dt=1663781198410&cookie=ID%3D2e784b56e4403169-225063a343d7004c%3AT%3D1663781195%3AS%3DALNI_Ma9gpRVLS2jivjAgQspFJgiJRvjsQ&gpic=UID%3D0000086976ea0a90%3AT%3D1663781195%3ART%3D1663781195%3AS%3DALNI_MYctYq4J7ZYLH3A0_gTlGIVOnpJlA&scor=119250831523007&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
41ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220915&jk=1977519249656956&bg=!sbKlsvbNAAZqQh0mSkI7ACkAdvg8WsOn5bguqbeKrLtecX2o7eCtQrgaNAmqzhqyTOHoHkDMfkdG6AIAAAEGUgAAAAJoAQcKABFvN7i60p8VoMFoGwdUHlonJpkCsad5gM1fxGNcQ2kOKlKRvmlimPu5hUmh9x_QIbI-E3jI2m1LtxcQM_4QyKycDicOxadZ3tqEEtdosyIH5i8Lft8c7o6UD8MWs2iO1c4kHq8QcN_rpQg8_reXcrtwkEey2JDu5coVCThV7Aa6J5uIqB7RsNraNkX6DDNnbrOtc_fTUVOdc5FDZSGO7hZZVyRINaYf64aZKD75Oac_yV877AWC2LVqV459d7S8OOg6AhmTu4Zgz2a5sPilji0X-UhptoHTc-9c2v-2JrUznvryBf1hgPSU3YOCgGk1b2PCJgtfrCUdvB1ifOx0kroSRjATtQXjPs0NThfKS7wmy3YaaPZdudG51iALetsXJk3Jx_vtqq4yJpSICHJJ6wX-bGCU3Pht33hMhlwkihIqfdMCSTFYO8TiwLyLyJ9_lGihnMseDpfSx6T2EmvaB64-_E-jQAWRgeqLNWaafFVWTG6VLXCxUVFl-ascEhZTPtWRJclIm8Zuw0hD0mgvz6iaC8zJ5X7nWi2s13iFRKW02TgO0qgb7qqBrOwydQ8-zs_cDGkgqxOE5QIZ_yu047F_B0VuB97g8Io500oCF60Tg_98LALqi9h7qraHylHliN21DVIw5x-T1LLYDc9pAxLtprziAmom5rL5b0p_g_8VIa3lwHPj_mU_u92sxUgxLHCjffiSEWVbvCCBY6wxIK-647pxvhJ-hbLDSlXHUvn0Q2E79fEFtaT95HGK7MG_fotzF3yORwmiDwoAeMDrfNMWjb0CuqOyTELGcaDM7Zk3VeY_HuCNrUl0nN9LRjONz8uG5Vjm2IDdcIpVZZTvrucoSsmbROfClECWIqGcgDCHGM-xnQ31Au1hDmjHf0HxzGNyCAYUKfyJQBqLb-vZ-ODN2DhtGzyCQHfGwsh6CiV_c8WxBoJn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7CB7 281 B
554 B 19ms
19ms Document
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.gohabsgo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Sep 2022 17:26:39 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7CB7 31 KB
10 KB 35ms
35ms Script
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c948008e85bad263dc49df013408d09c061b0833fa4f502ed1c743dd5f313044

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 17:26:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30779
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9421
Expires: Thu, 22 Sep 2022 01:59:38 GMT

POST
H2 200 i Show response
vid-io-iad.springserve.com/vd/ Frame D1A9 0
151 B 99ms
25ms XHR
text/plain 54.172.24.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=8812f105&ps_id=643699&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.24.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-24-7.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gohabsgo.co
date: Wed, 21 Sep 2022 17:26:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H3 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame D1A9 1 KB
665 B 36ms
35ms XHR
text/xml 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2FSTN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26nofb%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill%2526iris_context%253D&type=all

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55ddf5fca9ff62eb07ecc09f45d9f662e69033f05daad3dad580e40d7f92a66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gohabsgo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 17:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.gohabsgo.co
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 637
x-xss-protection: 0

