point.tosszip.com Open in urlscan Pro
158.247.220.182 Public Scan

Software

cafe /

Resource Hash

d92ff70265ea9376cc87dfca355ea0c2fdd7d60f1e485d5989b337921d91f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Origin: https://point.tosszip.com
Referer: https://point.tosszip.com/

Response headers

content-encoding: br
etag: 7744147903607549070
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 20:21:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 60580
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 333 KB
114 KB 450ms
173ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10884740783

Requested by

Host: point.tosszip.com
URL: https://point.tosszip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6863d4fd164197c8feb1aa6e7134dec58347fa03656b9b23cbffd6255685cf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 20:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 20:21:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 25 Apr 2025 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 115998
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 kp.js Show response
t1.daumcdn.net/kas/static/ 84 KB
19 KB 549ms
128ms Script
text/javascript 2600:141b:1c00:40::17db:248c
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://t1.daumcdn.net/kas/static/kp.js
Requested by: Host: point.tosszip.com
URL: https://point.tosszip.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:40::17db:248c Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: 6137d7a5e6f9eb2afd9b6d875ed257ca353eba540143c49a8184cd444e5d047a

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
cache-control: max-age=3116
content-encoding: br
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
expires: Fri, 25 Apr 2025 21:13:03 GMT
accept-ranges: bytes
content-length: 18711
date: Fri, 25 Apr 2025 20:21:07 GMT
last-modified: Thu, 10 Oct 2024 01:31:04 GMT
content-type: text/javascript
server: openresty
vary: Accept-Encoding

GET
H2 200 offside.min.js Show response
point.tosszip.com/wp-content/plugins/gp-premium/menu-plus/functions/js/ 7 KB
2 KB 305ms
302ms Script
application/javascript 158.247.220.182
AS-VULTR

General

Check archive.org

Download Go to

Full URL: https://point.tosszip.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.1
Requested by: Host: point.tosszip.com
URL: https://point.tosszip.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.220.182 Seoul, Korea, Republic Of, ASN20473 (AS-VULTR, US),
Reverse DNS: 158.247.220.182.vultrusercontent.com
Software: nginx /
Resource Hash: 50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: W/"67bf2688-1a8b"
date: Fri, 25 Apr 2025 20:21:06 GMT
content-type: application/javascript
last-modified: Wed, 26 Feb 2025 14:34:48 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 menu.min.js Show response
point.tosszip.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 326ms
324ms Script
application/javascript 158.247.220.182
AS-VULTR

General

Check archive.org

Download Go to

Full URL: https://point.tosszip.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by: Host: point.tosszip.com
URL: https://point.tosszip.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.220.182 Seoul, Korea, Republic Of, ASN20473 (AS-VULTR, US),
Reverse DNS: 158.247.220.182.vultrusercontent.com
Software: nginx /
Resource Hash: 5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: W/"6710f48c-1ca5"
date: Fri, 25 Apr 2025 20:21:06 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 11:27:08 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 modal.js Show response
point.tosszip.com/wp-content/themes/generatepress/assets/dist/ 3 KB
2 KB 315ms
313ms Script
application/javascript 158.247.220.182
AS-VULTR

General

Check archive.org

Download Go to

Full URL: https://point.tosszip.com/wp-content/themes/generatepress/assets/dist/modal.js?ver=3.5.1
Requested by: Host: point.tosszip.com
URL: https://point.tosszip.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.220.182 Seoul, Korea, Republic Of, ASN20473 (AS-VULTR, US),
Reverse DNS: 158.247.220.182.vultrusercontent.com
Software: nginx /
Resource Hash: a9f274a3031a6cff458b190e7481882b6c1a17d55375a21d13c3a1c477836ee5

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: W/"6710f48c-d53"
date: Fri, 25 Apr 2025 20:21:06 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 11:27:08 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 back-to-top.min.js Show response
point.tosszip.com/wp-content/themes/generatepress/assets/js/ 737 B
560 B 327ms
325ms Script
application/javascript 158.247.220.182
AS-VULTR

General

Check archive.org

Download Go to

Full URL: https://point.tosszip.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1
Requested by: Host: point.tosszip.com
URL: https://point.tosszip.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.220.182 Seoul, Korea, Republic Of, ASN20473 (AS-VULTR, US),
Reverse DNS: 158.247.220.182.vultrusercontent.com
Software: nginx /
Resource Hash: 3310986e26439bd35318188bd35b0c326bd3334e6699ca0469fd4f0b7d497098

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: W/"6710f48c-2e1"
date: Fri, 25 Apr 2025 20:21:06 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 11:27:08 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 education.svg
gpsites.co/newsroom/wp-content/uploads/sites/126/2021/04/ 31 KB
9 KB 187ms
99ms Image
image/svg+xml 172.67.148.244
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://gpsites.co/newsroom/wp-content/uploads/sites/126/2021/04/education.svg
Requested by: Host: point.tosszip.com
URL: https://point.tosszip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7f758bfb47048bb6134f35e7f9df09d4d4a6a8df815ae999bd683d9b2c3d70

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7d34-5ededabd5d246"
age: 5910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OliycG97Q4oHCcaAqKt5Kr6xNwfmiRtqvHzibqbrrgxQDQa7OaMjfK%2F%2F53we9K6TF%2FqbCoZvtDSAr0Ixa4oHgJtwecFpnpk2IOUNi9ns8kiSWd4UEqqzJk2NPYqM"}],"group":"cf-nel","max_age":604800}
cf-ray: 93608b8108200fcf-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=64003&min_rtt=64000&rtt_var=24006&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3607&recv_bytes=3179&delivery_rate=44798&cwnd=12000&unsent_bytes=0&cid=ff0f3c26c8a8af80&ts=105&x=16"
date: Fri, 25 Apr 2025 20:21:07 GMT
last-modified: Sun, 20 Nov 2022 21:32:09 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
32 KB 333ms
185ms Font
font/woff2 142.251.32.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Origin: https://point.tosszip.com
Referer: https://fonts.googleapis.com/

Response headers

age: 197802
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 13:24:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 13:24:25 GMT
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32796
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 279ms
132ms Font
font/woff2 142.251.32.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Origin: https://point.tosszip.com
Referer: https://fonts.googleapis.com/

Response headers

age: 176462
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 19:20:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 19:20:05 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H2 200 ct2.html Show response
t1.daumcdn.net/kas/static/third-party/cookie/ Frame 54DC 843 B
637 B 398ms
128ms Document
text/html 2600:141b:1c00:40::17db:248b
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://t1.daumcdn.net/kas/static/third-party/cookie/ct2.html
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/kp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:40::17db:248b Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: 17784cca25b4fc7c6b55d3dcf9e1cec58fbca4363085a57f3e03fc86636c7352

Request headers

Referer: https://point.tosszip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=2259
content-encoding: br
content-length: 274
content-type: text/html
date: Fri, 25 Apr 2025 20:21:07 GMT
expires: Fri, 25 Apr 2025 20:58:46 GMT
last-modified: Mon, 01 Jul 2024 03:33:40 GMT
nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
server: openresty
vary: Accept-Encoding
x-wchi: 69fc4825a2a3651ed5ae5dccfe88aa1f

GET
H3 200 OneSignalSDK.page.es6.js Show response
cdn.onesignal.com/sdks/web/v16/ 236 KB
62 KB 100ms
100ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160307

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a1ef08e8f44c330b99c850dc3803ca30906bbc5490862d1922be4b6fae671d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"0a87aa9aa2c440fd35722ccf24c5a4b0"
age: 1716
expires: Mon, 28 Apr 2025 20:21:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 25 Apr 2025 20:21:07 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 93608b80c9ee67fb-SJC
server: cloudflare

GET
H3 200 web Show response
onesignal.com/api/v1/sync/79eefd44-ae55-4767-9c71-2d61f110a6b1/ 5 KB
2 KB 423ms
332ms Script
text/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://onesignal.com/api/v1/sync/79eefd44-ae55-4767-9c71-2d61f110a6b1/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160307

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8cd928937d0f24521e823eae0d98b1d3533096a45e9b9e6e392824a825cc10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

x-request-id: 6ce727cc-9add-4998-9b6d-d4ef6a2e2c8a
content-encoding: br
cf-cache-status: MISS
etag: W/"2b8cd928937d0f24521e823eae0d98b1"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 21:21:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 25 Apr 2025 20:21:07 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.046932
priority: u=3,i=?0
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 93608b82fd5fcf05-SJC
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 204 bc
bc.ad.daum.net/ 0
0 1145ms
314ms Fetch 121.53.105.159
KAKAO-AS-KR Kakao...

General

Check archive.org

Download Go to

Full URL

https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%227490452228042307001%22%2C%22event_code%22%3A%22PageView%22%2C%22params%22%3A%7B%22tag%22%3A%22point.tosszip%22%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%7D%2C%22site%22%3A%7B%22identifier%22%3A%22point.tosszip.com%22%7D%2C%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.6.2%22%2C%22tpc%22%3A%22Y%22%7D%2C%22page%22%3A%7B%22url%22%3A%22https%3A%2F%2Fpoint.tosszip.com%2F%22%2C%22is_frame_env%22%3Afalse%7D%2C%22device%22%3A%7B%22dnt%22%3A%22N%22%2C%22device_type%22%3A%22pc%22%2C%22is_mobile%22%3A%22N%22%7D%7D

Requested by

Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/kp.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.159 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 3600
access-control-expose-headers: x-kakao-aid
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://point.tosszip.com
date: Fri, 25 Apr 2025 20:21:08 GMT
x-kakao-aid
access-control-allow-headers: x-kakao-aid

GET
H3 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/ 524 KB
168 KB 140ms
139ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/show_ads_impl.js?bust=31091975

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8484372062106769

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2632231dc30e48b325e3d35c8afa9f4a5cc3b64fbeb5770bc4743b945daa418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

content-encoding: br
etag: 10903815322479805938
age: 16521
x-content-type-options: nosniff
expires: Fri, 09 May 2025 15:45:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 15:45:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 171504
x-xss-protection: 0
server: cafe

POST
H3 200 collect
www.google.com/ccm/ 0
0 292ms
150ms Ping
text/plain 142.250.65.164
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?tid=AW-10884740783&en=page_view&dl=https%3A%2F%2Fpoint.tosszip.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1318061320.1745612468&dt=%ED%99%98%EA%B8%89%ED%86%A1&auid=1621946362.1745612468&navt=n&npa=0&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&tft=1745612468042&tfd=2982&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10884740783
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s71-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10884740783/ 4 KB
2 KB 303ms
152ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10884740783/?random=1745612468034&cv=11&fst=1745612468034&bg=ffffff&guid=ON&async=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoint.tosszip.com%2F&hn=www.googleadservices.com&frm=0&tiba=%ED%99%98%EA%B8%89%ED%86%A1&npa=0&pscdl=noapi&auid=1621946362.1745612468&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10884740783

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e836c5fca650c6c1d5eb6ca275f5e18935074bbe04c3836acb35dcb619d4b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 1895
date: Fri, 25 Apr 2025 20:21:08 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10884740783 Show response
td.doubleclick.net/td/rul/ Frame 2E42 13 B
523 B 432ms
153ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/10884740783?random=1745612468034&cv=11&fst=1745612468034&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoint.tosszip.com%2F&hn=www.googleadservices.com&frm=0&tiba=%ED%99%98%EA%B8%89%ED%86%A1&npa=0&pscdl=noapi&auid=1621946362.1745612468&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10884740783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:21:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/10884740783/ 6 KB
2 KB 302ms
153ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10884740783/?random=1745612468057&cv=11&fst=1745612468057&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoint.tosszip.com%2F&label=I3_TCIXxvd4ZEK_tn8Yo&hn=www.googleadservices.com&frm=0&tiba=%ED%99%98%EA%B8%89%ED%86%A1&gtm_ee=1&npa=0&pscdl=noapi&auid=1621946362.1745612468&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10884740783