POST 229636
search.spotxchange.com/openrtb/2.3/dados/ Frame D1A9 0
0

POST 229637
search.spotxchange.com/openrtb/2.3/dados/ Frame D1A9 0
0

POST translator
hbopenbid.pubmatic.com/ Frame D1A9 0
0

GET cygnus
as-sec.casalemedia.com/ Frame D1A9 0
0

GET ima3vpaid
tpc.googlesyndication.com/ Frame D1A9 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D1A9 159 B
1007 B 22ms
18ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8bae16fbf3fd80f485c78043d8d480a588a865ac1539236283efe1658d685a8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:43 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: aeb811be-c505-4205-af6d-62c47282c429
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gohabsgo.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D1A9 160 B
1008 B 26ms
23ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2202437f659c8ca6c08da8043240622bd443ec1f44dce780111aa5f6948541b5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gohabsgo.co/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 17:26:43 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6a9bf448-f82b-474e-9bd7-eb932e1b6323
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gohabsgo.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 3D09 0
0

POST i
vid-io-iad.springserve.com/vd/ Frame D1A9 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/openrtb/2.3/dados/229636?src_sys=springserve-cs

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/openrtb/2.3/dados/229637?src_sys=springserve-cs

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?fn=indexResponse8812f10595&v=8.8&s=305079&r=%7B%22id%22%3A%228812f10595%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gohabsgo.co%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.gohabsgo.co%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A227%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A4%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22u77xS6h91Ai4mByBcC_3vg%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%22false%22%7D%7D%7D

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2C6686%2FSTN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26nofb%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill%2526iris_context%253D&type=all

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26url%3Dhttps%253A%252F%252Fwww.gohabsgo.co%252F%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1663781197494%26ord%3D1663781197494%26nofb%3D1%26cmsid%3D2460952%26vid%3D2251824%26cust_params%3Dplay_code%253D2008%2526domain%253Dgohabsgo.co%2526content_cid%253D8619%2526excl_cat%253Dstn_backfill%2526iris_context%253D%26channel%3Dvastadp

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=8812f105&ps_id=643699&batch=2