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

8f6f133309076eb00ff4481f06e399481949788f87c75045260a72c2ddc72774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2316
date: Fri, 25 Apr 2025 20:21:08 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10884740783 Show response
td.doubleclick.net/td/rul/ Frame F4F8 13 B
176 B 426ms
154ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/10884740783?random=1745612468057&cv=11&fst=1745612468057&fmt=3&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoint.tosszip.com%2F&label=I3_TCIXxvd4ZEK_tn8Yo&hn=www.googleadservices.com&frm=0&tiba=%ED%99%98%EA%B8%89%ED%86%A1&gtm_ee=1&npa=0&pscdl=noapi&auid=1621946362.1745612468&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10884740783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:21:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/54l0/ Frame 1499 3 KB
2 KB 411ms
144ms Document
text/html 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fpoint.tosszip.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10884740783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:21:08 GMT
expires: Sat, 25 Apr 2026 20:21:08 GMT
last-modified: Mon, 21 Apr 2025 09:28:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20250423/r20190131/ Frame EF13 10 KB
4 KB 269ms
131ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250423/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/show_ads_impl.js?bust=31091975

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221fdd2bde78f06bde8ca37a94a759fbbb6811406372d91ecdad02188a259779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

age: 11772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4230
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 17:04:56 GMT
etag: 11255786754380402052
expires: Fri, 09 May 2025 17:04:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 62A0 13 KB
5 KB 343ms
213ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8484372062106769&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1745611987&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpoint.tosszip.com%2F&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.15&aiapmi=0.16&aiact=0.7&ailct=0.7&aimart=8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745612467717&bpp=3&bdt=1067&idt=464&shv=r20250423&mjsv=m202504230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3419159958916&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C95357460%2C95358976%2C95359238%2C31091975%2C95359114&oid=2&pvsid=3492163647130910&tmod=1643782682&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaAzYuOA..~CAA.&ifi=1&uci=a!1&fsb=1&dtd=492

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/show_ads_impl.js?bust=31091975

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dff0dfeb47b190aacf69730a8f16dcd52889431bfe4807d9e17c47c5712474f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5187
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:21:08 GMT
expires: Fri, 25 Apr 2025 20:21:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10884740783/ 42 B
64 B 155ms
154ms Image
image/gif 142.250.65.164
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10884740783/?random=1745612468034&cv=11&fst=1745611200000&bg=ffffff&guid=ON&async=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoint.tosszip.com%2F&hn=www.googleadservices.com&frm=0&tiba=%ED%99%98%EA%B8%89%ED%86%A1&npa=0&pscdl=noapi&auid=1621946362.1745612468&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzuB2UkRaA0znkv82gYxikyNOc9Q0qfw&random=411901311&rmt_tld=0&ipr=y

Requested by

Host: point.tosszip.com
URL: https://point.tosszip.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 20:21:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.com/pagead/1p-conversion/10884740783/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10884740783/?random=1361262826&cv=11&fst=1745612468057&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3...
https://www.google.com/pagead/1p-conversion/10884740783/?random=1361262826&cv=11&fst=1745612468057&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=...

42 B
64 B

163ms
163ms

Image
image/gif

142.250.65.164
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/10884740783/?random=1361262826&cv=11&fst=1745612468057&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoint.tosszip.com%2F&label=I3_TCIXxvd4ZEK_tn8Yo&hn=www.googleadservices.com&frm=0&tiba=%ED%99%98%EA%B8%89%ED%86%A1&gtm_ee=1&npa=0&pscdl=noapi&auid=1621946362.1745612468&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCNPFsQII68yxAgjPzrECCP7OsQII_86xAgjWz7ECSidldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIqdHZmIH0jAMVSAxoCB1bcA2nMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhpodHRwczovL3BvaW50LnRvc3N6aXAuY29tL0JXQ2hFSThPV3N3QVlRMklMdC1ial93NGJ6QVJJc0FKTmZYeFQ0OGdNN1dNSzgxOUptWkdCdXdXNlpDN3ROZ25CWFdDYXBhaHctVEJrX2pCZ044djB4MXNn&is_vtc=1&cid=CAQSKQDZpuyzwg-PAZLfOOpgz4KZ-VdATKESryvAXs6QUBEMpLtl6eIWr9RF&random=3822141983

Requested by

Host: point.tosszip.com
URL: https://point.tosszip.com/

Protocol

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 25 Apr 2025 20:21:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/10884740783/?random=1361262826&cv=11&fst=1745612468057&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be54o0h2v9102296539za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130498~103130500~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoint.tosszip.com%2F&label=I3_TCIXxvd4ZEK_tn8Yo&hn=www.googleadservices.com&frm=0&tiba=%ED%99%98%EA%B8%89%ED%86%A1&gtm_ee=1&npa=0&pscdl=noapi&auid=1621946362.1745612468&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCNPFsQII68yxAgjPzrECCP7OsQII_86xAgjWz7ECSidldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIqdHZmIH0jAMVSAxoCB1bcA2nMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhpodHRwczovL3BvaW50LnRvc3N6aXAuY29tL0JXQ2hFSThPV3N3QVlRMklMdC1ial93NGJ6QVJJc0FKTmZYeFQ0OGdNN1dNSzgxOUptWkdCdXdXNlpDN3ROZ25CWFdDYXBhaHctVEJrX2pCZ044djB4MXNn&is_vtc=1&cid=CAQSKQDZpuyzwg-PAZLfOOpgz4KZ-VdATKESryvAXs6QUBEMpLtl6eIWr9RF&random=3822141983
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Fri, 25 Apr 2025 20:21:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90E4 846 B
425 B 483ms
483ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8484372062106769&output=html&h=280&adk=478428503&adf=1037325002&w=760&abgtt=6&fwrn=4&fwrnh=100&lmt=1745611987&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7146445996&ad_type=text_image&format=760x280&url=https%3A%2F%2Fpoint.tosszip.com%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745612468581&bpp=3&bdt=1931&idt=3&shv=r20250423&mjsv=m202504230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=3419159958916&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C95357460%2C95358976%2C95359238%2C31091975%2C95359114&oid=2&pvsid=3492163647130910&tmod=1643782682&uas=0&nvt=1&fc=1408&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaAzYuOA..~CAA.&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/show_ads_impl.js?bust=31091975

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1341f62872c7f56c635d918b531965c26421f2b49bc6e6b17046232a256d24cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:21:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A512 165 KB
50 KB 543ms
543ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8484372062106769&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.2469707592~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1745611987&rafmt=1&to=qs&pwprc=7146445996&format=1200x280&url=https%3A%2F%2Fpoint.tosszip.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745612468601&bpp=1&bdt=1951&idt=1&shv=r20250423&mjsv=m202504230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C760x280&nras=3&correlator=3419159958916&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2502&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C95357460%2C95358976%2C95359238%2C31091975%2C95359114&oid=2&pvsid=3492163647130910&tmod=1643782682&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaAzYuOA..~CAA.&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/show_ads_impl.js?bust=31091975

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

115471433e25f9358bacc773916476f1d02a507f18d0efa6472c0e4f02a634ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 51030
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:21:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame A512 4 KB
1 KB 410ms
148ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8484372062106769&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.2469707592~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1745611987&rafmt=1&to=qs&pwprc=7146445996&format=1200x280&url=https%3A%2F%2Fpoint.tosszip.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745612468601&bpp=1&bdt=1951&idt=1&shv=r20250423&mjsv=m202504230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C760x280&nras=3&correlator=3419159958916&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2502&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C95357460%2C95358976%2C95359238%2C31091975%2C95359114&oid=2&pvsid=3492163647130910&tmod=1643782682&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaAzYuOA..~CAA.&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dac60844645e45e37d58f33ad35ed33b4816a943b839524589d93707d1c8233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:21:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 20:21:09 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 25 Apr 2025 20:17:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20250423/r20110914/client/ Frame A512 3 KB
1 KB 544ms
261ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250423/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

391c967f265762b2be1e494e87eb7470b3e4cef8e32f88fa4e4ac13c68f6fef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 14683945477317248544
age: 19982
x-content-type-options: nosniff
expires: Fri, 09 May 2025 14:48:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 14:48:07 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1182
x-xss-protection: 0
server: cafe

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A512 32 KB
32 KB 412ms
134ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRIRuzv55AZBEljyk9GKT5k0XDttL4jfX_8tGap12uBXZgyb4jH&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7061106fc9b790b9273f9a1d74722d09b9922b0ada62b9c4c02878c417a450b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

age: 120692
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 10:49:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Apr 2025 10:49:37 GMT
last-modified: Wed, 04 Dec 2024 18:38:47 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 32461
x-xss-protection: 0
server: sffe

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A512 27 KB
27 KB 415ms
131ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQMJYnnYPQXH4ONDBUJK20JtxvRKVIqZFkPqwerdDDux5VWf1A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae1b144ee1595522c372c737c314ef091c4c00ef3db0e5b44daa2f786e30a7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

age: 521571
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sun, 19 Apr 2026 19:28:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Apr 2025 19:28:18 GMT
last-modified: Wed, 23 Apr 2025 19:55:43 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 27367
x-xss-protection: 0
server: sffe

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A512 29 KB
29 KB 406ms
131ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTWidregkTxzjoVfyvFbfiRlnG758dzoIFvktlyicpkM13jzIRV&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c40dadf455826b45eacf48d72c8376f261c2ec0adf8ad7a3b14935e735a8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

age: 138022
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 06:00:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Apr 2025 06:00:47 GMT
last-modified: Wed, 08 Jan 2025 10:03:07 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 29374
x-xss-protection: 0
server: sffe

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A512
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CyVG-tO4LaOnBKovPoPMPyqiLAfnmkep-7OGPkegSoab489AdEAEgoNjLpAFgyZ72hoCAoBmgAdu4teg9yAEJqAMByAPLBKoE5QFP0BZSVNYNy7psuKEOZAGYak-IJJzYWO0K8_LPOKrJhW8...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe4064fb216d4bac0000000000000000%22,%222%22:%220xa4790f41278f9080000000000000000%22,%223%22:%220xbc68f8b9...

0
0

330ms
193ms

Fetch
text/css

142.250.81.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe4064fb216d4bac0000000000000000%22,%222%22:%220xa4790f41278f9080000000000000000%22,%223%22:%220xbc68f8b9eeae6c5d0000000000000000%22,%224%22:%220x37bcd96a598386f20000000000000000%22,%225%22:%220x505b6fc53890ec0000000000000000%22},%22debug_key%22:%2214073263940550232964%22,%22debug_reporting%22:true,%22destination%22:%22https://putnamcadillac.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216593542235%22],%2222%22:[%22true%22],%224%22:[%2204-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221533681362222020449%22}&andc=true