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
embed.sendtonews.com/	1970-01-20 06:19:45	Name: AWSALBCORS Value: gSXQZubmwGSYTZL7CeEjD0B7e85bSNvzSRc5NEUVuxczQ2KFLRPVFAUJGedtT7QMKEMHuaCz4FiKlRi52XVAlPdn1V3uzOlDBygvGR4ezuv2gDfzf63Kv9Dqb5ey
.freeskreen.com/	1970-01-20 06:19:45	Name: a Value: NjA5Mj0xfHw7
.tremorhub.com/	1970-01-20 14:55:38	Name: tvid Value: a50b6f233380425598610941ca268d1a
.exelator.com/	1970-01-20 09:02:29	Name: EE Value: "1426bc2ee0d53528dfacee30cb4dccfc"
.gohabsgo.co/	1970-01-20 15:45:41	Name: _ga Value: GA1.2.434343873.1663781195
.gohabsgo.co/	1970-01-20 06:11:07	Name: _gid Value: GA1.2.2337213.1663781195
.gohabsgo.co/	1970-01-20 06:09:41	Name: _gat_gtag_UA_163163842_30 Value: 1
.admanmedia.com/	1970-01-20 06:29:50	Name: admtr Value: 19bc7f25-5783-49a5-ad40-75e048fe6a1b
.admanmedia.com/	1970-01-20 06:29:50	Name: ac_r Value: CS89
.tremorhub.com/	1970-01-20 06:16:53	Name: tvssa Value: 1663781195401
.exelator.com/	1970-01-20 09:02:29	Name: ud Value: "eJxrXxzq6XKLQcHQxMgsKdkoNdUgxdTY1MgiJS0xOTXV2CA5ySQlOTkteXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6ImfHxUUpaQyLSopPBR%252Fc0A0A82Yrmg%253D%253D"
.adsrvr.org/	1970-01-20 14:55:17	Name: TDID Value: bc768a32-e12c-4e8d-8f55-b3c2dfb98c41
.rkdms.com/	1970-01-20 14:55:17	Name: sessionid Value: h-b1dfe663637d579df342979424205f7f_t-1663781195
.smartadserver.com/	1970-01-20 14:55:17	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 14:55:17	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 104685=5113046
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 14:55:17	Name: pid Value: 7581645548811933291
.smartadserver.com/	1970-01-20 06:11:07	Name: sasd2 Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=637993779958215992&o=1
.smartadserver.com/	1970-01-20 06:11:07	Name: sasd Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.doubleclick.net/	1970-01-20 15:45:41	Name: IDE Value: AHWqTUkj-OqSsopI92JROURiYeaMM_VDNxrOUL7z7-_6yKt0_19dj3yjQmv9OHJ29l4
.rubiconproject.com/	1970-01-20 14:55:17	Name: khaos Value: L8BWD709-1H-I23B
.adsrvr.org/	1970-01-20 14:55:17	Name: TDCPM Value: EhYKB3J1Ymljb24SCwiAwPj8joCOOxAFIAEoAg..
.spotxchange.com/	1970-01-20 14:55:17	Name: audience Value: 8b4ccdf8-39d2-11ed-9a90-109dde470003
.yahoo.com/	1970-01-20 14:55:38	Name: A3 Value: d=AQABBExJK2MCEAhRzydGc7npQGrV47SdMXgFEgEBAQGaLGM1YwAAAAAA_eMAAA&S=AQAAAtraCkDC1vfMh-yoj9YzZBY
.doubleclick.net/	1970-01-20 06:09:44	Name: DSID Value: NO_DATA
.amazon-adsystem.com/	1970-01-20 15:45:41	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:55:17	Name: bcookie Value: "v=2&576a5ab7-a24f-4f7b-8fc3-8e9775eb3cd5"
.linkedin.com/	1970-01-20 06:11:07	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2728:u=1:x=1:i=1663781196:t=1663867596:v=2:sig=AQE-1RNdiHjQ6IXGS1g_yikcOLQLL3yz"
.gohabsgo.co/	1970-01-20 15:31:17	Name: __gads Value: ID=2e784b56e4403169-225063a343d7004c:T=1663781195:S=ALNI_Ma9gpRVLS2jivjAgQspFJgiJRvjsQ
.gohabsgo.co/	1970-01-20 15:31:17	Name: __gpi Value: UID=0000086976ea0a90:T=1663781195:RT=1663781195:S=ALNI_MYctYq4J7ZYLH3A0_gTlGIVOnpJlA
.freeskreen.com/	1970-01-20 06:19:45	Name: scmtid Value: "c2FpZD03NTgxNjQ1NTQ4ODExOTMzMjkxfDE2NjM3ODExOTU5NTEmc2NtaWQ9ZmJoZWpiYmloZGdnYnlKb3RvTU4yZml8MTY2Mzc4MTE5NDcxNSZtZ2lkPUw4QldENzA5LTFILUkyM0J8MTY2Mzc4MTE5NjUxOCZuaWQ9MTQyNmJjMmVlMGQ1MzUyOGRmYWNlZTMwY2I0ZGNjZmN8MTY2Mzc4MTE5NTY1Ng=="
.adnxs.com/	1970-01-20 08:19:17	Name: uuid2 Value: 1019839865172294601
.amazon-adsystem.com/	1970-01-20 10:46:09	Name: ad-id Value: A6VH6mEF6kyrrWVUV3PhwgM
.adnxs.com/	1970-01-20 08:19:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Iq+i_F!]tbPl1M>e)ZlrFUfJ+tGXxoaXQuzPcOJe>Yr$ETTHSUvK`UHG[8.krGQ3vI3If)y3KL9D3I?*jeB'vI
.rubiconproject.com/	1970-01-20 14:55:17	Name: audit Value: 1\|ROpmpVaZTQid1zOAf+8I+bkXUflux+jPJtV6/eGunPoeECEUBMheiupolyMRzP+I9x+MHo/QrVnqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.casalemedia.com/	1970-01-20 08:19:17	Name: CMPS Value: 480
.casalemedia.com/	1970-01-20 14:55:17	Name: CMID Value: YytJTJzdKTCN66OfRZUqEAAA
.casalemedia.com/	1970-01-20 08:19:17	Name: CMPRO Value: 480
.casalemedia.com/	1970-01-20 08:19:17	Name: CMTS Value: 201
.springserve.com/	1970-01-20 14:53:50	Name: ssid Value: 84512e84-a337-4ad6-aeae-8481b9ba78b2
.springserve.com/	1970-01-20 14:53:50	Name: sst Value: 1663781197494