Requested by

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:21:09 GMT
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe4064fb216d4bac0000000000000000","2":"0xa4790f41278f9080000000000000000","3":"0xbc68f8b9eeae6c5d0000000000000000","4":"0x37bcd96a598386f20000000000000000","5":"0x505b6fc53890ec0000000000000000"},"debug_key":"14073263940550232964","debug_reporting":true,"destination":"https://putnamcadillac.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16593542235"],"22":["true"],"4":["04-25"],"6":["true"]},"priority":"500","source_event_id":"1533681362222020449"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe4064fb216d4bac0000000000000000","2":"0xa4790f41278f9080000000000000000","3":"0xbc68f8b9eeae6c5d0000000000000000","4":"0x37bcd96a598386f20000000000000000","5":"0x505b6fc53890ec0000000000000000"},"debug_key":"14073263940550232964","debug_reporting":true,"destination":"https://putnamcadillac.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16593542235"],"22":["true"],"4":["04-25"],"6":["true"]},"priority":"500","source_event_id":"1533681362222020449"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20250423/r20110914/ Frame A512 28 KB
11 KB 406ms
150ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250423/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f20720ff17516bff6e53607228804291b4852931c47611244d577c9e13fadb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 7243859758182643267
age: 19982
x-content-type-options: nosniff
expires: Fri, 09 May 2025 14:48:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 14:48:07 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 10749
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20250423/r20110914/client/ Frame A512 3 KB
1 KB 514ms
258ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250423/r20110914/client/window_focus.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63b526b650d9e4069b481a20b7acf6e970be6020c6d81ff0b55cb68fd744632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 6812540590968043100
age: 11753
x-content-type-options: nosniff
expires: Fri, 09 May 2025 17:05:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 17:05:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1301
x-xss-protection: 0
server: cafe

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0721 1 KB
643 B 271ms
135ms Document
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

age: 74109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Apr 2025 23:46:00 GMT
etag: 48472445140208031
expires: Fri, 25 Apr 2025 23:46:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20250423/r20110914/client/ Frame A512 28 KB
11 KB 381ms
130ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250423/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4751df88beedf5037a17c704c6f44fc42faf603ece9becfd19078aa072f5ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 6621521496892677539
age: 20350
x-content-type-options: nosniff
expires: Fri, 09 May 2025 14:41:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 14:41:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 10769
x-xss-protection: 0
server: cafe

GET l
www.google.com/ads/measurement/ Frame A512 0
0

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A512 220 KB
68 KB 262ms
131ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a798986e0dce849145906cae97bf77a273b5ffb8880fc0f7da14eff4a9b85aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 4151480097505160345
age: 2528
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:39:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 25 Apr 2025 19:39:01 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69290
x-xss-protection: 0
server: cafe

GET
H2 200 4fdd5c678abc64d03a45dab1ca57e1d2.js Show response
www.gstatic.com/mysidia/ Frame A512 54 KB
20 KB 414ms
131ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/4fdd5c678abc64d03a45dab1ca57e1d2.js?tag=addon/mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4af76a65cef4c1b557af0c8574845523b80527ce6f322211c80f53bddff96079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
age: 222180
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
x-content-type-options: nosniff
expires: Tue, 22 Jul 2025 06:38:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 06:38:09 GMT
last-modified: Wed, 23 Apr 2025 06:26:19 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7776000
cross-origin-opener-policy: same-origin; report-to="mysidia"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
accept-ranges: bytes
content-length: 20441
x-xss-protection: 0
server: sffe

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0721
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_push=AXcoOmTceYiDHcjbzOWK78ZB-65_-8ZRs8yz_twUKP3bKezsSzxNeODPylrtBe0yaaW-Ll35vkJWrdAFenqWS3Qg1i9ei1pVE2TZb3yRZ2wSSa5ncdS0ZTeA1uzKFFwbfr...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTceYiDHcjbzOWK78ZB-65_-8ZRs8yz_twUKP3bKezsSzxNeODPylrtBe0yaaW-Ll35vkJWrdAFenqWS3Qg1i9ei1pVE2TZb3yRZ2wSSa5ncdS0ZTeA1uzKFFwbfr...

170 B
232 B

150ms
149ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTceYiDHcjbzOWK78ZB-65_-8ZRs8yz_twUKP3bKezsSzxNeODPylrtBe0yaaW-Ll35vkJWrdAFenqWS3Qg1i9ei1pVE2TZb3yRZ2wSSa5ncdS0ZTeA1uzKFFwbfrz0Uw_RDvj1oNiiUg

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 25 Apr 2025 20:21:10 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTceYiDHcjbzOWK78ZB-65_-8ZRs8yz_twUKP3bKezsSzxNeODPylrtBe0yaaW-Ll35vkJWrdAFenqWS3Qg1i9ei1pVE2TZb3yRZ2wSSa5ncdS0ZTeA1uzKFFwbfrz0Uw_RDvj1oNiiUg
x-msedge-ref: Ref A: 852B40A477E949FEB7E0EAC26E70B8AA Ref B: LAX311000115033 Ref C: 2025-04-25T20:21:09Z
x-li-fabric: prod-lva1
x-li-uuid: AAYzoBMuDBc1CR6xkNXw2w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 0721 0
35 B 388ms
126ms Image
text/plain 44.205.176.107
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_push=AXcoOmRMfApk97w8q4Ho5-k4osesaT9oesSZM1MGXALSyuXrAFKyLuBpUEg6bEaVBR1Ei7wZJs8BrqjZTmutUNZvVD4dPY8cfMyx6dtSoaq_C7ImkjOUlUeukqy50T-6h0qMQTtI01fw-S8PxdU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8484372062106769&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.2469707592~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1745611987&rafmt=1&to=qs&pwprc=7146445996&format=1200x280&url=https%3A%2F%2Fpoint.tosszip.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745612468601&bpp=1&bdt=1951&idt=1&shv=r20250423&mjsv=m202504230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C760x280&nras=3&correlator=3419159958916&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2502&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C95357460%2C95358976%2C95359238%2C31091975%2C95359114&oid=2&pvsid=3492163647130910&tmod=1643782682&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaAzYuOA..~CAA.&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.176.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-176-107.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

date: Fri, 25 Apr 2025 20:21:09 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0721
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_push=AXcoOmRYADRUkWsxZ2VCFLVoh69lyDwtceyB7_C8TCr7sL26u7ilpZ5sMACqUPGGRontGY8F6fthJr8l6gnoMj_J4cgSWDQeYsU6BknTB3e16_Nz0HG3n3OrNgd9dGFcEb03o0KlIUvofeai1qw
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRYADRUkWsxZ2VCFLVoh69lyDwtceyB7_C8TCr7sL26u7ilpZ5sMACqUPGGRontGY8F6fthJr8l6gnoMj_J4cgSWDQeYsU6BknTB3e16_Nz0HG3n3OrNgd9dGFcEb03o...

170 B
232 B

147ms
146ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRYADRUkWsxZ2VCFLVoh69lyDwtceyB7_C8TCr7sL26u7ilpZ5sMACqUPGGRontGY8F6fthJr8l6gnoMj_J4cgSWDQeYsU6BknTB3e16_Nz0HG3n3OrNgd9dGFcEb03o0KlIUvofeai1qw&google_hm=eS1JLlZCcW4xRTJwRlRzNnVySTdWd0FxWTI1WkJ0ODJHcn5B

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 25 Apr 2025 20:21:10 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRYADRUkWsxZ2VCFLVoh69lyDwtceyB7_C8TCr7sL26u7ilpZ5sMACqUPGGRontGY8F6fthJr8l6gnoMj_J4cgSWDQeYsU6BknTB3e16_Nz0HG3n3OrNgd9dGFcEb03o0KlIUvofeai1qw&google_hm=eS1JLlZCcW4xRTJwRlRzNnVySTdWd0FxWTI1WkJ0ODJHcn5B
age: 0
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
server: ATS
x-frame-options: DENY

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0721
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_push=AXcoOmScD36JjdIwVEz1BQuOblh_LSGGVL4mUIcc9I9bmHIiBfq-hMFsPu6cEyDsd6TH8qPjxSv6DuPaLPu5SVfYhap-kj56GJ56v7CDbqK2xRsb6geNCW6H6j5xgQBcHcg0ARkJ7qos...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qd628pcBUotHGLnj02YPB6L1zvU&google_push=AXcoOmScD36JjdIwVEz1BQuOblh_LSGGVL4mUIcc9I9bmHIiBfq-hMFsPu6cEyDsd6TH8qPjxSv6DuPaLPu5SV...

170 B
232 B

148ms
148ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qd628pcBUotHGLnj02YPB6L1zvU&google_push=AXcoOmScD36JjdIwVEz1BQuOblh_LSGGVL4mUIcc9I9bmHIiBfq-hMFsPu6cEyDsd6TH8qPjxSv6DuPaLPu5SVfYhap-kj56GJ56v7CDbqK2xRsb6geNCW6H6j5xgQBcHcg0ARkJ7qosbw6cSvA

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 25 Apr 2025 20:21:10 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qd628pcBUotHGLnj02YPB6L1zvU&google_push=AXcoOmScD36JjdIwVEz1BQuOblh_LSGGVL4mUIcc9I9bmHIiBfq-hMFsPu6cEyDsd6TH8qPjxSv6DuPaLPu5SVfYhap-kj56GJ56v7CDbqK2xRsb6geNCW6H6j5xgQBcHcg0ARkJ7qosbw6cSvA
Content-Length: 289
Date: Fri, 25 Apr 2025 20:21:09 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0721
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_push=AXcoOmQbxdUIdoTQwQ9o1pBnb_nFEoumTphBYtmUq5lEGUKdP91v12BR4IwXPCGoD8JCktZ2V0nX17FGB8nFNKK9Ijh4ikWUpK7yovY23v-pXwKMhPKrVGG...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQbxdUIdoTQwQ9o1pBnb_nFEoumTphBYtmUq5lEGUKdP91v12BR4IwXPCGoD8JCktZ2V0nX17FGB8nFNKK9Ijh4ikWUpK7yovY23v-pXwKMhP...

170 B
329 B

172ms
147ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQbxdUIdoTQwQ9o1pBnb_nFEoumTphBYtmUq5lEGUKdP91v12BR4IwXPCGoD8JCktZ2V0nX17FGB8nFNKK9Ijh4ikWUpK7yovY23v-pXwKMhPKrVGGdO3iAzNX8QbAW7oEpE3wrY2inpYkM&google_hm=X-kyupFkQkikYwOSldQzQPU

Requested by

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-cache, must-revalidate
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQbxdUIdoTQwQ9o1pBnb_nFEoumTphBYtmUq5lEGUKdP91v12BR4IwXPCGoD8JCktZ2V0nX17FGB8nFNKK9Ijh4ikWUpK7yovY23v-pXwKMhPKrVGGdO3iAzNX8QbAW7oEpE3wrY2inpYkM&google_hm=X-kyupFkQkikYwOSldQzQPU
pragma: no-cache
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
status: 302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CUR OUR NOR"
content-length: 0
x-xss-protection: 1; mode=block
date: Fri, 25 Apr 2025 20:21:09 GMT
content-type: text/html;charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0721
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_push=AXcoOmRGWc2K6fb623PcEJ1IJdf5jrKrbP6oF1wLATllWRnphXnNx9aOtL4bV3PY2gFqEniJUFqV5uJNQKwyO7dKrMRIn_DMa8xeOwNjlozvEE7ukzpvZCGolx5swBlEv6R6y_f_iJeg...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=5QMRA4ECNESW4LzKNj7lBg&google_push=AXcoOmRGWc2K6fb623PcEJ1IJdf5jrKrbP6oF1wLATllWRnphXnNx9aOtL4bV3PY2gFqEniJUFqV5uJNQKwyO7dKrMRIn_DMa...