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5700122134273263366/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
adservice.google.ca
adservice.google.com
api.rlcdn.com
as-sec.casalemedia.com
b7317f1e4afc716a81dd13e1352ba44b.safeframe.googlesyndication.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.onesignal.com
cdn.resonate.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
cs.admanmedia.com
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
dsum-sec.casalemedia.com
embed.sendtonews.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.marqueur.com
ib.adnxs.com
id.sv.rkdms.com
imasdk.googleapis.com
js-sec.indexww.com
loadeu.exelator.com
match.adsrvr.org
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
player.sendtonews.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
s2l.sendtonews.com
sb.freeskreen.com
scm.publishers.tremorhub.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.freeskreen.com
sync.smartadserver.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
vid-io-iad.springserve.com
vid.springserve.com
vpaid.springserve.com
ww1772.smartadserver.com
www.gohabsgo.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hetlmedia.com
as-sec.casalemedia.com
hbopenbid.pubmatic.com
imasdk.googleapis.com
search.spotxchange.com
tpc.googlesyndication.com
vid-io-iad.springserve.com
104.105.42.146
104.18.12.242
104.18.18.126
104.18.19.126
104.36.115.111
108.138.106.15
108.138.106.16
108.138.124.226
142.250.72.98
142.250.81.226
143.204.150.76
18.208.240.0
192.35.249.142
199.187.193.185
2001:4de0:ac18::1:a:2b
23.105.12.160
23.192.31.127
23.52.162.21
23.78.200.97
2600:1f18:4e9:5a05:19c6:8f54:3d13:3206
2600:1f18:612b:4200:d9a2:335e:4c76:e4a1
2600:9000:2501:b600:15:6f6c:b180:93a1
2606:4700::6811:190e
2606:4700::6812:e234
2607:f8b0:4003:c3c::78
2607:f8b0:4006:807::2006
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::200a
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2003
2620:1ec:21::14
3.209.43.118
3.220.58.99
3.226.62.124
3.33.220.150
34.120.155.137
34.202.79.131
34.232.126.62
44.210.205.198
51.222.105.170
52.0.156.250
52.46.130.91
52.85.61.19
52.94.222.140
54.172.24.7
54.197.83.80
68.67.160.26
69.173.151.100
8.39.36.141
80.77.87.166
023e1cb990dcdf02e698072d0dd4bd0a20bf645ff65b3768a5dd2be09dfc257b
03adab7079429419ce5ea31cc6ed8661b4057aa5a535007aa6e818ae07242a23
03c998934375ba1e78f0df86ce497a279b443dbe3c591f811e516a7ab4aceae4
04daab843973e2af716697835cc5acaa35463e2352370cba035357b6ab1f35b5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0f2e242b01e1d051c2d7d6025d21e37bb64d31933577b6e7795aa375effaf5
0d4bc8a4522e39ee2e0b5bc8e769c4f69dff4900108c5bd4feca23bcec03f7a0
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0dc2bd16b44f169f0fb3afc483a75bb7b58bfba4d5fe51fd5389f8c51175ae9c
0f555a045aabb1f2dd16d94f3f5a579bf500195767da9ad1250dfc5ed9dfa1b0
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1458353fee7510cb367b6805469e450e1cc6dd6e9e9666ab0fe50e6d40f2b24c
14bc10c008ab023a696820f26ce5e8199c86a2201b0f4bfd963f0e726ce4986f
166d80f99b0cacd5c072dc702531273e2c7c6e12c899be7321974c64d772fb5d
16e2d036b2c6cd583d44f200cccdc24068723d967af682117dd2642f669df93f
175713c8d9a3b8ea9507cccc2e39155844116dd7bb02c1f0c81adb25027c422c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185f141b3e45aaf48606d1037111a10b57cc2408aa36d8fd28433ed0a4fdb0e0
188a79cff16297ad2e379f3e6099f789b6d519a70704352cd5b88f175458be94
194193cbea061ea811b02035c54d7cd1c08d5e45fdca2b9b1148fdac40f1928b