170 B
232 B

148ms
148ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=5QMRA4ECNESW4LzKNj7lBg&google_push=AXcoOmRGWc2K6fb623PcEJ1IJdf5jrKrbP6oF1wLATllWRnphXnNx9aOtL4bV3PY2gFqEniJUFqV5uJNQKwyO7dKrMRIn_DMa8xeOwNjlozvEE7ukzpvZCGolx5swBlEv6R6y_f_iJegBo59WaKQ

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 25 Apr 2025 20:21:10 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=5QMRA4ECNESW4LzKNj7lBg&google_push=AXcoOmRGWc2K6fb623PcEJ1IJdf5jrKrbP6oF1wLATllWRnphXnNx9aOtL4bV3PY2gFqEniJUFqV5uJNQKwyO7dKrMRIn_DMa8xeOwNjlozvEE7ukzpvZCGolx5swBlEv6R6y_f_iJegBo59WaKQ
Content-Length: 0
Date: Fri, 25 Apr 2025 20:21:10 GMT
Connection: keep-alive
Server: Kestrel

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0721
Redirect Chain

https://www.temu.com/api/adx/cm/pixel?google_push=AXcoOmRtcUY-AvS5RLGvMg5KrdNxNLcGwdZiICHO13qA1GTHyCio9R7yLXqHtmF17Ttvio0LAWc6cqU0cfs7c9XGZY-_PPI4Y8rZXYLPjXOufe_ewOq1lVtkMpHYGkSUrMlzOiLvY3pugxOhNKQK
https://cm.g.doubleclick.net/pixel?google_push=AXcoOmRtcUY-AvS5RLGvMg5KrdNxNLcGwdZiICHO13qA1GTHyCio9R7yLXqHtmF17Ttvio0LAWc6cqU0cfs7c9XGZY-_PPI4Y8rZXYLPjXOufe_ewOq1lVtkMpHYGkSUrMlzOiLvY3pugxOhNKQK&g...

170 B
232 B

154ms
153ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_push=AXcoOmRtcUY-AvS5RLGvMg5KrdNxNLcGwdZiICHO13qA1GTHyCio9R7yLXqHtmF17Ttvio0LAWc6cqU0cfs7c9XGZY-_PPI4Y8rZXYLPjXOufe_ewOq1lVtkMpHYGkSUrMlzOiLvY3pugxOhNKQK&google_nid=whaleco_services_llc

Protocol

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 25 Apr 2025 20:21:10 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

strict-transport-security: max-age=31536000
yak-timeinfo: 1745612469892|5
location: https://cm.g.doubleclick.net/pixel?google_push=AXcoOmRtcUY-AvS5RLGvMg5KrdNxNLcGwdZiICHO13qA1GTHyCio9R7yLXqHtmF17Ttvio0LAWc6cqU0cfs7c9XGZY-_PPI4Y8rZXYLPjXOufe_ewOq1lVtkMpHYGkSUrMlzOiLvY3pugxOhNKQK&google_nid=whaleco_services_llc
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
x-gateway-request-id: 1745612469892-ac60844e20cf7c10e93df93fe1a5dfb2-3
cip: 162.245.206.245
alt-svc: h3=":443"; ma=604800
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
server: nginx

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0721 0
139 B 422ms
144ms Image
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ih7TscBjV6583c8ze63evmcsUALO--wrujGHxhSsnLCxI1ONZ6EHoaVLBrayziKJo3dlYrqTqL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
content-type: text/html
server: HTTP server (unknown)

GET
DATA 200
OK truncated
/ Frame A512 212 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dde6d3fec100b6f57730fa336534fdd7decff74600434b6abd8493f8f5e03275

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A512 0
0 156ms
155ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A512 0
0 151ms
150ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A512 0
0 148ms
148ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A512 21 KB
21 KB 278ms
139ms Font
font/woff2 142.251.32.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/

Response headers

age: 242361
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 01:01:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 01:01:49 GMT
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21428
x-xss-protection: 0
server: sffe

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A512 20 KB
20 KB 270ms
131ms Font
font/woff2 142.251.32.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/

Response headers

age: 197342
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 13:32:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 13:32:08 GMT
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20784
x-xss-protection: 0
server: sffe