1a11b98bae8d7d601232ea5c765613717c1705b2711ff32f8f4d1d1519b5b0f5
1a2f76eb37604b23e7cc93daaaba80d4e2d01be69a832580e9b3965c5d5b26e0
1acdd0064319bdc09bbf5c7af2b5d5637f2448fe4c1527e182e7149256c4281e
1c4e12092b9a1749fe7494e96225c96ea3185854c41290896bbf1c492d895927
1ccb1e7e8d549e5b8103b4a542de54449cb24be93223096f61b9d20358ad8c56
1f07e50ec986c01646c954cc6319e193efad792d8079c19bd249f54f451a1b6b
208756ec43c2fd4161fcc49e6f9225b37813a36d48ced6b4c2452a47f56933fe
2202437f659c8ca6c08da8043240622bd443ec1f44dce780111aa5f6948541b5
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627
2b51f4dc6af0594f2b62e38fe324b699d623367a83c58313ec5b9c0a9410d59a
2cc8e1326512533b14d77f14bbcafca06e6cacf7312bb0e5ee1f22b7fa4244a9
30871c5fc265d115995635c8d4774e9ab2706110d5752a4d881b535930ef4f76
30accff26cbd0b07f77feba3268bf9aa1661b875e052d14cab9cd360589625ff
313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
352757182a4111c9027ab48e6da797ce05aeadc65f42929ff10d8ae45e30d2e0
357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075
3596d7a1d5ab84ba889665f6e62273d38193a1ae44de2fef5030acde2efe835e
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
394262f8a6eca6de17bac497d18ef6c70da576aaec7631ed35e8661d7f5afe1d
3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5
3b4085a45ae6b7aa4643fd5cecb3cd37117a0d90c187b84cabb1db0903422b8e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3ddafc7c64fc419d23666a57f965643dc3e191583eca4afab855dbde9d4fcef1
3f19c07c1d0f57c8cf4c9e8ada0fd7c78e6d13dda5937604313904236ee1f212
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41bb5f0f986e1ae00d9c40d236218e09123d924c38f19c9f9e7b925656d94584
42458a3585c1c86b8b3594e5f367455cc426b918e730eab4c50ebae453266c01
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
431cfe713107055f1dc277e00b481a34c07433543b9ad77acdd4ffcb5c30c635
44fa9fb9a7e9f110cf9d358b915a5136da8d4fae18dde071f76dc73d57d5e37c
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
47ff6e3a6675bee601f12265614819a0bfd9dbf9b03c8328037632347b70ff54
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a5fbb9b2a42797ac4cb2f27680dc3e7671068bf85c042702a18d3031086f6af
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d27371d236fa7547c90c974165abffcbae1236b64a80da2c85df41d40086f83
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e220a59a1a24f1bcd1e89a7065c5a66940dfde8cdb377de6cb949bf8597d01d
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
53d20ef574eb05e7150a7d34825840bd14e0340f15fad92d74df344d3df7fcc8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ddf5fca9ff62eb07ecc09f45d9f662e69033f05daad3dad580e40d7f92a66f
55f835a17ea8b8109c0602c19762bc9c4bfbc2cf4d69cac1e90f67aef653108e
56486ad961dd0d7efd7756d4f271434b71ef350a51e561f26127bce35288b7c0
5863de83de86bc9d0c9ca7c8a788a62ee645e6ca5a8b7ca2039464dda56832b6
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59b534f8997c09c843b494425e17693bb612ff3c61b2ae9b9a4a380a70a08fdf
59d701bfd79e049012fe13ef4ec06667c4067e3702879ab71a3ee9c062626229
5bdca849142d892f0b6b21916a0f2ba7b35f0b222646f07d8c30f49cfbbeb1ea
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce1e41225655458a099cb7f828fc78c279d138f8ded66fb227783aae7b69bdc
5dd8bbc24343effa7bddcc1eb054f22fdc53596f5695b678e694dbb4e9bf043e
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fef3aa19a7276b478171bde145b6fa8e7f34e8c002770e525ab1c29d9bc0f84
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
60968f769671af37c1515421777cade5f10500fccaffdabd0454d1a7d9f7037c
6107126a9e9bd2b72cb0fe5b7543127e118d6bcb053a515589b4e7cb477e5745
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64cb5ebb201be8e8e71e5bb8b58889762d117d91c8c943817a5b0af87f9531b6
675f4d908f222badbf05a406b41c8d9091187f0a83bdcf3455281e519fd6a20d
68d7aad25974c7a9fce0313390470a2a73ff99c9241c57ada1443855a5d0bec1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb6d09453b6cce0600524f9c2a04f27d00fb27314e4846d8bfeffadbe2c4db6
6be5da4682dd6e302a72bb959cfbb4d4e8a458c968034db274736e93f9c4484d
6c4c480151f17c92dba8e1de51727dd09b8f51df6da5fa37f492286253cd8f2c
6c5303a9f8a7d3637911b26b96bdcb5f954eb548fe928cc43118e3b05a02a1c6
6d14d790b7ab2f252031133c08a966ded6627f62e6f2dd34c9eb083a0f271224
700a3f115bdee0e76d8f2232cd0be55704ef7f99d751f025c32966135b90ed76
717b10593d54204f670e8962fbe282f51357d361b0cec4ec5b979429fe08f86e
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78198e34c6f4334405aa4dd069794eaa028c10b03666e294ebd6be4e5c172add
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7acc0269b09952270dddfa437f4c3b14975bad2df16f086a288fdefafab0f940
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c01c3de923397c849687eff2171bd7b502de59945a17b16715e144b410e304e
7c54f1a6b6e9e7ef98b5791a649e30e4c0aba0add76d6c38377fabc0838dd5ab
7e18a25b73ab54021b820a0a4af8591d29910caa9ad89014059a07a681ba462b
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c
81cac50363dc681a2bd284a2625f8b1e9354d35ea9bcaa940832c7b262e5c34f
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
83daa68ea0ce27a96e826f54554e15caec6a9b119c652b345059f7190d0e019b
8551742d5ddf7cf859efab1c28b377dacf5bb89ed041b51ec13607ed2d2f2a63
86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8a8fadfdebcc65982f3ec100c3ef0c3e23f0ebe1c2475b075875afd9f44e352e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bae16fbf3fd80f485c78043d8d480a588a865ac1539236283efe1658d685a8c
8c6beb0224ae3ef28d3a02a71da33104ae98fb897d44e00842757cfc103b1abb
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f
8fe62254da95115e0a89bb687f1dfb6c8771045ca0f3c10935f5c6477feef09a
91c5129ae79ddb7dcb02cc0665bded8f1363b299eb1a1adc3be22fd2a2999518
9303cfb2d0a6889084b8b62f5cf844e965dfed5d69cc29bd5198eeea4ec47107
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94d763740989b1b506ff4a5ade4be6e10549d1e4a08a63a6d8a950ff1917b131
966ff7f853427a7fbc66999baf492505019a6323c26dc4380b3b12fbb53a2afb
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
970a6da993b9c2a98460ba4436b44ed943b5df2f008c54ed77800fbbe6449f5a
97fbe2f4b4bb38d12492792c5678abd6fbb5d94317561e688147b6fcccd4a1c0
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9861be0eb98eadd4c43a9295e0092db25732a5e6c827755210f4700cd7bf6390
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
987a6fd1087e16af5b1b2df8455bcb0a79db843ba8dedfe37b89790f6f455340
987d7fa23cf2074e03d86613adefe3a7e4f23bb1ce4df623216adbc1d2c25e87
9c0b77cb1efb3e452d6ec37bdd7b2f2628a023ba7312504750fc7fc6d2dd0ef1
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00123d4a7b37f2fe99a5e401c5ccb355653e5be5ea0dc38827525755b8e0dce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5657bfdb3c0b6ad01ff5d6f942dba7768fa8bccfce9b7cac7377a24ef32a680
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b92b474abd6c41079a19e23fea79f0279dd70e3007c47e7773b9d3e7ca4f03
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
ab611647638e91f9a9337192ba8d57cd3ed279b75f46cccd25a53831b54a0bdf
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ac96e454de35f32b4e6f7d03be9b94246189260667cf8352f21ef77acaa228b1
ae4d5bd2c992f3e6d42699703b4334e7b091b781a853a201b60bbd285eba1735
af261be68803c5616f1c52c0ace0a87654ca80815d36b8716cfd625698393547
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b301f7f15d1d29d7d124cb30e579935adfbdafbf369b3ecd7ef574f4ced3ed55
b3617223ea8adbb874d9fadcde91390d2340716c88dbb98b3f93b00701ec8172
b3f5cf1744d0d73eaae16b06407a952447e7ed738e423ecdb951262e1cc9c701
b418e13d8c3e848de990b200ae6f14b5e5dd415cbcf61fb6685081e3ec92006c
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b5543a9a71ce0252ebed49eb700c97738ceed4eebf1c0f404700d4400ac406e0
b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c
b8970b1f19d05dd6cc34c852734b07ec12ec1eb85e86b734ba9a857686a514a1
bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf
bb8c34012fba5143653013ef74900fc346dc115bc642b51859811df54354c141
bd591aad1112cd8fd1ff7d062b45609a6e6b29df7cada5409d0c9dc0118cceba
bf86535ac07bc30b581c28a2e15e74fad7e3e53076658faa7f453d23b3fe2a4d
c0f47e1bc56c908ce661ab39a5e3317eef0f02db8939cce98cd4fc13ad34ffad
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c477fc15d9cc9fec40806831ec9560947ba3dbe766e980903e0359a278b6798f
c6e1c2a64891f9f3e9b38a72e6e8e64f695390f433868929291cc2cd8bb53021
c948008e85bad263dc49df013408d09c061b0833fa4f502ed1c743dd5f313044
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d47d909aef41c0b5d1b881d10c20f0519e17ceb462a64cb520d517af76765d66
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
da61e84f64ccc1cab5616b7198ae2065c59a100cabf24551c9c65decca1cf1e9
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcc1a414465f2d7173a186b6c5b9df3aa8d62e32f621514240dcd9fdbe7d0afe
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
e03515f92eb3f9da1542fda3aba456d358b7f77abf96502e315139ffb898ae6d
e080255cac7f5718f00b93b6f3fe836f7fbe997ac6445c55b37217dce1e07448
e2a46bdc1e4e8525df073026bc0fc803a42a84a62b4841e7e8f6f17f90756371
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f2bd021423db3e4429ab45ef042fc39debba49a2def1fe454b40447cb06536
e55916cd7df1349e9fea6a6f2bedfc00781437a91010a6ec2c0121da2d0cef5c
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
ea24f23e3904d8725fe2429924bfe5720279f477856440be7a208bee4609049d
eb4c7163f952e98cfc00b58c179e8f2c9724c818d15af4e46d83ef7fc4560ef0
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eed785cd7ed6df7a54fa6954a0d57d368c09543893644dfbff97603b6aaee424
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f3e91a48af848815f4131b6e1fb18a5873281a6413dec2f19691cc182cb82539
f5d26dd5267bdbb009cb575cf1d481fd23f3039bf47fda83832083ee17af3948
f6c27c262c987587f7ec48c8ab41e5c38b5d0ba1d039775ac109db893514bcd0
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
fb68e6e5e03e43bf00e3878d8ea1ebd3e4ec3509209344414a0c49b4f1a9f56d
fe8dcd1a6b10d7429bfd8f9cb82f643f9a0536a1db34544272c540228934f081
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

www.gohabsgo.co Open in urlscan Pro 51.222.105.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

292 Requests

91 %HTTPS

42 %IPv6

41 Domains

69 Subdomains

58 IPs

5 Countries

10619 kBTransfer

17045 kBSize

43 Cookies

5 Outgoing links

Redirected requests

292 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gohabsgo.co Open in urlscan Pro
51.222.105.170 Public Scan

Screenshot
Live screenshot

Full Image

292
Requests

91 %
HTTPS

42 %
IPv6

41
Domains

69
Subdomains

58
IPs

5
Countries

10619 kB
Transfer

17045 kB
Size

43
Cookies

292 HTTP transactions
4 data transactions