GET
H3 200 view
googleads.g.doubleclick.net/btr/ Frame A512 0
0 163ms
163ms Fetch
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/btr/view?ai=CyVG-tO4LaOnBKovPoPMPyqiLAfnmkep-7OGPkegSoab489AdEAEgoNjLpAFgyZ72hoCAoBmgAdu4teg9yAEJqAMByAPLBKoE5QFP0BZSVNYNy7psuKEOZAGYak-IJJzYWO0K8_LPOKrJhW853d-tpYga2P_2kbhNeE0V5G36bpTJ0T_6XtUrIKNLr263kZeXtwMmUq7Qx8-_N-PGBebmHdmMiCMymN_3ew2nkvRf40OgvP6Nk3OCqb1p_GN5G2q-WEVN_yWtGITs25mfUDPrY_DGiPihnSa8lXNjajbtahi2Y1VmsYdVcj4BlHE4mynpyvGG0c4zMOck0uNtV0tdAL-q1jJfP064ICfuFIU3Sf0JljwdwZhKrPuK-OsCVPFqXQTxRFFaU4JILugjfCAFwASkgfn6_QSIBdj0w7hRkgUECAQYAZIFBAgFGASgBi6AB9vwhcgYqAfZtrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAfgvbECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEPXEE9IIJwiAYRABGB8yAooCOgyAQIDAgICAgKiAAiBIvf3BOlipu_KYgfSMA5oJ4gJodHRwczovL3d3dy5wdXRuYW1jYWRpbGxhYy5jb20_c2RfY2FtcGFpZ249QyUyMC0lMjBWQSUyMFBNQVglMjAtJTIwTmV3JnNkX2RpZ2FkcHJvdj1wdXJlY2FycyZzZF9jaGFubmVsPXZlaGljbGVsaXN0aW5nJnNkX2NhbXBhaWduX3R5cGU9Z29vZ2xlJnNkX3Byb2dyYW09dGllcjMmc2RfYWRpZD0yMTQzMzU0MjY4NSZzZF9kaWdhZGNpZD0yMTQzMzU0MjY4NSZzZF9rZXl3b3JkPSZzZF9hZGdyb3VwPTAwLURJVi1OQV9QQ0hfSW5NYXJrZXRfTmV3X19WZWhpY2xlJTIwQWRzJnV0bV9jb250ZW50PVBDfnYxfn5BR0R-fn5BR0RfTn4wMC1ESVYtTkFfUENIX0luTWFya2V0X05ld19fVmVoaWNsZSUyMEFkcyZnYWRfc291cmNlPTWACgHICwHaDBAKChDAhL3d1beq0BISAgED6g0TCOW6h5mB9IwDFYsnaAgdStQiANgTC9AVAZgWAfgWAYAXAbIXIAoaCAASFHB1Yi04NDg0MzcyMDYyMTA2NzY5GAAYASoAuhcCOAGyGAkSAqhOGC4iAQDQGAHoGAE&sigh=V__JrKjjJuE&cmd=ChdjYS1wdWItODQ4NDM3MjA2MjEwNjc2ORDuAxgB&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwDZpuyzug19eK3LyW3cQ9pCZ0uMQfU67KhVogGCYJXVNSFp5j24h5dmJ-n98vlkAD_54tY8EPInWGLLGAE&template_id=494&vis=1&ibtr=1&nis=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8484372062106769&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.2469707592~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1745611987&rafmt=1&to=qs&pwprc=7146445996&format=1200x280&url=https%3A%2F%2Fpoint.tosszip.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745612468601&bpp=1&bdt=1951&idt=1&shv=r20250423&mjsv=m202504230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C760x280&nras=3&correlator=3419159958916&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2502&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C95357460%2C95358976%2C95359238%2C31091975%2C95359114&oid=2&pvsid=3492163647130910&tmod=1643782682&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaAzYuOA..~CAA.&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 25 Apr 2025 20:21:09 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 304ms
155ms XHR
application/json 142.251.40.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250423&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/show_ads_impl.js?bust=31091975

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

d6182b6c77f3adeb39aa56de25ac988a7a71326a008d5b3cb5189afcbcc6abd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12955
date: Fri, 25 Apr 2025 20:21:10 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 73P3AuuroUYNbYb8E4MKu1IbZgOvu0M6pu8QD6i5zXE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2763 57 KB
21 KB 132ms
130ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/73P3AuuroUYNbYb8E4MKu1IbZgOvu0M6pu8QD6i5zXE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef73f702ebaba1460d6d86fc13830abb521b6603afbb433aa6ef100fa8b9cd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
age: 281294
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 22 Apr 2026 14:12:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Apr 2025 14:12:55 GMT
last-modified: Mon, 07 Apr 2025 13:58:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21984
x-xss-protection: 0
server: sffe

GET
H2

200

w-logo-blue-white-bg.png
point.tosszip.com/wp-includes/images/
Redirect Chain

https://point.tosszip.com/favicon.ico
https://point.tosszip.com/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

204ms
204ms

Other
image/png

158.247.220.182
AS-VULTR

General

Check archive.org

Download Go to

Full URL: https://point.tosszip.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H2
Server: 158.247.220.182 Seoul, Korea, Republic Of, ASN20473 (AS-VULTR, US),
Reverse DNS: 158.247.220.182.vultrusercontent.com
Software: nginx /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

cache-control: public, max-age=31536000
etag: "6710ea7c-1017"
accept-ranges: bytes
content-length: 4119
date: Fri, 25 Apr 2025 20:21:10 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 10:44:12 GMT
server: nginx

Redirect headers

x-redirect-by: WordPress
link: <https://point.tosszip.com/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
location: https://point.tosszip.com/wp-includes/images/w-logo-blue-white-bg.png
age: 479
expires: Fri, 25 Apr 2025 20:13:10 GMT
x-cache: HIT
content-length: 0
x-ua-compatible: IE=edge
date: Fri, 25 Apr 2025 20:21:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 428ms
146ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504230101/show_ads_impl.js?bust=31091975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bc9e8993c21572256f4eba281e3e071ec57958aff3e4f5295ffbc19ab12859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer: https://point.tosszip.com/

Response headers

content-encoding: gzip
etag: "1745536408743016"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:21:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 20:21:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6587
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/234/ Frame FCA9 13 KB
5 KB 396ms
130ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/234/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f6d37c495246e28a4d305d2931ba5b24166e4f05f6695c01aced09a0ff1301d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges: bytes
age: 1657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5001
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 19:53:33 GMT
expires: Fri, 25 Apr 2025 20:43:33 GMT
last-modified: Thu, 06 Mar 2025 01:40:29 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9292 829 B
569 B 153ms
153ms Document
text/html 142.250.65.164
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

ESF /

Resource Hash

a17bb6bac2bab22733ef90192f7816d1ed7208317aebc3a27975ced961e52066

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6I_Ih0EDtHUtFMEQFNXKQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://point.tosszip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6I_Ih0EDtHUtFMEQFNXKQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:21:10 GMT
expires: Fri, 25 Apr 2025 20:21:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 9292 0
0

GET
H3 200 kLp1wZtyR2cl6iKecfHpV0vkPc8de5KeCPhMdHbgSC0.js Show response
pagead2.googlesyndication.com/bg/ Frame FCA9 54 KB
21 KB 132ms
132ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kLp1wZtyR2cl6iKecfHpV0vkPc8de5KeCPhMdHbgSC0.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/234/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS