urlscan.io logo urlscan.io
SecurityTrails logo

demo.minaonline.websitecom.lightspeedsystems.help Open in urlscan Pro
15.204.209.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On December 27 via api from IT — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 2 countries across 14 domains to perform 134 HTTP transactions. The main IP is 15.204.209.18, located in Reston, United States and belongs to OVH OVH SAS, FR. The main domain is demo.minaonline.websitecom.lightspeedsystems.help.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on December 26th 2025. Valid for: 3 months.
This is the only time demo.minaonline.websitecom.lightspeedsystems.help was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 15.204.209.18 16276 (OVH OVH SAS)
1 172.253.139.95 15169 (GOOGLE)
1 2 104.18.1.22 13335 (CLOUDFLAR...)
6 142.250.31.156 15169 (GOOGLE)
8 172.253.115.94 15169 (GOOGLE)
7 172.253.63.94 15169 (GOOGLE)
1 142.251.163.97 15169 (GOOGLE)
9 172.253.62.154 15169 (GOOGLE)
3 172.253.62.132 15169 (GOOGLE)
2 172.253.62.113 15169 (GOOGLE)
14 142.250.31.155 15169 (GOOGLE)
4 172.253.115.155 15169 (GOOGLE)
20 64.233.180.101 15169 (GOOGLE)
13 172.253.63.132 15169 (GOOGLE)
2 142.251.111.95 15169 (GOOGLE)
3 172.253.62.95 15169 (GOOGLE)
1 172.253.122.149 15169 (GOOGLE)
1 172.253.63.147 15169 (GOOGLE)
3 4 172.253.122.156 15169 (GOOGLE)
2 4 104.18.27.193 13335 (CLOUDFLAR...)
2 3 68.67.160.132 29990 (ASN-APPNEX)
4 142.250.201.195 15169 (GOOGLE)
1 64.233.180.154 15169 (GOOGLE)
1 1 142.251.111.138 15169 (GOOGLE)
2 172.217.129.137 15169 (GOOGLE)
1 142.250.31.149 15169 (GOOGLE)
134 26
24    15.204.209.18 (Reston, United States)

ASN16276 (OVH OVH SAS, FR)
PTR: vng.lol
demo.minaonline.websitecom.lightspeedsystems.help
1    172.253.139.95 (United States)

ASN15169 (GOOGLE, US)
PTR: yuiadsk-in-f95.1e100.net
fonts.googleapis.com
2    104.18.1.22 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
6    142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
pagead2.googlesyndication.com
8    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
fonts.gstatic.com
7    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.gstatic.com
1    142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
9    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
googleads.g.doubleclick.net
3    172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net
lh7-rt.googleusercontent.com
2    172.253.62.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f113.1e100.net
www.google-analytics.com
14    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
pagead2.googlesyndication.com
4    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
ep1.adtrafficquality.google
20    64.233.180.101 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f101.1e100.net
fundingchoicesmessages.google.com
13    172.253.63.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net
ep2.adtrafficquality.google
tpc.googlesyndication.com
2    142.251.111.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net
fonts.googleapis.com
3    172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net
imasdk.googleapis.com
1    172.253.122.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f149.1e100.net
s0.2mdn.net
1    172.253.63.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f147.1e100.net
www.google.com
4    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
cm.g.doubleclick.net
4    104.18.27.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    68.67.160.132 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net
csi.gstatic.com
1    64.233.180.154 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f154.1e100.net
bid.g.doubleclick.net
1    142.251.111.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f138.1e100.net
gcdn.2mdn.net
2    172.217.129.137 (United States)

ASN15169 (GOOGLE, US)
PTR: ord37s44-in-f9.1e100.net
r4---sn-vgqsknzz.c.2mdn.net
1    142.250.31.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f149.1e100.net
ad.doubleclick.net
Apex Domain
Subdomains		 Transfer
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 128
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
526 KB
24 lightspeedsystems.help
demo.minaonline.websitecom.lightspeedsystems.help
342 KB
21 google.com
script.google.com Failed
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 786
www.google.com — Cisco Umbrella Rank: 2
107 KB
19 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
323 KB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 62
cm.g.doubleclick.net — Cisco Umbrella Rank: 326
bid.g.doubleclick.net — Cisco Umbrella Rank: 1602
ad.doubleclick.net — Cisco Umbrella Rank: 161
106 KB
9 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 344
ep2.adtrafficquality.google — Cisco Umbrella Rank: 349
73 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
imasdk.googleapis.com — Cisco Umbrella Rank: 599
141 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 684
3 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 436
gcdn.2mdn.net — Cisco Umbrella Rank: 1398
r4---sn-vgqsknzz.c.2mdn.net — Cisco Umbrella Rank: 125798
39 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 333
3 KB
3 googleusercontent.com
lh7-rt.googleusercontent.com — Cisco Umbrella Rank: 806
235 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 681
89 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
143 KB
134 14
Domain Requested by
24 demo.minaonline.websitecom.lightspeedsystems.help demo.minaonline.websitecom.lightspeedsystems.help
20 fundingchoicesmessages.google.com pagead2.googlesyndication.com
20 pagead2.googlesyndication.com demo.minaonline.websitecom.lightspeedsystems.help
pagead2.googlesyndication.com
googleads.g.doubleclick.net
ep2.adtrafficquality.google
tpc.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
demo.minaonline.websitecom.lightspeedsystems.help
8 tpc.googlesyndication.com demo.minaonline.websitecom.lightspeedsystems.help
googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
7 www.gstatic.com demo.minaonline.websitecom.lightspeedsystems.help
googleads.g.doubleclick.net
5 ep2.adtrafficquality.google pagead2.googlesyndication.com
demo.minaonline.websitecom.lightspeedsystems.help
ep2.adtrafficquality.google
4 csi.gstatic.com imasdk.googleapis.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 ep1.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 imasdk.googleapis.com demo.minaonline.websitecom.lightspeedsystems.help
3 lh7-rt.googleusercontent.com demo.minaonline.websitecom.lightspeedsystems.help
3 fonts.googleapis.com demo.minaonline.websitecom.lightspeedsystems.help
googleads.g.doubleclick.net
2 r4---sn-vgqsknzz.c.2mdn.net
2 www.google-analytics.com www.googletagmanager.com
2 unpkg.com 1 redirects demo.minaonline.websitecom.lightspeedsystems.help
1 ad.doubleclick.net demo.minaonline.websitecom.lightspeedsystems.help
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.google.com ep2.adtrafficquality.google
1 s0.2mdn.net googleads.g.doubleclick.net
1 www.googletagmanager.com demo.minaonline.websitecom.lightspeedsystems.help
0 script.google.com Failed demo.minaonline.websitecom.lightspeedsystems.help
134 26

This site contains links to these domains. Also see Links.

Domain
discord.gg
adssettings.google.com
ad.doubleclick.net
Subject Issuer Validity Valid
demo.minaonline.websitecom.lightspeedsystems.help
ZeroSSL ECC Domain Secure Site CA		 2025-12-26 -
2026-03-26		 3 months crt.sh
upload.video.google.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.gstatic.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.google-analytics.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
adtrafficquality.google
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.google.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.doubleclick.net
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.c.docs.google.com
WR2		 2025-12-16 -
2026-02-24		 2 months crt.sh

This page contains 16 frames:

Primary Page: https://demo.minaonline.websitecom.lightspeedsystems.help/
Frame ID: CBE06F8FCD3F0D5823645DBFCBAAD5BB
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Frame ID: 423C7A4478FDF3ABF8511F7B5594A9B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&adk=1812271804&adf=3025194257&lmt=1766248281&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538688&bpp=19&bdt=558&idt=225&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4739302379611&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=254
Frame ID: 5B071703E1B28586AE6AB6A744EE490A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&h=520&slotname=5770542592&adk=207386277&adf=3610118697&pi=t.ma~as.5770542592&w=220&lmt=1766248281&format=220x520&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538707&bpp=1&bdt=577&idt=256&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=20&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=264
Frame ID: 9521CE462DE046C0D21237F7CF340817
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&h=90&slotname=3297805382&adk=2283289037&adf=1601388704&pi=t.ma~as.3297805382&w=728&lmt=1766248281&format=728x90&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538708&bpp=1&bdt=578&idt=301&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C220x520&nras=1&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=659&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=306
Frame ID: 39D80DE121AFF41E033EF0895643715A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&h=520&slotname=5770542592&adk=207386277&adf=154517092&pi=t.ma~as.5770542592&w=220&lmt=1766248281&format=220x520&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538709&bpp=1&bdt=579&idt=350&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C220x520%2C728x90&nras=1&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1360&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&ifi=4&uci=a!4&fsb=1&dtd=371
Frame ID: 90B253DBDDA1B5AB08F519FD80ECEBF4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Frame ID: F972663A23935FA894DB9D17121BBDBA
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Frame ID: 3A892A243374C61322257E90927E69DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20251211/r20110914/abg_lite_fy2021.js
Frame ID: 2F7093ABE093A6679EBC0F6C4B684A96
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2S2a0CEKCqyo8ZGMGp3LwCMAE&v=APEucNVjGsEKZ7rvVIBxvWbJSPYOLIbPgzsq8Mr2fh5EumpmZ0ezXBxPLiITpgI2tYxRiy_IvfEbOIkKvESzQhuHCnWyFv0IcQ
Frame ID: 41D5A526A4973D2BAD34FA049F29544C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20251211/r20110914/abg_lite_fy2021.js
Frame ID: 9B807A2222E66A3BABC738C0DF1E864E
Requests: 14 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 41D8277A20A0B87CF032DA8D10A68CB3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED0FAAEC50AD32914BFBC663C5BCCDB2
Requests: 2 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html
Frame ID: CC33CBB97BD340F8792E2213F41BEFFA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3DE188B960952DA73B73A9833AD71CE6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4845994519357732&output=html&h=1200&adk=2310436509&adf=1621614491&w=1600&lmt=1766248281&vpmute=0&to=fc&format=1600x1200&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&pra=3&wgl=1&aieuf=1&aicrs=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825541001&bpp=1&bdt=2871&idt=1&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D31fd9b820e5392a6%3AT%3D1766825539%3ART%3D1766825539%3AS%3DALNI_Ma3siH9RetTbqe4WbyDX0Tj9aZcpw&gpic=UID%3D000013205637463f%3AT%3D1766825539%3ART%3D1766825539%3AS%3DALNI_MaVxhppk5Jy9A0NcU75eRNw7jTCCA&eo_id_str=ID%3D3e01d7c2f6a6a4be%3AT%3D1766825539%3ART%3D1766825539%3AS%3DAA-AfjZxNqoJNWWG3apVK8Hbk5mQ&prev_fmts=0x0%2C220x520%2C728x90%2C220x520%2C1600x1200%2C728x90&nras=4&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&hl=en-US&ifi=7&uci=a!7&fsb=1&dtd=5
Frame ID: 9B05D7739D27F317C974604521D3D066
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Void Network V5

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • /particles(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

134
Requests

94 %
HTTPS

0 %
IPv6

14
Domains

26
Subdomains

26
IPs

2
Countries

2123 kB
Transfer

6390 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/lucide@latest HTTP 302
  • https://unpkg.com/lucide@0.562.0/dist/umd/lucide.min.js
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1
Request Chain 87
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aU.eRNHM6MsAIe5TAYKRPwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1&google_hm=2
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBrpG03L3Du_HCxMgok7irI&google_cver=1
Request Chain 89
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwODQ4NDQxMjYxNjMyNTI0OA%3D%3D
Request Chain 107
  • https://gcdn.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/id,itag,source,xpc,ctier,acao,ip,ipbits,expire/signature/CE5464FEDC844BBC9A8D4AD526A4355AAD1B961.46EEBB4FBAE03D78BFFB3A438A62FC281AD2892E/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-vgqsknzz.c.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/081816976F40DAEC60B296E9C83D69E46413E476.440B8BE031C6409C725CA4BD1E6DEE3A0301C953/key/cms1/cms_redirect/yes/met/1766825540,/mh/gp/mip/37.120.237.22/mm/42/mn/sn-vgqsknzz/ms/onc/mt/1766824840/mv/u/mvi/4/pl/24/rms/onc,onc/file/file.mp4

134 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
demo.minaonline.websitecom.lightspeedsystems.help/ 		60 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
2a16f1b971cf275a1b182488cfa87ed54f0edb809b703d50d5bd64c33ba69b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
cache-control
public, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 27 Dec 2025 08:52:18 GMT
etag
W/"f168-19b3c99f5ec"
expires
0
last-modified
Sat, 20 Dec 2025 16:31:21 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
accept-encoding
via
1.1 Caddy
x-content-type-options
nosniff
x-protected-by
VoidNetwork-Shield
x-xss-protection
1; mode=block
local-game-encoder.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/ 		2 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/local-game-encoder.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
ad83c5a37ed8cf2f7dbd99f1c46f9563929ddbd7317b61310c3aaf7d333bbbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"66e-19a66aac287"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:30:58 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.253.139.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yuiadsk-in-f95.1e100.net
Software
ESF /
Resource Hash
0552ee50f635535685ba2713af81fa081791d7705baa9cdb3c5d1f463aa0a228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 27 Dec 2025 07:15:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
lucide.min.js
unpkg.com/lucide@0.562.0/dist/umd/
Redirect Chain
  • https://unpkg.com/lucide@latest
  • https://unpkg.com/lucide@0.562.0/dist/umd/lucide.min.js
378 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/lucide@0.562.0/dist/umd/lucide.min.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Server
104.18.1.22 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
534813d1da2f4d4550383d5db0879aedb2f74c2d0b8951ade277e8bcaea6df52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
age
359434
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
expires
Sun, 27 Dec 2026 08:52:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 18 Dec 2025 10:46:31 GMT
vary
Accept-Encoding
fly-request-id
01KCRH32DF2E5RVDKJ63Z5707N-ord
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
priority
u=1,i=?0
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 fly.io, 1.1 fly.io
cf-ray
9b4794be296ca2ee-YUL
content-digest
sha256=:U0gT0dovTUVQOD1dsIea7bL3TC0LiVGt4nfovK6m31I=:
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=60, s-maxage=300
location
/lucide@0.562.0/dist/umd/lucide.min.js
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
cf-ray
9b4794bdb911a2ee-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
53
server-timing
cfExtPri
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
adsence-tracking.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		220 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/adsence-tracking.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
0b150705f64b0a0332235d0b72a27c9199bf0d59e1259022a2c2740936799e0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"dc-19a66aac287"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:30:58 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
ga-tracking.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		1 KB
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ga-tracking.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
cedd707303327a2a9f8222a0f65e86573c3d19f15331240644a9d0346b31dcec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"47b-19a66aac287"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:30:58 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
uv.bundle.js
demo.minaonline.websitecom.lightspeedsystems.help/ultraviolet/uv/ 		745 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/ultraviolet/uv/uv.bundle.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
78ae6d9f61f392225d938e9a14c18e80c217da8248d14f87fab86a8b26ff1f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"ba4b4-19abcb2c03a"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 25 Nov 2025 20:27:02 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
uv.config.js
demo.minaonline.websitecom.lightspeedsystems.help/ultraviolet/uv/ 		330 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/ultraviolet/uv/uv.config.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
256b156d3d886cd12b7a0ad0374a646b0adb7671eebab7b3d9fece6e17c58b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"14a-19affee2729"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 08 Dec 2025 21:46:29 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
register-sw.js
demo.minaonline.websitecom.lightspeedsystems.help/ultraviolet/ 		1013 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/ultraviolet/register-sw.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
e14f785c0472d90e635d642e0e2b78053f60913859b26f111a96ee8c0fe8dd85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"3f5-19ad5841fac"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 30 Nov 2025 16:06:37 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
particles.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/particles.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
fb699cd2921111df477108e68483942a288def0a3eb4b708866c992521850107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"1c96-19a6a73e797"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 21:09:32 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
popup-listener.js
demo.minaonline.websitecom.lightspeedsystems.help/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/popup-listener.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
e8481a1ead8b50b6c0cc501d8dad8db51ed3e5ffb576e4446577c302dff9d463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"1a6d-19a66ab0e6f"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:31:17 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
http.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/http.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
c83169cf862e67baca77cf3cd14a629bb84962a7fa22ac053c3a8ffb858c803e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"13a8-19a66aac287"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:30:58 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
adminabuse.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		47 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/adminabuse.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
86e9ad2cbd70b92cf469e3a7046b244044d5b0ffbf2abda45f5447f2c03f0e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"bdf8-19a66aac287"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:30:58 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
save-code.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/save-code.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
c38e17d3c4c0359acb101de8789403f06d053472f29c942258795d2b3a012a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"2ed7-19a7d09c9fc"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 13 Nov 2025 11:46:24 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
scramjet-preload.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/scramjet-preload.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
5303aad48561f80b727c4da8bb74fb07ca6c0750a5dd92feb3bdbf9edb9febb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"9af-19ae5f18ad3"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 03 Dec 2025 20:40:03 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
chrome-mobile-warning.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/chrome-mobile-warning.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
ace20d7024f7972b7116cb40e434cfefb545859532e96191fa88c68d03aad797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"15e3-19ad58c2fb6"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 30 Nov 2025 16:15:25 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4845994519357732
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
f1e6926f876ab9721fe34a9e07a95eb4431dde592487ee5d45942738585b564f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
br
etag
12470452127152666316
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55468
x-xss-protection
0
server
cafe
home.js
demo.minaonline.websitecom.lightspeedsystems.help/pages/home/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/pages/home/home.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
4e48b36dab43c7655377088866c76b7eaaa70323e9f43de34508d13f1fb48991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"155f-19a66ab0e6f"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:31:17 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
page-loader-main.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		2 KB
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/page-loader-main.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
e207f128ce206dbc4beaebeb09407c9065109dce6cd3cbb1d0c5fa685658ef54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"602-19a66aac287"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:30:58 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
exec
script.google.com/macros/s/AKfycbz1w3UhB-6o6JWDcwOfo7622pfuTLeTcL7O-rYinWuYl7JKS5sqk1hm652vWpEyf2nf/ 		0
0
index.js
demo.minaonline.websitecom.lightspeedsystems.help/baremux/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/baremux/index.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/scramjet-preload.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
1d56021f65ac6caf0e92b9c46d00f9a9045722766304fc6432f7927ced8a2c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"218d-19b2d0e499f"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 17 Dec 2025 16:04:29 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://fonts.googleapis.com/

Response headers

age
587584
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 20 Dec 2026 13:39:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 20 Dec 2025 13:39:14 GMT
last-modified
Mon, 15 Sep 2025 16:34:42 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://fonts.googleapis.com/

Response headers

age
586375
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 20 Dec 2026 13:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 20 Dec 2025 13:59:23 GMT
last-modified
Mon, 15 Sep 2025 16:35:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://fonts.googleapis.com/

Response headers

age
588354
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 20 Dec 2026 13:26:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 20 Dec 2025 13:26:24 GMT
last-modified
Mon, 15 Sep 2025 16:34:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7824
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://fonts.googleapis.com/

Response headers

age
588348
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 20 Dec 2026 13:26:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 20 Dec 2025 13:26:30 GMT
last-modified
Mon, 15 Sep 2025 16:35:17 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7840
x-xss-protection
0
server
sffe
firebase-app.js
www.gstatic.com/firebasejs/11.0.2/ 		98 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/11.0.2/firebase-app.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
c69080e34624183023d3227e3c4fb157e67cc6136ceb397ffb53fc3ba0dbe0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
age
41488
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 21:20:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 21:20:50 GMT
last-modified
Thu, 14 Nov 2024 15:32:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
22671
x-xss-protection
0
server
sffe
firebase-database.js
www.gstatic.com/firebasejs/11.0.2/ 		182 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/11.0.2/firebase-database.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
611b09f31aa435141d5e6dc721940730e6df53dda798d645d5c587d2c11794f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
age
64542
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 14:56:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 14:56:36 GMT
last-modified
Thu, 14 Nov 2024 15:33:18 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
48812
x-xss-protection
0
server
sffe
firebase-app.js
www.gstatic.com/firebasejs/12.4.0/ 		101 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/12.4.0/firebase-app.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
f1566138227e01ae6d9b58dc6df0c77647af9ac97fce5d5833f3df59db7b7f55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
age
139546
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Fri, 25 Dec 2026 18:06:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 25 Dec 2025 18:06:32 GMT
last-modified
Thu, 09 Oct 2025 12:10:08 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
23203
x-xss-protection
0
server
sffe
firebase-database.js
www.gstatic.com/firebasejs/12.4.0/ 		187 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/12.4.0/firebase-database.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
9d740e1efc4f3c4170666e735a4e34623c62570ef4c99e0b4ec41d801ddc1637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
age
67097
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 14:14:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 14:14:01 GMT
last-modified
Thu, 09 Oct 2025 12:10:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
50883
x-xss-protection
0
server
sffe
games.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/games/ 		124 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/games/games.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
6a7483b7b03b7c4ee1872faec28c4ddbef5590f9a3b16216f8539167dfb3f042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"1ee8d-19b48024e5e"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Dec 2025 21:41:09 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
apps.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/apps/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/apps/apps.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
1da78c080206cba172d19d790d94c5c60a9e96e7e7b64b2683e76db7399262cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"d5a-19ac7b749af"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 27 Nov 2025 23:47:49 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
scramjet.all.js
demo.minaonline.websitecom.lightspeedsystems.help/scram/ 		172 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/scram/scramjet.all.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/scramjet-preload.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
49e67b462f40cc09541556aa4b762b76c6ec5eee393c4c49221667260056e10a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"2b0d8-19abdcfb883"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 26 Nov 2025 01:38:18 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/ 		532 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4845994519357732
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
a950fb206b996e64577c65af36a7843ee693a5a61b72b6a9c62a7cf8236b1361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
br
etag
6930100869215565462
age
340
x-content-type-options
nosniff
expires
Sat, 10 Jan 2026 08:46:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 27 Dec 2025 08:46:38 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
176554
x-xss-protection
0
server
cafe
worker.js
demo.minaonline.websitecom.lightspeedsystems.help/baremux/ 		0
0
js
www.googletagmanager.com/gtag/ 		423 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-814Y2X3KSF
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ga-tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
34bb8f078266067c1060b4267cb5b498cc0595ca3d4c7dead9376afdb3a3e13e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 27 Dec 2025 08:52:18 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146327
date
Sat, 27 Dec 2025 08:52:18 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
footer.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/footer/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/footer/footer.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/page-loader-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
b655c55023be0fa8fee2bbd2272e6bad1c920c311357090c9bf1dbec981ba5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"6186-19b3caef81d"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 20 Dec 2025 16:54:18 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
settings.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/settings.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/page-loader-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
cb5eaf47923485fe861dbe5ef19bc2a523428de7f4f1c6ebd2acbf558bc7c4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"35c9-19b5e3432c8"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 27 Dec 2025 05:07:17 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
blank.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/blank.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/page-loader-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
c6a7c4e8052639aed0eee74fdb8ff47b87b06e71eeedbf16c87356e114747599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"12ef-19a66aac287"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 09 Nov 2025 03:30:58 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/ Frame 423C 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

age
2383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:12:36 GMT
etag
9949080804817620733
expires
Sat, 10 Jan 2026 08:12:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5B07 		287 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&adk=1812271804&adf=3025194257&lmt=1766248281&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538688&bpp=19&bdt=558&idt=225&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4739302379611&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
b6dfba3f37aa49c9cb322d57b2ca47c1b89ba7177ad88845c650cfb4a42e107d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
78437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:52:19 GMT
expires
Sat, 27 Dec 2025 08:52:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9521 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&h=520&slotname=5770542592&adk=207386277&adf=3610118697&pi=t.ma~as.5770542592&w=220&lmt=1766248281&format=220x520&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538707&bpp=1&bdt=577&idt=256&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=20&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=264
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
421ef940b7bf9a215f68906d24dad26c18f5c7d9f507a2e32702ede337543bc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1002
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:52:19 GMT
expires
Sat, 27 Dec 2025 08:52:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 39D8 		2 KB
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&h=90&slotname=3297805382&adk=2283289037&adf=1601388704&pi=t.ma~as.3297805382&w=728&lmt=1766248281&format=728x90&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538708&bpp=1&bdt=578&idt=301&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C220x520&nras=1&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=659&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
bc6235804499ea71dcfe6dbea99f2b41be25b7e5c616e0164a9000b3b7fec9a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
929
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:52:19 GMT
expires
Sat, 27 Dec 2025 08:52:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
user-tracking.js
demo.minaonline.websitecom.lightspeedsystems.help/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/user-tracking.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/assets/js/settings.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.209.18 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
vng.lol
Software
/
Resource Hash
0311b4cca7b231ea8ed319abcd33e4efaac542dfc0eea26c372550ddfd09698f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
W/"3d7e-19b4e1ea811"
x-content-type-options
nosniff
expires
0
x-protected-by
VoidNetwork-Shield
alt-svc
h3=":443"; ma=2592000,h3=":443"; ma=2592000,h3=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 24 Dec 2025 02:09:50 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable, public, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
via
1.1 Caddy
accept-ranges
bytes
x-xss-protection
1; mode=block
AN7BsVAsEUdNIJ37l2osQJwSfhirbiW-Xmspc_FvDtbR-aeq20ovmOhBLq9tnKKm-Uwgoc3tGPzvExx4Puuitz8Oj2PcBJnn-uFrzqEFuqb3WR4tzY5EgAK9XVdN__9APcELoHIZ2oIzSKUmyGoXKT9zlFXISDXqNErA4KyPiA
lh7-rt.googleusercontent.com/formsz/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh7-rt.googleusercontent.com/formsz/AN7BsVAsEUdNIJ37l2osQJwSfhirbiW-Xmspc_FvDtbR-aeq20ovmOhBLq9tnKKm-Uwgoc3tGPzvExx4Puuitz8Oj2PcBJnn-uFrzqEFuqb3WR4tzY5EgAK9XVdN__9APcELoHIZ2oIzSKUmyGoXKT9zlFXISDXqNErA4KyPiA?key=yj4V8pHW144VjA9YlEbf1Q
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
3b4e73beba089c4c823cc457415659eeced32b74d64d0d7c9b6706cccb412d7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
etag
"v0"
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66705
date
Sat, 27 Dec 2025 08:52:19 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="unnamed.jpg"
AN7BsVDFTc8eYK82pfJHrsqfJET4Zl5h9wv6Cs-tp8-mGeroqGCyp_WBsxqe5C790smSSQsr8c4nl87PhFIvqd9DmDuubqqwAyzZpN_UM7g2R9-dVyXh10br3LL_h7cvE1vhkVpfS91F_0P7Ah8ZyBCsuoGr__cv5nOkYTn9
lh7-rt.googleusercontent.com/formsz/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh7-rt.googleusercontent.com/formsz/AN7BsVDFTc8eYK82pfJHrsqfJET4Zl5h9wv6Cs-tp8-mGeroqGCyp_WBsxqe5C790smSSQsr8c4nl87PhFIvqd9DmDuubqqwAyzZpN_UM7g2R9-dVyXh10br3LL_h7cvE1vhkVpfS91F_0P7Ah8ZyBCsuoGr__cv5nOkYTn9?key=yj4V8pHW144VjA9YlEbf1Q
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
39b6c8f2c22e44ff279948884215176b579e5d8d96282c652c79cd21ace47922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
etag
"v0"
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14566
date
Sat, 27 Dec 2025 08:52:19 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="unnamed.png"
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://fonts.googleapis.com/

Response headers

age
588508
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 20 Dec 2026 13:23:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 20 Dec 2025 13:23:51 GMT
last-modified
Mon, 15 Sep 2025 16:36:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://fonts.googleapis.com/

Response headers

age
588050
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 20 Dec 2026 13:31:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 20 Dec 2025 13:31:29 GMT
last-modified
Mon, 15 Sep 2025 16:33:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
ads
googleads.g.doubleclick.net/pagead/ Frame 90B2 		2 KB
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&h=520&slotname=5770542592&adk=207386277&adf=154517092&pi=t.ma~as.5770542592&w=220&lmt=1766248281&format=220x520&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538709&bpp=1&bdt=579&idt=350&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C220x520%2C728x90&nras=1&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1360&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&ifi=4&uci=a!4&fsb=1&dtd=371
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
5b76c07c40a81ce20031358781ca88975dc11ba6e786f34af735fb59cb6f038c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
970
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:52:19 GMT
expires
Sat, 27 Dec 2025 08:52:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
firebase-app.js
www.gstatic.com/firebasejs/12.5.0/ 		101 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/12.5.0/firebase-app.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
4a168c67d315dad304efe9122083c1d748c194070d5d80df67a314665e1b1875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
age
64542
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 14:56:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 14:56:37 GMT
last-modified
Thu, 30 Oct 2025 15:52:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
23204
x-xss-protection
0
server
sffe
firebase-database.js
www.gstatic.com/firebasejs/12.5.0/ 		187 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/12.5.0/firebase-database.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
c3eae2c5e526c62112ade0f9edba2dc34f36ac7a0dc352bd7158e5322a878353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://demo.minaonline.websitecom.lightspeedsystems.help
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
age
67098
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 14:14:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 14:14:01 GMT
last-modified
Thu, 30 Oct 2025 15:53:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
50883
x-xss-protection
0
server
sffe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-814Y2X3KSF&gtm=45je5ca1v9204663581za200zd9204663581&_p=1766825538848&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1341620922.1766825539&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=103116026~103200004~104527906~104528501~104573694~104684208~104684211~105391253~115583767~115616986~115938466~115938468~116184927~116184929~116251938~116251940~116744866&sid=1766825539&sct=1&seg=0&dl=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&dt=Void%20Network%20V5&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1484
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-814Y2X3KSF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f113.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:112:0
report-to
{"group":"ascnsrsggc:112:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:112:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:112:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
text/plain
server
Golfe2
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B07 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20251211&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4845994519357732&output=html&adk=1812271804&adf=3025194257&lmt=1766248281&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825538688&bpp=19&bdt=558&idt=225&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4739302379611&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/getconfig/ 		18 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20251211&st=env&sjk=7600919340591689
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
891b4134fca2febf25fa3b4f5595849ca4e51d59fa77b5c0d7434ac3334e42dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13604
date
Sat, 27 Dec 2025 08:52:19 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/ 		192 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
39d49d5c5dd7873f5afcbe584de03911d9aa2815558f58144ec4c46de7697d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
br
etag
1585021414342860708
age
68706
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 13:47:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 13:47:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65541
x-xss-protection
0
server
cafe
ca-pub-4845994519357732
fundingchoicesmessages.google.com/i/ 		216 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4845994519357732?href=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
50c485a9384b2a9d81437cbef86594c914dd80d4285302c3cdaea462d227564d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0xIi4I8bohq3_shPGDFvyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NCQYmi9eY51OhB3LTrPOgeIDRUusToD8Yf6y6w_gLhI4gprCxB_qrrBKlJ9gzWJ_SZrCRCb-d1mtQPib8W-bBwlvmz7_vuyHQPivTl-bEeBOLPTj60QiHU2-7GZAPH5vX5s14F4hZc_2wYgFuLhOLxn3yk2gQVtT58xKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkaGhka6hmYxxcYAABWakZ8"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0xIi4I8bohq3_shPGDFvyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AN7BsVBiDSZGgAgxhRnqUFCY_8TzussrTcI-a0NpS7Rmci9QIZT3Ghix0lhl_jbjQu3y5v5WiDpP7HZx955NSv9aw6Pt2HKdYFVc4cMgERxUnEASRmhDt6wAu5HNzZhEqR7a4dmtovtWCXyZPUTAOO9yHCVC07beWMC88PI_
lh7-rt.googleusercontent.com/formsz/ 		155 KB
155 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lh7-rt.googleusercontent.com/formsz/AN7BsVBiDSZGgAgxhRnqUFCY_8TzussrTcI-a0NpS7Rmci9QIZT3Ghix0lhl_jbjQu3y5v5WiDpP7HZx955NSv9aw6Pt2HKdYFVc4cMgERxUnEASRmhDt6wAu5HNzZhEqR7a4dmtovtWCXyZPUTAOO9yHCVC07beWMC88PI_?key=yj4V8pHW144VjA9YlEbf1Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
152669b1b999ac2f39d0846a39bdfbef9922094275414e37b3fffd71f899af2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
etag
"v0"
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158755
date
Sat, 27 Dec 2025 08:52:19 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="unnamed.png"
sodar2.js
ep2.adtrafficquality.google/sodar/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lCqMODlQUS_Yq8tfDpwDUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw0JBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-Pwnn2n2ARmHGq4wKzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA2NDA31DMzjCwwAVOozWA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lCqMODlQUS_Yq8tfDpwDUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rDAdUP-DvxpYhfr3XHVlXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII1JBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-Pwnn2n2AROTOm6wKzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA2NDA31DMzjCwwAXVAzbQ"
content-security-policy
script-src 'report-sample' 'nonce-rDAdUP-DvxpYhfr3XHVlXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FInYKfeiYY4oKQy_dwYXeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1JBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-Pwnn2n2AReXGy4wKzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA2NDA31DMzjCwwAcTgzuA"
content-security-policy
script-src 'report-sample' 'nonce-FInYKfeiYY4oKQy_dwYXeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWlsBhPJBDH3jZiWeGsYUP8K2kV4aksLD_DUg33aA9o2ir88_ue3N1LhghUHHnj1xpgxeSDxAhTDMjWjmdJ6xs4oR7Eas0kQxx_D_7Q9niea2sbpB8mdX3KY_-1GpuEEQhIxOV-kQ==
fundingchoicesmessages.google.com/f/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWlsBhPJBDH3jZiWeGsYUP8K2kV4aksLD_DUg33aA9o2ir88_ue3N1LhghUHHnj1xpgxeSDxAhTDMjWjmdJ6xs4oR7Eas0kQxx_D_7Q9niea2sbpB8mdX3KY_-1GpuEEQhIxOV-kQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzY2ODI1NTM5LDg4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTldXSwiaHR0cHM6Ly9kZW1vLm1pbmFvbmxpbmUud2Vic2l0ZWNvbS5saWdodHNwZWVkc3lzdGVtcy5oZWxwLyIsbnVsbCxbWzgsInNDaE5INU9zYWswIl0sWzksImVuLVVTIl0sWzIzLCIxNzY2ODI1NTM5Il0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdLFsyOSwiZmFsc2UiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
3fa65550b645ec6e5e829c38072f48d576d48225ff084fabbd6d6cab1b83c8a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vp_lmdnekXArbitlXrLrqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:19 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj6mDU4pJicNOQYmi9eY51OhB3LTrPOgeIDRUusToD8Yf6y6w_gLhI4gprCxB_qrrBKlJ9gzWJ_SZrCRCb-d1mtQPib8W-bBwlvmz7_vuyHQPivTl-bEeBOLPTj60QiHU2-7GZAPH5vX5s14F4hZc_2wYQ9vNn2wHEQjwch_fsO8UmcOFN2z5mJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDI1NDI0NDPQPz-AIDAJKUSUA"
content-security-policy
script-src 'report-sample' 'nonce-Vp_lmdnekXArbitlXrLrqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/ Frame F972 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

age
2383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:12:36 GMT
etag
9949080804817620733
expires
Sat, 10 Jan 2026 08:12:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/ Frame 3A89 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

age
2383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:12:36 GMT
etag
9949080804817620733
expires
Sat, 10 Jan 2026 08:12:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame F972 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.251.111.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f95.1e100.net
Software
ESF /
Resource Hash
1d31f469ed26c1fb1b8a2348f329b45c6eb7214c3f5fbdd53e1d4d3062983cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 27 Dec 2025 08:41:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251211/r20110914/ Frame 2F70 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251211/r20110914/abg_lite_fy2021.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
bd04667d5d5feb14319f345a1a8e7486d8ab5aea560fb8be53cae5f6bc9d0e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
11386605814003084292
age
78709
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 11:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 11:00:31 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8505
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 2F70 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.251.111.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f95.1e100.net
Software
ESF /
Resource Hash
9a1c60310270c15b41063e11841c4efed4dc17c2b43bc3f3530a117382d25a6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 27 Dec 2025 08:36:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/ Frame 2F70 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.css
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
age
39502
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 21:53:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 21:53:58 GMT
last-modified
Wed, 03 Dec 2025 11:43:51 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2920
x-xss-protection
0
server
sffe
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/ Frame 2F70 		382 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
sffe /
Resource Hash
241ada12551b42e44079687179abd1a5e06b5ed2b0560d03ef6656cbdce6a9f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
age
40795
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 21:32:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 21:32:25 GMT
last-modified
Wed, 03 Dec 2025 11:43:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
135199
x-xss-protection
0
server
sffe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251211/r20110914/client/ Frame 2F70 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251211/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
7c2a319af282b5ae2ed151a1daf4ace7f5d041af58157b8fd7c27974bf40187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5680856984361098836
age
73250
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 12:31:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 12:31:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8670
x-xss-protection
0
server
cafe
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251211/r20110914/elements/html/ Frame F972 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251211/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
4a4bb2683722eca4d66c9c1b056aa3dc0ed6232800b7216b94e9a3989b661d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
1850745056150936176
age
81265
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 10:17:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 10:17:55 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
6628
x-xss-protection
0
server
cafe
more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F972 		233 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

age
66015
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 14:32:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 26 Dec 2025 14:32:05 GMT
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
233
x-xss-protection
0
server
sffe
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251211/r20110914/elements/html/ Frame F972 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251211/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
0c0f961349fba715cdaeeae423f886c686edb42e778e89835ce0472b4c2bbb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
13103133759806843842
age
84547
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 09:23:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 09:23:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9580
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 41D5 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2S2a0CEKCqyo8ZGMGp3LwCMAE&v=APEucNVjGsEKZ7rvVIBxvWbJSPYOLIbPgzsq8Mr2fh5EumpmZ0ezXBxPLiITpgI2tYxRiy_IvfEbOIkKvESzQhuHCnWyFv0IcQ
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:52:19 GMT
expires
Sat, 27 Dec 2025 08:52:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20251211/r20110914/ Frame 9B80 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20251211/r20110914/abg_lite_fy2021.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
bd04667d5d5feb14319f345a1a8e7486d8ab5aea560fb8be53cae5f6bc9d0e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
11386605814003084292
age
16887
x-content-type-options
nosniff
expires
Sat, 10 Jan 2026 04:10:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 27 Dec 2025 04:10:52 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8505
x-xss-protection
0
server
cafe
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20251211/r20110914/elements/html/ Frame 9B80 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20251211/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
2a4289ef2cd254e85b231e3d3dda54b62eb744f53b8484ac9a3c05b74d7b7396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
11675938569019646908
age
66155
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 14:29:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 14:29:44 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
3215
x-xss-protection
0
server
cafe
VFc2VJAc.js
ep2.adtrafficquality.google/sodar/ Frame 9B80 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/VFc2VJAc.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
54573654901c495ecf67cc8ffd30108dd6f3a3c7332fd4dba41ab13877b75b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
age
2219
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 09:05:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:15:21 GMT
last-modified
Thu, 13 Mar 2025 04:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
14328
x-xss-protection
0
server
sffe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251211/r20110914/client/ Frame 9B80 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251211/r20110914/client/window_focus_fy2021.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
76060
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 11:44:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 11:44:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251211/r20110914/client/ Frame 9B80 		21 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251211/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
7c2a319af282b5ae2ed151a1daf4ace7f5d041af58157b8fd7c27974bf40187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5680856984361098836
age
73250
x-content-type-options
nosniff
expires
Fri, 09 Jan 2026 12:31:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 26 Dec 2025 12:31:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8670
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9B80 		227 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
04ed00928d15a800e1ee9d6dc81c7a5d96e60322e2f6ae495dd4cad9a9c1ebbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
4275280797838870707
age
948
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 09:36:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 27 Dec 2025 08:36:31 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
71554
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B80 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CaDXWh-cHxbMCVA5hiDuNuBDuQDY0N1rift1vx4QtAM-241XnKd_PbdsoV0UCCgVwjXSZ832j5RJvoooRTnUbj4HHYym03EqtK57_Vm-1lHWHQ8Rg
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
3064951537646910787
s0.2mdn.net/simgad/ Frame 9B80 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3064951537646910787
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f149.1e100.net
Software
sffe /
Resource Hash
27421a5c2586bc492ad151019fef0b4befa9c5538e094f741f591ecf6a319ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

age
100309
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sat, 26 Dec 2026 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 26 Dec 2025 05:00:31 GMT
last-modified
Fri, 05 Dec 2025 20:08:56 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
37909
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 41D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:21:59 GMT
expires
Sat, 27 Dec 2025 09:11:59 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED0F 		829 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
ESF /
Resource Hash
0dcc0ed260df55af8f03e75ecc5056163513905ad219bbb383e947806a664416
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-swCuAb2zyQ1vPi8qAxk2eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-swCuAb2zyQ1vPi8qAxk2eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:52:20 GMT
expires
Sat, 27 Dec 2025 08:52:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWRmcBrrU-LqS8QkduOh9hN1RWa_VfXvrITrCGcjMw7c2Mcd0B9Meu-x_kCx9qQTbsoLxp3b-mYRc2GYEDb10pJPpggveqStpSGWzk-tb_Inb8Ne_oLiKdr8CZU-REvFU7SX7TdhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWRmcBrrU-LqS8QkduOh9hN1RWa_VfXvrITrCGcjMw7c2Mcd0B9Meu-x_kCx9qQTbsoLxp3b-mYRc2GYEDb10pJPpggveqStpSGWzk-tb_Inb8Ne_oLiKdr8CZU-REvFU7SX7TdhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Fu06g4i89EuMlSUDMb5ozA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw05Bi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIm-PInn2n2AQu_G_hU3JJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkamhkaGhnoG5vEFBgAlsjMK"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Fu06g4i89EuMlSUDMb5ozA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVpp9iNdpO3algSt_Mru93j0S99XgMn-FJoNLEMKXAcOLxTuH_Ar3ige_GKKO7HdmujLfzZXFfd8PcyAQbiElGQebdw89KNVt3ZmfQL0L7_LE27VPsA9ZVEIrKNNLD61gKxnNjg7w==
fundingchoicesmessages.google.com/f/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVpp9iNdpO3algSt_Mru93j0S99XgMn-FJoNLEMKXAcOLxTuH_Ar3ige_GKKO7HdmujLfzZXFfd8PcyAQbiElGQebdw89KNVt3ZmfQL0L7_LE27VPsA9ZVEIrKNNLD61gKxnNjg7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzY2ODI1NTM5LDk5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTksOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZGVtby5taW5hb25saW5lLndlYnNpdGVjb20ubGlnaHRzcGVlZHN5c3RlbXMuaGVscC8iLG51bGwsW1s4LCJzQ2hOSDVPc2FrMCJdLFs5LCJlbi1VUyJdLFsyMywiMTc2NjgyNTUzOSJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjksImZhbHNlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
0ee8a154ad195f15bdcda6a7e18badb1348763c2f7967b671b27930240587918
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JqMrEybxoYHlBhRNbjydkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNKQYmi9eY51OhB3LTrPOgeIDRUusToD8Yf6y6w_gLhI4gprCxB_qrrBKlJ9gzWJ_SZrCRCb-d1mtQPib8W-bBwlvmz7_vuyHQPivTl-bEeBOLPTj60QiHU2-7GZAPH5vX5s14F4hZc_2wYgFuLmOLJn3yk2gQ87n4gqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRoaGRrqGZjHFxgAABj4RjU"
content-security-policy
script-src 'report-sample' 'nonce-JqMrEybxoYHlBhRNbjydkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum
dsum-sec.casalemedia.com/ Frame 41D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1
43 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2S2a0CEKCqyo8ZGMGp3LwCMAE&v=APEucNVjGsEKZ7rvVIBxvWbJSPYOLIbPgzsq8Mr2fh5EumpmZ0ezXBxPLiITpgI2tYxRiy_IvfEbOIkKvESzQhuHCnWyFv0IcQ
Protocol
H3
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=U70w5uafB1%2B07PMzFunUn66gCzrj7NyNdU5CqJi9QOMrPhrCyRRQ6esI62WVhY3XDEHmOln7ZNL9kwpI%2BsK3blCw1%2FjWODMgvWoFJyGxN%2Fynmw5aCg%3D%3D"}]}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
image/gif
vary
accept-encoding
priority
u=2,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
cf-ray
9b4794ca1d49a29f-YUL
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
313
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
rum
dsum-sec.casalemedia.com/ Frame 41D5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aU.eRNHM6MsAIe5TAYKRPwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1&google_hm=2
43 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2S2a0CEKCqyo8ZGMGp3LwCMAE&v=APEucNVjGsEKZ7rvVIBxvWbJSPYOLIbPgzsq8Mr2fh5EumpmZ0ezXBxPLiITpgI2tYxRiy_IvfEbOIkKvESzQhuHCnWyFv0IcQ
Protocol
H3
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BoIqXCHkJMDwybzSy0x%2FNzIm3JwLF5bivZLNATlLxQxP3DZ4UGVNKbdrO3LIZcFIXyIBvIoCYTR6CsG3H1R4FRv8N9GzN0APDz20pfIYflUlLAmr7g%3D%3D"}]}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
image/gif
vary
accept-encoding
priority
u=2,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
cf-ray
9b4794caadd2a29f-YUL
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7OhYmR4968VBz8vRzreqw&google_cver=1&google_hm=2
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
329
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
setuid
ib.adnxs.com/ Frame 41D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBrpG03L3Du_HCxMgok7irI&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBrpG03L3Du_HCxMgok7irI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2S2a0CEKCqyo8ZGMGp3LwCMAE&v=APEucNVjGsEKZ7rvVIBxvWbJSPYOLIbPgzsq8Mr2fh5EumpmZ0ezXBxPLiITpgI2tYxRiy_IvfEbOIkKvESzQhuHCnWyFv0IcQ
Protocol
H2
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
37.120.237.22; 37.120.237.22; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
b048ade3-2d45-4f26-af5f-5615f1dbffdf
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.25.5

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBrpG03L3Du_HCxMgok7irI&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
290
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/ Frame 41D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwODQ4NDQxMjYxNjMyNTI0OA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwODQ4NDQxMjYxNjMyNTI0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2S2a0CEKCqyo8ZGMGp3LwCMAE&v=APEucNVjGsEKZ7rvVIBxvWbJSPYOLIbPgzsq8Mr2fh5EumpmZ0ezXBxPLiITpgI2tYxRiy_IvfEbOIkKvESzQhuHCnWyFv0IcQ
Protocol
H2
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cache-control
no-store, no-cache, private
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwODQ4NDQxMjYxNjMyNTI0OA%3D%3D
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
37.120.237.22; 37.120.237.22; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
7296b9f7-a84e-4d3a-80f2-36d27d5d3ea6
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
fonts.gstatic.com/s/roboto/v50/ Frame F972 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/

Response headers

age
588050
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 20 Dec 2026 13:31:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 20 Dec 2025 13:31:30 GMT
last-modified
Tue, 18 Nov 2025 19:00:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20612
x-xss-protection
0
server
sffe
truncated
/ Frame 9B80 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbc8bcb95702b90051328d996eaae43ff8e950a5aba9166f45f6afbf1eb7f4be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Klz6NWr5.html
ep2.adtrafficquality.google/sodar/ Frame CC33 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/VFc2VJAc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
2a5cfa356af90e4dc14d89477463deb2c098c826ebc6d74c1577eb3d5973cac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
12007
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:42:56 GMT
expires
Sat, 27 Dec 2025 09:32:56 GMT
last-modified
Thu, 13 Mar 2025 04:28:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 2F70 		0
534 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~mjo2b3wh&c=5219416387921&slotId=2609708193960&qqid=CPOkjYWy3ZEDFa8oaAgdnqQSyA&fb=outstream-lima&sei=44752538%2C95363795%2C420706098%2C789179015%2C798227501&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C95329494%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v50/ Frame 2F70 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/

Response headers

age
464794
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 21 Dec 2026 23:45:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 21 Dec 2025 23:45:46 GMT
last-modified
Tue, 18 Nov 2025 19:00:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F70 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CG9FUQ55PabP3Ba_RoPMPnsnKwAz164KrhAGpr6mq8BTh7c65lkYQASC9ityhAWD96KKB8AOgAcPosM8CyAEFqAMByAObBKoEsAJP0IV5LIgXEd-IA6tUYGumdDsY-S3lIBPQW_UsVQd-CIPMgwOF-25bbd5qjBSWuX7JGktmIzlGmMV6pOztNxArh-1SpslCbyS7pClDCRVHTFOPE0CGBomC8yQ6ip6kgaAHs8TG8VRQThuPT_0TdhMJZH9kIdk-0kqLbrQ63zBA6BTOgAONHIG-Lmq6j5J6VUN4WTa5XlKopDJ12A-GzwLcjk2hOyB7DMx6ogn1aVJCy-E0G9TJ7AuGiJheMLsNRyAJKlQCG_IeSFmxdQFNuLZ_PcVO250aGAt0z9FXyYFvnq34zvY0hRp1VjdY_jgxCsaJiwt9RML8XYfMTo3TJmu0IheobuzPjlsnWZScE1efsq-E8ualEzMWkdvf7zZWbeTQQlaN2zP6CKt3m6OraD8wwAT--5PdwAXgBAOIBb_56o1XkAYBoAZOgAell8-wAagHp8yxAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAeaBqgH_56xAqgH35-xAqgH-MKxAqgH-8KxAqgH59exAtgHANIILwiAYRABGJ8DMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WL2CjYWy3ZEDgAoBmAsByAsBgAwBqg0CQ0HqDRMIt4mlhbLdkQMVryhoCB2epBLIiA4JsBPe_OEf0BMA2BMNiBQE2BQB0BUByhYCCgD4FgGAFwGyFwIYArIYCRICsFMYTiIBALIZATXQGQE&eventType=clickstring&clientTime=1766825540234&ai=CG9FUQ55PabP3Ba_RoPMPnsnKwAz164KrhAGpr6mq8BTh7c65lkYQASC9ityhAWD96KKB8AOgAcPosM8CyAEFqAMByAObBKoEsAJP0IV5LIgXEd-IA6tUYGumdDsY-S3lIBPQW_UsVQd-CIPMgwOF-25bbd5qjBSWuX7JGktmIzlGmMV6pOztNxArh-1SpslCbyS7pClDCRVHTFOPE0CGBomC8yQ6ip6kgaAHs8TG8VRQThuPT_0TdhMJZH9kIdk-0kqLbrQ63zBA6BTOgAONHIG-Lmq6j5J6VUN4WTa5XlKopDJ12A-GzwLcjk2hOyB7DMx6ogn1aVJCy-E0G9TJ7AuGiJheMLsNRyAJKlQCG_IeSFmxdQFNuLZ_PcVO250aGAt0z9FXyYFvnq34zvY0hRp1VjdY_jgxCsaJiwt9RML8XYfMTo3TJmu0IheobuzPjlsnWZScE1efsq-E8ualEzMWkdvf7zZWbeTQQlaN2zP6CKt3m6OraD8wwAT--5PdwAXgBAOIBb_56o1XkAYBoAZOgAell8-wAagHp8yxAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAeaBqgH_56xAqgH35-xAqgH-MKxAqgH-8KxAqgH59exAtgHANIILwiAYRABGJ8DMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WL2CjYWy3ZEDgAoBmAsByAsBgAwBqg0CQ0HqDRMIt4mlhbLdkQMVryhoCB2epBLIiA4JsBPe_OEf0BMA2BMNiBQE2BQB0BUByhYCCgD4FgGAFwGyFwIYArIYCRICsFMYTiIBALIZATXQGQE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20251211/r20190131/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
csi
csi.gstatic.com/ Frame 2F70 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~mjo2b3wt&c=5219416387921&slotId=2609708193960&qqid=CPOkjYWy3ZEDFa8oaAgdnqQSyA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.108&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
vast
bid.g.doubleclick.net/dbm/ Frame 2F70 		42 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BfycRcn2KpaY78PgYTDEXnSCBFq47ZrXr-UHXjcTdmOk_QS6YOw4ZYEL6UWGKt-777JUqYrCtYqmdFPxv-wMFyfSxo2g&cry=1&dbm_d=AKAmf-BLYkwE--DFd9nDg9YJdOpfkvU1m5mrCbM-DPlgBr8tpCDyapy65tkIGTANJS9hSL_FshFwcoY9ietgVp3Y7X18vkzEeS9Cr4HMNinVrhq__K_bRkhnD9MOgqDxnXCn3ECqAP8N7c0v1OAx4Trs41yK1kgd-6PWw7WFao4JHN2ooflikAmjwe7DD-VGgVjNjfyoj-xw0NH70LiPCj8QmNIe7MbjCQ_QP6dMpmNOZ-JslINfvs8YKyrUBReUNs_06GwwVq5hn8Ach8-590ODbonfPsbk4px4Rb81grnE5NUWwGllgPz2BnhgTCEtJbhbefL3ZH0ATU-8V9eOO6vP-EPHgyVLWFPEmg4DPRNiqDaDAZiTveh4WJpGrjnywP0Js6Fr-o_mh_Ar7Xq4lT9CyU8GZ0NsRETO53t2dvkRJhfIS1ggtfkoWaHcq_Xs7OfTeVNpDCqfSmaZFu4fs8T8Pjrns5q8xzEPQekcUtFJQlFBifdkALP-VGDZPoFuosaHcSx28nqnAq9T0Io1ZAmF4OSXLUAJ4YGBmbtJRW2_4FMvdj_oDNNACX1fdkM6RafYnEYlcAp_sK4RdqyYhB6onmaZMS_kuRpJn0jNq8hW6jaki_UZP1CZzxYmxH4VkKr0b9GuT3ECLk_2Aun7R_JGEWS07QIQyQpjpVkNQbVAAmEI0kf8jSm0wBGff5ONxvAWnoih7qx3sxFnXfhNgEORiWv29q9pBfdj4dnvehcE26EzQfnxvLJRmJKlhSOy1GEjSoVXkmfVl2Dh8aKI6X46oKJlBs1H1Wa3AvZnogn_N0SBmc4ZHd0jmA9HNszkZqy0BaiHOu_gBD93y8dnkZiuNoL7C6CP0H4_hAYR2b9sSQM3SmxsR7j5ngW14iiRRlov786uDf4A-nIVALd-Rs0A5bZAI5YC9dwaVOXP-OSQvcPRmhVDk0WFsU6gG365XQqFyLlVRuWzJMSNMphSL7qwzGZQ3C5rf1YgjGgGSUzpBdiaHIgnKu3uskrKr5HAcoJbc6uYyoyI4o53vlqPE1fKv5fbqWXvwR7xOdTRt_4pmVNh94Hg4_DhYx28mk0HYI3Xb3XtYukgtiSiEWW76J5TxnWB_mgO-VNwezuI0UK68Z95__PURpH3OkNlvETQdpd79hW2Twe_EqK1Vp_Fi_3XH7vsCG7TkbdaBSeerDYNSgbDaZgLm92tEwuMrgwHh0IFqsq-LMe4Mrbm_4hDucJNbjVRQaT6rQXnaSrzEgY6qgj11yE6R3zvCnJmb1wrT3iyxK0Td3OEKQAKqL_5q4N0ctMWhwILJ8nL30pI08QluLQjZI1HZCg82iaY_2IyjUd12nIAqrwtQ7t0MqNeKPIvIkSZJCq64HjyjvkDeUiuTJsBZifa5vflv_QVuOwbLqYtWatQINKhTf1zd4oBz486zToeCnHOj_2-y2RIu9Ou8vVPlRUXzycwEG8Tu_JhhJU_XFx9BdCH18qCjaetAXxOUxBKtMWDFsSLDxjsWD2wz0EkMOUe89TmidkhNQTzUuPvrjWV4AU6DGIxYSGJTU7meU_VsYtEOpThyUJPQOAIBrK7fja27LmbmTBO5vhONnjq9extcyim_OMfadlZTnhbD_wFKBJ8_4nnFGLY7vgEZ_V3nsDfDJ6raJ4PEovFl29F3ddHLODqw6lIaeOxbGwWNLJwlseepTYlLGcmibjvpiKCtIKTG1is7Q6VcFHaJjpQAcEz8p_pUvzZ-6hy2L_g6lXt0wt97vcb9aTSrny7Lv3Auf2jcq9rai1Nu39RHlDyekYVsxpdgMw4Su7YH8hvvv5NaZeqJdUutZ8kU54Z-MQpizHVhDsCTlOyO_lEcbR3jo6Qcsg02CRPgpQXWHJ7E6UdN8L013A9Olgyg2bgXyMm0o7spJUmgm7C23AshP-G03OjM-rWdtJ1vNMHEQn0MAFCXsdeV1bcPb6WgdSXCFjNmlGytVJGxbux0lLOGincMzDHpM1V9_9tO7fdjWIzTXLuSxYSzSyzzC_UKs3vU85R3zasz26eAVv4esfPUAYgs89JVhk2mRO4rX3Mo2WISq0Zx9uX2TS2gUM095KAMY_-0XUoZ4Rm_bsleh14eU6mlpa3Xe61qVDkNcfzHRxWJfGR0yz2P1sQBSrB8W2IkPe3qUeCWJ4M4S8ZOlxH0bY4Fa6Z_tHrdD02IVMlH0pDdk_G-ZRBKriA8KcATLnaFYXNAhDOHmsV1JmMIP7xeEj1RKayyF6fYmmxH_pUOz537E1A0cw4SSkP67h2JnYQ7n_kmtuurhudEvRpItPgBWmlbbeK4Gxg_2Hw1JGCpNH_WlU35tP_G4X9MYpMBUYYXHHZ_UYPtEDykYBmzQ8-UslFimrxgDU7jbfv8yESrB_8YAxXjDKkMgap6_7H9R9Dni3GY88yGdoJbUh3RVKKVV-UIqA9h2q8I4GFyvZt36RL2KaZacK9pAkKRx1BzW0Ra3wwIH_2xoudExdPLGV1WVD1cBDqaDJJOQYGvfJpAZgECa03smSk81PPyGoVKQbbx8hs7wpDSbuNAYLa09gWT1Nu0kap0VTkgkK64iQM_DLXX8Dj2ehQmVgaoNvWfeLJ6HoA8AkZNsn9Q9z2KQePLyfeyoU0qGh4fDmZ0gyfaP7MUv16fisaR6EKKWZ7T6kTdf0h-blFE1t6Q9kpE03ITTGZ7a61hIY2zaxM_2jGnAp2VgP3Aio3RdIfxfBGFACej0PFJIt0CfecGImGAUYW2WMFo_s12SdJrjJQMlfH7qv4Mvhr_m0AgIaiCTEWzX02UbgBdJSVDUC9kZ2elSAJH5N5K8t-E15Sw9xxSzy5o9nlcBvWzZx8t7iueD4rQ4Vqy-qvnD_IPsTW4UnES9FyKTUqtkoAjqymibHWV786a1k7y3iUVIVyHzM0NWfKUa-KB8fo3UYx5yercALn1HhpO6mKhlhh6kTmzXX84L7mhKoZt11TdUH5hYr00cvCu_q5RMzQlbxSanVD-V9Iu58e3VuyZaC4d0VqR5NQ7VnmVHews0tDOgjep6vsMV5I5QTKzicE5dx0ywAn68njjz3MmXPcTXon_KrqbZ8lO_xDe7icGQfHt9sAC8p0HQs1jNjreppsGf2hDoPIXWsaDdi7Q6NG51yP9uzwiC2xcbMmLIAPWSNPe5wSagr_pho07VhBiiPRnpoJ2AK4z2jGkRoplseEwzYdFxYdICTvJjQxpNYFIhYfZFNV0DR3CmLcpHTyigNGAoXd3f9l4GAwAEMNWe8nDn9wAUVZqkD4lXwlKNIa8MXS_fbKp54FcWHKRPw_l9sBhwFhAURkOcXf0XPBGuvlt1URHdYV4TLvIq5mUj05iUBuuhtZU5PLstd_mzUu124-XvKqZqcRogAmTx63v1ZWwZiNsSFYfCOsmxGl90qHfjZZnlgn_ZrCEQZp33M50RMykmnnnb5S7EuiSoEpGBXBcmdLOWP3_lDBxxpEw5bTBcMCP29hKsbtcAxWuwpq0TrUD9-2Pa_BMAjrsB9PXGw5wazju0bLAxKF9B_Xsy8pilxmTK7qxh0UsluWV7dygqffNbVC9jA3sZCLZyIs0qjO0uPZ_qTTW4OV0DDEA0WmS1ou80HzVrzOoTHgWjvFJsvg1XpK5ef5ifsOeoovI_bruycMW-bI_DQ_4WZE52vw4EusluklSjDe4uAMuBypbAOZ_QLg6AMoffRZ1Rs0OpYQgrz7EaL9NiZjIPpD30VSsu3tjQZ11oV3ukY1st0dEYmGV8DDdVxbcx_QhL_4eaB07oduz0I0P73hbCHz49V6z-JMYDvPLwbKI7B_J68SKL32bRP1DI7pAKAec8s7YQ3nUpCJGFroL1Z13HAJYuKkYrkzkwKGYhBt1e621rlcfmDPUoirju1Sw4h_oCWW2qFY6JZgxVyvs8Ys1kSMf78sPdKzirupavq4gyBbf8i5BsDMe0ep5Eft-MefbdruhQe_r_FI4ViJP6fuSpK4pzEZ6vU6bz5oJVvE-pmte40G2MNz_M4sMl2BKlgm2Zzt7jMSQhSas4B7qJfESvtdtfo03wGUYkgkTq0PmMTnYwtGkvtYB3YbBpxVKDY09jMIZnzvseVXyMcG2gTYmcv2uN9JHFm18GWff6-nyVL3tH0Wmtl_nXKDNaBOIoKRasaHJVWRhOQdML79aRWKfLFIpBi2ar99Y2lb3-t9Ama5qDuh1ggbgpY93UTo-Wc0nHvqokP-X1AhrOmORa_085LzdbtMs9qkiu3_SGbeWv_UgoSrLltSal8cj7asSTEBONKq5p-w72nmN11qyJn4szaFnETKvv28W8mO3A&cid=CAQSswEAwksa0eJFFXmaa9ocOmA53DIj7kaJjbeGwEckesdQart9z9_TIkPUbkt9lSJX0Yc4VuBRoozbcWTwcDwaXr8HWevntAVI6ZXiYXeYJoeCyoOIbz77zX77vNG9HkFL8vVNPXCiy7bG42eA9aUGG8MHaMux9WBBMPZDFFX2zJGDXY1hP04T-N9al9bJLFAFDW5mCts9dLaR5GQ8V6Tt3ZoFydg7JunG7bjh1apBpEsui3xTChgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f154.1e100.net
Software
cafe /
Resource Hash
4027396b47239b0abc173d1a2c7058feab5179f8fb5fbe2413d60d56cc1be993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/xml; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://googleads.g.doubleclick.net
content-length
21067
x-xss-protection
0
server
cafe
truncated
/ Frame 2F70 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2609c9b60a020e72f1127587501ae9124b9b4c42e15b5c90c92337806ca18aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame ED0F 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20251211&jk=7600919340591689&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/
server
cafe
u3OLAxmnSxdc0_FJW-o4WyEU9XFCjU5WwmCN2tLexo8.js
pagead2.googlesyndication.com/bg/ Frame 41D8 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u3OLAxmnSxdc0_FJW-o4WyEU9XFCjU5WwmCN2tLexo8.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
sffe /
Resource Hash
bb738b0319a74b175cd3f1495bea385b2114f571428d4e56c2608ddad2dec68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
743
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Sun, 27 Dec 2026 08:39:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:39:57 GMT
last-modified
Mon, 08 Dec 2025 17:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21244
x-xss-protection
0
server
sffe
u3OLAxmnSxdc0_FJW-o4WyEU9XFCjU5WwmCN2tLexo8.js
ep1.adtrafficquality.google/bg/ Frame CC33 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/bg/u3OLAxmnSxdc0_FJW-o4WyEU9XFCjU5WwmCN2tLexo8.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
sffe /
Resource Hash
bb738b0319a74b175cd3f1495bea385b2114f571428d4e56c2608ddad2dec68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
431016
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Tue, 22 Dec 2026 09:08:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 22 Dec 2025 09:08:44 GMT
last-modified
Mon, 08 Dec 2025 17:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21244
x-xss-protection
0
server
sffe
csi
csi.gstatic.com/ Frame 2F70 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~mjo2b3x7&c=5219416387921&slotId=2609708193960&qqid=CPOkjYWy3ZEDFa8oaAgdnqQSyA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2F70 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
age
785
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 09:29:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:39:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
15407
x-xss-protection
0
server
sffe
file.mp4
r4---sn-vgqsknzz.c.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/acao,ctier,expire,id,... Frame 2F70
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/id,itag,source,xpc,ctier,ac...
  • https://r4---sn-vgqsknzz.c.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/acao,ctier,ex...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-vgqsknzz.c.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/081816976F40DAEC60B296E9C83D69E46413E476.440B8BE031C6409C725CA4BD1E6DEE3A0301C953/key/cms1/cms_redirect/yes/met/1766825540,/mh/gp/mip/37.120.237.22/mm/42/mn/sn-vgqsknzz/ms/onc/mt/1766824840/mv/u/mvi/4/pl/24/rms/onc,onc/file/file.mp4
Protocol
HTTP/1.1
Server
172.217.129.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s44-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
X-Content-Type-Options
nosniff
Expires
Sat, 27 Dec 2025 08:52:20 GMT
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Date
Sat, 27 Dec 2025 08:52:20 GMT
Last-Modified
Fri, 19 Dec 2025 18:33:50 GMT
Content-Type
video/mp4
Vary
Origin
Cache-Control
private, max-age=86400
Timing-Allow-Origin
null
Connection
close
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
null
Content-Length
4307211
Server
gvs 1.0

Redirect headers

access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate
timing-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-vgqsknzz.c.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/081816976F40DAEC60B296E9C83D69E46413E476.440B8BE031C6409C725CA4BD1E6DEE3A0301C953/key/cms1/cms_redirect/yes/met/1766825540,/mh/gp/mip/37.120.237.22/mm/42/mn/sn-vgqsknzz/ms/onc/mt/1766824840/mv/u/mvi/4/pl/24/rms/onc,onc/file/file.mp4
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://googleads.g.doubleclick.net
content-length
704
x-xss-protection
0
server
ClientMapServer
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 2F70 		453 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4845994519357732
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 09:42:20 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/png
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
generate_204
ep2.adtrafficquality.google/ Frame 41D8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?lFG4ow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
cross-origin-resource-policy
cross-origin
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 3DE1 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:33:50 GMT
expires
Sat, 27 Dec 2025 09:23:50 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
u3OLAxmnSxdc0_FJW-o4WyEU9XFCjU5WwmCN2tLexo8.js
pagead2.googlesyndication.com/bg/ Frame 3DE1 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u3OLAxmnSxdc0_FJW-o4WyEU9XFCjU5WwmCN2tLexo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
sffe /
Resource Hash
bb738b0319a74b175cd3f1495bea385b2114f571428d4e56c2608ddad2dec68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

content-encoding
br
age
743
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Sun, 27 Dec 2026 08:39:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:39:57 GMT
last-modified
Mon, 08 Dec 2025 17:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21244
x-xss-protection
0
server
sffe
gen_204
ep1.adtrafficquality.google/pagead/ Frame CC33 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar&v=46&t=2&bgai=Bwd6LQ55Pabf3Ba_RoPMPnsnKwAwAAAAAOAHgBAI&bg=!JCelJ2jNAAbBJJhj4SQ7ADQBe5WfOKS5Tft_la49ry7jFqX_auSvl81jyDEa4n1n80t6igxqoAuURbNkDtdn3Tp405ROAgAAALBSAAAABmgBB34ANSUF_rZblxHZyQXye1zG3-5x3F8zgwE8c8oebnd0y1fMrmoGy-UIsUluhCcQ5_glV-e7jbitCgCHkusRC1zUJgTmJ3hP2WlZzWwpFiy3bq-RpT9HIaovq7Za-vYiIPe4ShA5cHUxcG_xxcJNvezEW4LoeydNPJYD6W6BoeBCqEGnZKond7PeGs_-_DcgqkST8FNmYogIxGpTY6tU1o5lQ2P540MXmd0NHApJYujcOOvRhm29DAgcuaBqHaad87cymQLCAZD-ljhn8a-ECVPYP2NWui7tgkI-jDoSLSTmkZou8nJHikHrMMadNT96EuFe1ZTFKkTInxe05yQ5_U1yoqBkYcYMjC3aR75jSjS0hOcv6pKybhavdE_fUxTAWxhnr_u-TYBdo4u9fzCayhDXFHZMvvxq3Gcj7gH1il9oUaR43fWixRBSkvQOEaGJ2Z0x4ni143SZvQNZvYCLo1zqgU5v-V3AGfFX6IHJ2yBvTPyLxGWw42NEMjuVK_i7ol4AsxgT0mY-aoRwIKtiY__Z0KbdbJfR68cemd9kuqIH6Y6L1d5uXbIswsMNS4FqOqjofcv09hbI4J_Q7u-_pkgUpv14uxijwdhIG39jxkrf3dJW-XzGkTXsuymZImAtpMsTPGoXwYkYs2sm18e320xbKsr42BF3M7OUgn8zqQqj2qaseN34XZVqMw8tf0r5kpbV1asCoKQ3upanPb5mvpZrjYpYcPOvC-pm8QcGQdwGr6vTSDjrx_1wFYjQ0wiC5TqfVwd_EAuhrURZhWxrLmbu9WXFQTl35lIfjUWTN7fhg98EhNIQPsu8zl03ZMeZh2TobOdSYD5n1JXOs5d1zmsOadsVijf7XeTgRv_OylOIW1O7FRrWJJ3C2Tjotr670iV7edmMqGoCwuxRDpFV1Y4lNgxGwtqbv7iKwk5AGIPj3uakvZbzMjIres4bnIltcKCoLSchYZtTLXy7lnkag9gMH2gWpMWEMTK7rC4UCR6Zl8AkrOCH-PRB9A_oIbdLwetmBHxhGrbKHERqfnKWJrMIFrwm02-A8QbAV457vFIcsqPRvVBY657hVVM5BN36Q4phvr7rpxyXdIhCnlta9rX-Hx9oZqM1G9vg5x7RCVUD24cLHtSllBHsWXSLUxcYEwIpPdZXtVHs_16jQFz8zLQUmSMg4Cl-fe4tQdUuaXYpw0A-Zbhbvw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
_.asp
fundingchoicesmessages.google.com/f/AGSKWxUAXq6m_oCwTzpWyYZwjelAh0UsMxUnzytRSw_34uTIGEtCpZvQPfU38XUlwNXcuOOvjHLG3nX_QHnBe1fmz2SSVgB4PJQcBBSEo6GVVKwQ-m-T2pIqViTEYJAPFO5ijfcTGZYM7myj1jKI2fmDDWxP4849G... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUAXq6m_oCwTzpWyYZwjelAh0UsMxUnzytRSw_34uTIGEtCpZvQPfU38XUlwNXcuOOvjHLG3nX_QHnBe1fmz2SSVgB4PJQcBBSEo6GVVKwQ-m-T2pIqViTEYJAPFO5ijfcTGZYM7myj1jKI2fmDDWxP4849Gm07bAER60xsYLLKKZvzaMbjtEmqV-xr/_.asp?coad_adhome./60x468./adsbanner-/adslider-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/exm=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
ce33c9584eac3cf5c20585c3d9c15f74e4132c408abc03fe5fcfacc48528e3eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wlqlTw3m_WiiXxLmMhj6xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNKQYmi9eY51OhB3LTrPOgeIDRUusToD8Yf6y6w_gLhI4gprCxB_qrrBKlJ9gzWJ_SZrCRCb-d1mtQPib8W-bBwlvmz7_vuyHQPivTl-bEeBOLPTj60QiHU2-7GZAPH5vX5s14F4hZc_2wYgFuLhOLJn3yk2gRsbv71hUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1NDI01DMwjy8wAABzrkcB"
content-security-policy
script-src 'report-sample' 'nonce-wlqlTw3m_WiiXxLmMhj6xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/exm=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
0d549e4483fe6453680be1af52f323b72ba7f48a083c16dddff66b7e025dff05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
br
etag
1560666773506234278
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55466
x-xss-protection
0
server
cafe
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-da3OBeODlATqo5tdWuF1_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw1pBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-PInn2n2AQ2XFr-lknJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoaGRrqGZjHFxgAAHE7M78"
content-security-policy
script-src 'report-sample' 'nonce-da3OBeODlATqo5tdWuF1_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DE1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BYhrxRJ5PabeXFoTGoPwP55WfyAUAAAAAOAHgBAI&bg=!ICOlI2zNAAbBJJhj4SQ7ADQBe5WfOHciok6B1ApbNzDeps4Qzzi7rJuuJxm2tytapauZTBkgZXoBolszYc3tVDsmlkoeAgAAAExSAAAAA2gBB34ANQ9Vh5nPMh27Fogm8XZKYXa7W6kmnTXDkJhrVnZkoEZNJecf2k7KMCFiQcoY60KpkX9-hWSYmQLCGfvPYwC6eIFLihzEP1ucORemx3OOOKdkhyOTB2n4qPvQX-SFm_8vrhzxBjbTNxI7AigjX684nEOz9nMSRNhTc2rUgubMuZj5mfly-rjvN-5amUoHPnPZjN2UvFz4EhJDmTb83wdX0NxXBOhnIs2Dmi7IE5ReHGv3IfgGHgDkILvcxt9A3acaYTy2JU1aulGg3-rsozeMxs-quG31v_fCZg4fPoSKQzj7axsytbU0cdRjkZytD5Ab9l0PNSzPrZXwh2x2wl1N9HW-zRYlYHy0uwcGkfJ58K7bkYgM2SAOgpeJtaEwVC9k29EKs4J3GLwwziGj_wNjRzknvrC2KDawfw9NpIifTLtyLDzURDdAa0mMyRkD0-lWC_i7fDevB6hMfS0YETStEKhseoS5H5TmgqTjvGSaUvtqnlTlK60v9ceEKA8FKIRjcqCnMA0YZQ1kN_f-a4zH5E1QhpwrYfzYnJqHo8OW15KaUxwoqC6HyotdD0yXwUhfutWhVmwQy7SqQS-m41-rddtbB-f_Lg-fwzD7ektHdfxFBvg1ME5Xp7qWkSX5n0iULts-VqDf1e811_FQvYSmaLFDSL2ttMEANlH68zEr89ZNR51xlxOXdwCZcFk-FzBvbydj8V0RddK3Q7V1HsKCIX_m9t-z2kDVv_kKTCEDCxmNuO5ihu8dXKSxIY554JDXZcvfuZHZLxCwtXUHXE1ZyBNORgEWPcg6BrZvq5DJxYKeroAwXwxLRTGFyDCZMBlEP74yZFbN2kVbiJFWPdD4fVxD1v75uOOYQiwxV09_tvnEiOL-kR-R6ijNLoLdMB4ayWOI3WX2VvyIWZS7iZgOCsP45EeJlDZ7qKQDYTnhGa7jQ2QvnKwSEgpmii1UufZvQimebMzUOMBJYziBrRfELZlrP3a9izZVijfX-O7urLyt9onhMm9pCFDIxw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
file.mp4
r4---sn-vgqsknzz.c.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/acao,ctier,expire,id,... Frame 2F70 		205 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-vgqsknzz.c.2mdn.net/videoplayback/id/f43bafefa657145d/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3910617446/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/081816976F40DAEC60B296E9C83D69E46413E476.440B8BE031C6409C725CA4BD1E6DEE3A0301C953/key/cms1/cms_redirect/yes/met/1766825540,/mh/gp/mip/37.120.237.22/mm/42/mn/sn-vgqsknzz/ms/onc/mt/1766824840/mv/u/mvi/4/pl/24/rms/onc,onc/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.129.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s44-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date
Sat, 27 Dec 2025 08:52:20 GMT
last-modified
Fri, 19 Dec 2025 18:33:50 GMT
content-type
video/mp4
vary
Origin
cache-control
private, max-age=86400
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
access-control-allow-credentials
true
Content-Range
bytes 0-4307210/4307211
accept-ranges
bytes
access-control-allow-origin
https://googleads.g.doubleclick.net
Content-Length
4307211
server
gvs 1.0
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_FP5X2_27UaFM6_lYHmpyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1pBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-PInn2n2AQevNnZw6zkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA2NDA31DMzjCwwAdTAzww"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_FP5X2_27UaFM6_lYHmpyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XSyazAmsYia8t4SCK30TpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw05Bi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-PInn2n2AQ-POyfxqzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA2NDA31DMzjCwwAauAzow"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XSyazAmsYia8t4SCK30TpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gqrI25NjbJAUvRyhva-qEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw15Bi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-PInn2n2AQ-fLk_lVnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoaGRrqGZjHFxgAAIuuNA4"
content-security-policy
script-src 'report-sample' 'nonce-gqrI25NjbJAUvRyhva-qEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVAnnRWJyHWwktkI58jX4Op6EPxsgdf3TPOAlw6gx0ywDwoQzznPHDCJI_TEpOtwoOtVLU79aXpgcdeoKISKtOl0l8P6GPwE907CJDY9GNKzxiiQk-dHFlo_NHp5TPTerLuomoKPw==
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVAnnRWJyHWwktkI58jX4Op6EPxsgdf3TPOAlw6gx0ywDwoQzznPHDCJI_TEpOtwoOtVLU79aXpgcdeoKISKtOl0l8P6GPwE907CJDY9GNKzxiiQk-dHFlo_NHp5TPTerLuomoKPw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzY2ODI1NTQwLDgyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTksOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kZW1vLm1pbmFvbmxpbmUud2Vic2l0ZWNvbS5saWdodHNwZWVkc3lzdGVtcy5oZWxwLyIsbnVsbCxbWzgsInNDaE5INU9zYWswIl0sWzksImVuLVVTIl0sWzIzLCIxNzY2ODI1NTM5Il0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdLFsyOSwiZmFsc2UiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
481c3c8577ed09c71de6607328e6701b993a91bab5c3eba5b6399a07750d0ad8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7sGt39UJ3qrwBW92g1AO7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsCoxSXF4KwhxXDi1m2mC0DcevMc63Qg7lp0nnUOEBsqXGJ1BuIP9ZdZfwBxkcQV1hYg_lR1g1Wk-gZrEvtN1hIgNvO7zWoHxN-Kfdk4SnzZ9v33ZTsGxHtz_NiOAnFmpx9bIRDrbPZjMwHi83v92K4D8Qovf7YNIOznz7YDiIV4OI7s2XeKTeDCqwNzmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDY0MDfUMzOMLDABbu05j"
content-security-policy
script-src 'report-sample' 'nonce-7sGt39UJ3qrwBW92g1AO7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nhMMEszHvOYYjABFiqGBHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1JBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-PInn2n2ARmnNu9m1nJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoaGRrqGZjHFxgAAGQmM4w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nhMMEszHvOYYjABFiqGBHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6OJGiFoxDOYLeHi5MD-6cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1JBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIh-PInn2n2AQmLHuxi1nJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoaGRrqGZjHFxgAAGLLM4g"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6OJGiFoxDOYLeHi5MD-6cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUwJEwpVtb-tdGkOhgpMSEDzc9mFS0O0CT01fqqFXQVSVCnsLaPwQnG3O8i6dB3vCZQZmp6EB2Mc4mob3LxfNZG916Mx9ZxUBAOg_Vjtita5mub7oVWcqMJEcAGwbe6G8U3DST4rA==
fundingchoicesmessages.google.com/f/ 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUwJEwpVtb-tdGkOhgpMSEDzc9mFS0O0CT01fqqFXQVSVCnsLaPwQnG3O8i6dB3vCZQZmp6EB2Mc4mob3LxfNZG916Mx9ZxUBAOg_Vjtita5mub7oVWcqMJEcAGwbe6G8U3DST4rA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzY2ODI1NTQwLDg5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTksOSw2LDE4XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kZW1vLm1pbmFvbmxpbmUud2Vic2l0ZWNvbS5saWdodHNwZWVkc3lzdGVtcy5oZWxwLyIsbnVsbCxbWzgsInNDaE5INU9zYWswIl0sWzksImVuLVVTIl0sWzIzLCIxNzY2ODI1NTM5Il0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdLFsyOSwiZmFsc2UiXSxbMjEsIltbW1s1LDEsWzBdXSxbMTc2NjgyNTU0MCw4NTUzOTMwMDBdLFsxMjA5NjAwXV1dXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
a6c08d377a2b4305fa652b46f49885a247a277988922d90e40e777a9534c1bbe
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tG5rIG24mQVxaGmEDcE7NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:20 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NOQYmi9eY51OhB3LTrPOgeIDRUusToD8Yf6y6w_gLhI4gprCxB_qrrBKlJ9gzWJ_SZrCRCb-d1mtQPib8W-bBwlvmz7_vuyHQPivTl-bEeBOLPTj60QiHU2-7GZAPH5vX5s14F4hZc_2wYgFuLhOLJn3yk2gQ_7j-1nVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1NDI01DMwjy8wAABnyUbH"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tG5rIG24mQVxaGmEDcE7NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ads
googleads.g.doubleclick.net/pagead/ Frame 9B05 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4845994519357732&output=html&h=1200&adk=2310436509&adf=1621614491&w=1600&lmt=1766248281&vpmute=0&to=fc&format=1600x1200&url=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&pra=3&wgl=1&aieuf=1&aicrs=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1766825541001&bpp=1&bdt=2871&idt=1&shv=r20251211&mjsv=m202512100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D31fd9b820e5392a6%3AT%3D1766825539%3ART%3D1766825539%3AS%3DALNI_Ma3siH9RetTbqe4WbyDX0Tj9aZcpw&gpic=UID%3D000013205637463f%3AT%3D1766825539%3ART%3D1766825539%3AS%3DALNI_MaVxhppk5Jy9A0NcU75eRNw7jTCCA&eo_id_str=ID%3D3e01d7c2f6a6a4be%3AT%3D1766825539%3ART%3D1766825539%3AS%3DAA-AfjZxNqoJNWWG3apVK8Hbk5mQ&prev_fmts=0x0%2C220x520%2C728x90%2C220x520%2C1600x1200%2C728x90&nras=4&correlator=4739302379611&frm=20&pv=1&u_tz=-480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095904%2C31096041%2C42532523%2C95376242%2C95378749%2C95379654%2C42533294&oid=2&pvsid=7600919340591689&tmod=1165694862&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&hl=en-US&ifi=7&uci=a!7&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202512100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Dec 2025 08:52:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20251211&jk=7600919340591689&bg=!ISKlIm3NAAbBJJhj4SQ7ADQBe5WfOGX6vkZzh0uTl_z3PRXcBPdmAaAQH2p4lTtmlSgXywP_c9wbc_30boH8-gdcc_gxAgAAAK5SAAAABmgBB34AN84f927sMUmROmcaM79SypqplJ-GmeXaiKH10VY-ZV-1xKy88kUZdKzRi0M65RQS1_X1Shkh9xCZAnVWmLyWSb4MVsS-vSZHYyrzGdLK9tbml-ncJN3UidoaQayLzWyVAua8EKzPoytizTYA3J-6QHX9FyyOjll9x_yBZ9cgo4FtqE3yhFIrpKk5ZhfdyYE0uJpU02V69A26wzY9X-CEDQDULOTpqefC8w00sR2oRlZAsC82Df0AQnufqOLFs79qZ-RkQbOGB828eVO0YRVx8YxMtKSA8f0F-wjI4Sb7Z98fM1v2ArXbzqX-eQa_1kIW7zUb1seZmB3CTAA00oLTYfgH8IRS-LPbEN8JeWupL2dimdeg5RorREfsc9i93fBflIH2hY9r-DN2eda2CrIthTRaJ-p1r7X819lV9TAqVvyA5Yy95Xc8JIBhdN9Rp-McvfkLULsXySo8HLdl3n5dQnoGFCDqutQAC3YLs79j9hovfIaAcD5EDP5rOB7-Ch2hi5CXWu3pmdKR4pftA7X2xd_xZ5jKHrjkQIZhUaU0u2BqH2veEE53bIHM5lL0-ah2gD7wW1fmEUh9o9HWYGy6KdpT8hq8unMnc6yvx8o6bpNmY1D1t71RglbIGG2K3eFOrGfaN1z4qAYhVxF4DLJILsRqdlyuND_66N7F_LNpQrNFssP8Wrl0CNTUBV4UvOTN0PTS45M_IQdDw-VryGsabCDHli3Ib8-nv6291bxqJExYoQKasKfKPf_DhpwE2OEHCoY1Yfw-VtwY5OJC6e8gFWLAZCnmB8aw6ucjjPjyEkduG_SfhsmmHdWgUjDW5daCHARwU2fbw7xL_C8Jy6pieIyxT0wC0oEygKW4AhteMbbk2EsFTRbSnryCj4chA9olXHRdCG01cNJPTAZ_Ifjo0w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 27 Dec 2025 08:52:21 GMT
x-xss-protection
0
content-type
image/
server
cafe
csi
csi.gstatic.com/ Frame 2F70 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~mjo2b42a&c=5219416387921&slotId=2609708193960&qqid=CPOkjYWy3ZEDFa8oaAgdnqQSyA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2094&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.15j~atrd.15y~vil.1jl&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251203_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
view
ad.doubleclick.net/pcs/ Frame 9B80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuWg6R1GdFizbGcKBhRQhPBopMoyBvRmJv9ei3tAWVzsLv_BN3BhVH4GYPnIj3vGrZSre6V3Tg1HciQ69r8cxruGmTLeBg-AxzQIe46lOvX8xI0c5qwa0cXnt9-W9JwwHyBIKdw2mweOutJMhscXOHPIeCLaCCp9-ub2XLUtQJsFH1KNYfkrkkjjHAkch2ssNcbcPKm1nYKl0uaX7VYsxplO6YMkwWr61vyGHCxdhqQR1krqsEEASPOZM8VIBsPLbjPeQkbUXSByt6c2OdOj5beoI5ESWpTpltuCFPt9jxIGqcKXziOAQSq8OLHvXHRyof3WleY6XSp9S7t3UviwWENwQJ0H16qce_afoUdwmx6i9cI1jygsVAXtdkHwDiLFt7CFQxejiEzMfRVzEneCsM565PzcpZvvPztQLR_J5_EgWHcuiYvaAQwIZ_O4E07eM3ONHHgUkgs2p6YLhb1a3ZuVYzUCvg8PZKbl-b_6K-y3-k8BePQybcdqK50nmKIqSolOYFFdVNePptbnFeDMnAzflqRr5xUmXyEGASqQgpFIn6s4HrPhxdLthZ4sK5u4NIZg6kmMucmFVb_KCgiEb6pYoP-hgN7jlgDKOgssPYCULf1L4AkkNiCFsA1nyC2QMi0hb5vVt4cd3n7OnOWanuZUgNZjbrOM4hU1NyS3y-oNqUdGoF1cVazv7Ti88lb0MajjjxjzqdRemHZX7ZHwEgnjdlBaKb-lCb-jS9WJOfinkCeElmDzOOFcTovVjCVBtHBBpzkufBF_GAyAw7JLQbwUukWLqCYrhAqYYck5qzvCX5_8CsCpAP48N0biTSLt61gM8uQmi_PWDphVqcM_Y-9LXyqnoXpOLfjac6XWqnQMF72BPfnKhgZaiKk2QUjoeqY6xxPUl3oQnkgtC-CilVY2sXge_r3JfZwtm2geMq117ji36DqUpZUJcZDrXYG0RVniwJL_1nEld8Gr9aiPvbThEDD3W89xmfEpI-ufZ34MlzuO50TCnTdlZ1xUcC8eYKkA5i0KVnDPyEMJZrokmkXwL5lwGtbgGs2qFyhGGwxfLPMYIBNOpliXCMsI4s1P3hS0fcMNqADerlInfudn54mM0Otf79wBi9H85GCZA_58_9Rl6m7dbK6nLse9A0LujTp6OJaqyOGU4m_VjWWEELIVm5rvcme2TrBFjNsqqtu_b73qzs91xRJZLeS50wOfZzwQA9kbTlGRj5WO1rWdexI2OnSk52sm44VsQ5tULwq8Y-rOi-pEf5rYO0K92zzgqyWeIE1dlIauIGwOlpu2Yj5EemqEUaf-0MctjiDx0eL-D2_s8Gt1VU6BTZqNbHERWCykWxK3Hg0-zqXv6plHiGen1mLW3kgWgAYhMPkGdhuVUf_HFHXEQnnVxFkcsD1rknF1jLBii2Np3VFP31GfDzVdYdBaPIoCNkZxq6Rz_B34UNgujE5HgS5SjFruHRLbWjSSfHj8E8oXoBXfrnVdyGNzv-0If80vqIeaa-igQsPywKQcu62jg2zzrqfsi7IXrOpa32HaLP_0pCwX_IJogQJFBTiMjwsTAT-H5xq5UUC-FOlP0nGfSn14-QPWtAQI5JGmhnimtimcInPR5tWXAppVB4PRbxsIIqXB7VQLFs3pQzVzD-lkINB_BZICD1EObEKna15X3WWhZV9Gwjno0Z2BW6KcZp2atdL84mrBjOANebTJHUHfarJphnLHkKYETQBrx5TSLL_XekG7kZn502kTHqSct1yri1X&sai=AMfl-YQNip4aWf9LvdIUSamHKtyB7XEqKEIRDX8nDww42IR1IzCFmSn2iPJCfTg4ZDU-1-n0k5_U4MQawNas8KEfiqd0-57Oz4vXzILF-Vlxk2C2kEEGliuMcwL79VpUzRRsCayp9HH2wR6dcXFh3BvoJITAZcCOUgZDYDE9BFbIqZY1zMKbSsSHPX6_86Ih150vT5ToybAHKLQ12_229vKt-OViRdMg7ze6xnR62SKUfHmXnmCYOwhT4Rj7WeaZkNilNENXyxB8bjpbs0wJMxUSD6Wc8TZ09vakFnKzmgbBC5tC4GorwA1EwO1kXlK1QJs0Gna_Z5LWwxiu_Tz3qz0dCd6_NcRGC2t-I2ia9w_RBjvGwVONM8gCPIyJrXAdt7NeCJK_SP8gi00lDPitVmUNcX46V7buJ_mHYKUS-unHnbJTy_VMMCD_h93YJ0OK7EEWEP2tGmr3MTl8D5w7dw2j9bvgPg-y_o8TWtDxn_pi0EarBCtFFwWQ6TH_RF4209L5aGAh3AeVwRvdiK5MBuHxeCR660XXNqeDR0R3HhNeskQ2Qi2H5vJzVJCNICaUHvNk3vmKrUV1fJfUk5WpsDS6OcjYERzDp-aEIc3kb5kAd8pZcIihrHJt-QQUbo5_CpO1uZuhxu0eypg0qQ6jfK63K4EyPO94wJH1rV8G-IUaMIIItv0_fq_177707EJ2kwcGfUFDDKNRF4lBu3GHbjsvcFm104EZaCA8hGVH3rFeBBj_3-uDWhnJroWCh9jJrYyAM0uCyti568zvZt9AufGI2EleTZXXoehjvr5NWq2aesbssf-iZhbiTrJWX_ANF4nb0bcuyoKyIxYG4-bOlb_I6AT6shQHpqY0DaRuhbGetLqu__NSuSolDuCdPyD_wgyjFSFtuGZVEN-NBZiJkQtJ_s2cIozj_lTao_phe5GYb3fCVSmdqIQWTeBWutpk9ZIa2dksuCFAXp8lYuQAigm3AvnitBXvFjXmwHswBqxgJYcDxU4rS6Rt8v6hL4Vi&sig=Cg0ArKJSzAS-q1-K7VMkEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly90c24uY2E&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2996&cbvp=2&dett=2&cstd=0&cisv=r20251211.87908&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: demo.minaonline.websitecom.lightspeedsystems.help
URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:52:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 27 Dec 2025 08:52:23 GMT
content-type
image/png
content-security-policy
script-src 'none'; object-src 'none'
cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xf9b7aa1ac5430fd70000000000000000","13":"0xdd77c5a7695061420000000000000000","14":"0x3247c7587401af910000000000000000","15":"0x1ce8a4e558afb88e0000000000000000"},"debug_key":"13330000553309159711","debug_reporting":true,"destination":["https://crave.ca","https://tsn.ca","https://rds.ca"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1296000","filter_data":{"14":["110232493","110174232"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14882917"]},"max_event_level_reports":2,"priority":"0","source_event_id":"2240674215381301044"}
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B80 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP8e0TX6yuiPQtcnb5YaNyXN1AezdXPF71ozHrmCdQqQbgmSx5Z55K9K7LQSVZ2iIpXMBvYaloaDfn_EQMCheQ9GpBjPnJd5SdevlFj26ZsqzPcFRicx4lU7Iy8c4zuHWOXOYYD3wZ1Z7-E4VcBRTQpMFHipkTkmTU9r-y3ynJ8nSJPPHFoIQvl2wsT6rFxSTOORDKFCagYzY9wu0e&sai=AMfl-YTzyG7O6MBZBCaggps_NbR3HtPkHcm9vWyJYBdRIEzahb6bxutAeadxfTji86yA4ydi3xhI3s2lSP4l0p5cQn7ibHQMozeb_s0iHPh-kbdO03vBwuOIL_mIA4dHhyNVbwrlSiq0Lj2xW8IWziWYwmUnv6ksYt_jD3hVUxiC_S7EfGE34cbrV4_xqeTPqdjw_lq1cTN6iDEkosF9LsxR8N3xVn239xY0-OYH0i54KFsgxPt2qI3G9clKQnY1CQv-LXdGACuimYKxt9tYhKHMwFOd1M5T8PRB&sig=Cg0ArKJSzMu-C4lgsWgMEAE&cid=CAQSswEAwksa0eJFFXmaa9ocOmA53DIj7kaJjbeGwEckesdQart9z9_TIkPUbkt9lSJX0Yc4VuBRoozbcWTwcDwaXr8HWevntAVI6ZXiYXeYJoeCyoOIbz77zX77vNG9HkFL8vVNPXCiy7bG42eA9aUGG8MHaMux9WBBMPZDFFX2zJGDXY1hP04T-N9al9bJLFAFDW5mCts9dLaR5GQ8V6Tt3ZoFydg7JunG7bjh1apBpEsui3xTChgB&id=lidar2&mcvt=1000&p=0,0,90,728&tm=3843.2000000476837&tu=2843.2000000476837&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20251210&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271802&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6275834000&rst=1766825539951&rpt=367&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 27 Dec 2025 08:52:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jRkfIPjoOXYsla7CbAO3DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw1JBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIm-PEnn2n2AROzO8TVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkamhkaGhnoG5vEFBgAKRDKu"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jRkfIPjoOXYsla7CbAO3DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWi6mJZfkqh8J6VjIfMk0YsL6RVisW68aeOJn90bNvt8eLBmwHhb3Kp54lU2gBYH4rkJc9iO-I2NVsipyzRKn5h5dbM2wgUB9UVryXg78q27GjZZ-6ugbvZbPX-JrbZ1f7iDNFkxQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWi6mJZfkqh8J6VjIfMk0YsL6RVisW68aeOJn90bNvt8eLBmwHhb3Kp54lU2gBYH4rkJc9iO-I2NVsipyzRKn5h5dbM2wgUB9UVryXg78q27GjZZ-6ugbvZbPX-JrbZ1f7iDNFkxQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzY2ODI1NTQ0LDQwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDE5LDksNiwxOCwxM10sbnVsbCwyLG51bGwsImVuIixudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZGVtby5taW5hb25saW5lLndlYnNpdGVjb20ubGlnaHRzcGVlZHN5c3RlbXMuaGVscC8iLG51bGwsW1s4LCJzQ2hOSDVPc2FrMCJdLFs5LCJlbi1VUyJdLFsyMywiMTc2NjgyNTUzOSJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjksImZhbHNlIl0sWzIxLCJbW1tbNSwxLFswXV0sWzE3NjY4MjU1NDAsODU1MzkzMDAwXSxbMTIwOTYwMF1dXV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
3edab62f9ba2c8df0ab90d271b7b37587745c69a4de5f349c762c252d9b584ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UBHxjaDd_vvyLXnT1v4bXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NWQYmi9eY51OhB3LTrPOgeIDRUusToD8Yf6y6w_gLhI4gprCxB_qrrBKlJ9gzWJ_SZrCRCb-d1mtQPib8W-bBwlvmz7_vuyHQPivTl-bEeBOLPTj60QiHU2-7GZAPH5vX5s14F4hZc_2wYgFuLmOLFn3yk2gR_Pd4soaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRoaGRrqGZjHFxgAABiYRkA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UBHxjaDd_vvyLXnT1v4bXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUvdElgoJuQBIxDt72Vgs4jl7oLuOBYTKxbM1zFJFTXD2Hi1Ru_9bUkQQZQZXdcwHZu95Bfc5wbh5MOpimzUOYKgTrDOSeutcqzIylZFcRiUMQOVr_DdXZs79W0Z3QWud280On0Kw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUvdElgoJuQBIxDt72Vgs4jl7oLuOBYTKxbM1zFJFTXD2Hi1Ru_9bUkQQZQZXdcwHZu95Bfc5wbh5MOpimzUOYKgTrDOSeutcqzIylZFcRiUMQOVr_DdXZs79W0Z3QWud280On0Kw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hN4711kmFSl4fb5WGwtTVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw0pBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIm-PEnn2n2AQ2THtgq-SSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDY0MDfUMzOMLDAAoxjMU"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hN4711kmFSl4fb5WGwtTVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXvgp5rUE5sxPl8OXeHBIzB0HoMmy5zlZbxjwybwFHxM-MrpmQq9SwuYHWBSLc0rjidmKxjbvz3wxVLtCMz9CwoJ_W51EY8qsWqmq0Hi2ikXODieAHdAWPeUx8PZUqdDP-BTlniYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sChNH5Osak0.es5.O/d=1/rs=AJlcJMz7a3Aoypzl3FteasZliPsUtk5MMw/m=kernel_loader,loader_js_executable,monetization_cookie_state_migration_initialization_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GXG4GsyMcN2eVPJNw91dFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII1pBi-FB_mfUHEJv53Wa1A-K9OX5sR4E4s9OPrRCIdTb7sZkA8fm9fmzXgViIm-PEnn2n2ARmTOmyV3JJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkamhkaGhnoG5vEFBgAOYTKv"
content-security-policy
script-src 'report-sample' 'nonce-GXG4GsyMcN2eVPJNw91dFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
content-length
0
x-xss-protection
0
server
ESF
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-814Y2X3KSF&gtm=45je5ca1v9204663581za200zd9204663581&_p=1766825538848&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1341620922.1766825539&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&tag_exp=103116026~103200004~104527906~104528501~104573694~104684208~104684211~105391253~115583767~115616986~115938466~115938468~116184927~116184929~116251938~116251940~116744866&sid=1766825539&sct=1&seg=0&dl=https%3A%2F%2Fdemo.minaonline.websitecom.lightspeedsystems.help%2F&dt=Void%20Network%20V5&en=scroll&epn.percent_scrolled=90&_et=11&tfd=6497
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-814Y2X3KSF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f113.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://demo.minaonline.websitecom.lightspeedsystems.help/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:112:0
report-to
{"group":"ascnsrsggc:112:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:112:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://demo.minaonline.websitecom.lightspeedsystems.help
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:112:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 27 Dec 2025 08:52:24 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
script.google.com
URL
https://script.google.com/macros/s/AKfycbz1w3UhB-6o6JWDcwOfo7622pfuTLeTcL7O-rYinWuYl7JKS5sqk1hm652vWpEyf2nf/exec
Domain
demo.minaonline.websitecom.lightspeedsystems.help
URL
https://demo.minaonline.websitecom.lightspeedsystems.help/baremux/worker.js

Verdicts & Comments Add Verdict or Comment

88 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| LocalGameEncoder object| lucide function| UVClient function| Ultraviolet object| __uv$config function| registerSW boolean| scramjetPreloaded function| initializeUV object| adsbygoogle function| initializeChangelog function| setupMouseTracking object| VoidNetworkLoader function| addScript function| addScripts function| dF function| initAnalytics function| debugCheck function| showNotification function| createConfetti function| exitConfetti object| BareMux object| google_js_reporting_queue number| google_srt boolean| BGtEY object| google_logging_queue object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_ad_modifications object| google_sa_queue function| google_process_slots number| google_unique_id object| fqjyf number| google_rum_task_id_counter string| google_user_agent_client_hint function| $scramjetRequire function| $scramjetLoadController function| $scramjetLoadClient function| $scramjetLoadWorker object| $scramjetVersion object| dataLayer function| google_sa_impl boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| showDisabledPopup function| activateCloaking object| VoidFooter object| scramjet object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles_default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YmE4ZGIzZmE3ZTY3NTgyZWxvYWRlcl9qcw== string| YmE4ZGIzZmE3ZTY3NTgyZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| e9b3ffd8-8e25-4eac-9974-db24608d2a73 object| google_image_requests

16 Cookies

Domain/Path Name / Value
.lightspeedsystems.help/ Name: __gads
Value: ID=31fd9b820e5392a6:T=1766825539:RT=1766825539:S=ALNI_Ma3siH9RetTbqe4WbyDX0Tj9aZcpw
.lightspeedsystems.help/ Name: __gpi
Value: UID=000013205637463f:T=1766825539:RT=1766825539:S=ALNI_MaVxhppk5Jy9A0NcU75eRNw7jTCCA
.lightspeedsystems.help/ Name: __eoi
Value: ID=3e01d7c2f6a6a4be:T=1766825539:RT=1766825539:S=AA-AfjZxNqoJNWWG3apVK8Hbk5mQ
.lightspeedsystems.help/ Name: _ga
Value: GA1.1.1341620922.1766825539
.lightspeedsystems.help/ Name: _ga_814Y2X3KSF
Value: GS2.1.s1766825539$o1$g0$t1766825539$j60$l0$h0
.lightspeedsystems.help/ Name: FCCDCF
Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B32%2C%22%5B%5C%22460eb71f-d58f-493e-8b37-0472ba325fc2%5C%22%2C%5B1766825539%2C865000000%5D%5D%22%5D%5D%5D
.doubleclick.net/ Name: IDE
Value: AHWqTUkewLJiLndHT3xZecC7FqopKV8WBI8Qkju1uFv5RM0NUjcZpjSU49a7992l
.adnxs.com/ Name: XANDR_PANID
Value: x22fhR5EqcXcfFs1sFQKT0S_WULgy6ezhkMvsQhREg9gbjqdrnyoeDzjlwZvOYlGwr6BJx45M5zQmAj5Oj9b5FBwI9ksf1XwcnDKuQwp2Iw.
.adnxs.com/ Name: uuid2
Value: 9208484412616325248
.casalemedia.com/ Name: CMID
Value: aU.eRNHM6MsAIe5TAYKRPwAA
.casalemedia.com/ Name: CMPS
Value: 3451
.casalemedia.com/ Name: CMPRO
Value: 3451
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HbytCW.[!@wnfH8K6pQK`!5=E<*L5?%L^[819+k_5]D4zC0adHfZFlL?le?wKelMEgcG*bpRz*qF1`*b`7Z*:T>*
.doubleclick.net/ Name: APC
Value: AfxxVi4Dn8W2g8xTf8VS4BMIxUC9jvawWSVQbEpj_VqoZy_ltPle-g
.doubleclick.net/ Name: ar_debug
Value: 1
.lightspeedsystems.help/ Name: FCNEC
Value: %5B%5B%22AKsRol9aGDwFFkM3h0S-rIME9Vhie8qFnA08_PeseEbfinSjvHgsOFgO-4_OufFpKdTKn8R8fQBVfvJ9Tef9Gj2D0gyqNSVXwibHkfCX9tN0DogyeoRaIm7JitfVcAUhepkgwPVklIM22ekGkGG5U3oO-Fs1VT1Z3Q%3D%3D%22%5D%2Cnull%2C%5B%5B21%2C%22%5B%5B%5B%5B5%2C1%2C%5B0%5D%5D%2C%5B1766825540%2C855393000%5D%2C%5B1209600%5D%5D%5D%5D%22%5D%5D%5D

4 Console Messages

Source Level URL
Text
rendering warning URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A042073C020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A03057073C020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A042073C020000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
other error URL: https://demo.minaonline.websitecom.lightspeedsystems.help/
Message:
Attestation check for Attribution Reporting on https://ad.doubleclick.net failed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
demo.minaonline.websitecom.lightspeedsystems.help
dsum-sec.casalemedia.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
lh7-rt.googleusercontent.com
pagead2.googlesyndication.com
r4---sn-vgqsknzz.c.2mdn.net
s0.2mdn.net
script.google.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
demo.minaonline.websitecom.lightspeedsystems.help
script.google.com
104.18.1.22
104.18.27.193
142.250.201.195
142.250.31.149
142.250.31.155
142.250.31.156
142.251.111.138
142.251.111.95
142.251.163.97
15.204.209.18
172.217.129.137
172.253.115.155
172.253.115.94
172.253.122.149
172.253.122.156
172.253.139.95
172.253.62.113
172.253.62.132
172.253.62.154
172.253.62.95
172.253.63.132
172.253.63.147
172.253.63.94
64.233.180.101
64.233.180.154
68.67.160.132
0311b4cca7b231ea8ed319abcd33e4efaac542dfc0eea26c372550ddfd09698f
04ed00928d15a800e1ee9d6dc81c7a5d96e60322e2f6ae495dd4cad9a9c1ebbc
0552ee50f635535685ba2713af81fa081791d7705baa9cdb3c5d1f463aa0a228
0b150705f64b0a0332235d0b72a27c9199bf0d59e1259022a2c2740936799e0e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0f961349fba715cdaeeae423f886c686edb42e778e89835ce0472b4c2bbb6e
0d549e4483fe6453680be1af52f323b72ba7f48a083c16dddff66b7e025dff05
0dcc0ed260df55af8f03e75ecc5056163513905ad219bbb383e947806a664416
0ee8a154ad195f15bdcda6a7e18badb1348763c2f7967b671b27930240587918
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
152669b1b999ac2f39d0846a39bdfbef9922094275414e37b3fffd71f899af2c
1d31f469ed26c1fb1b8a2348f329b45c6eb7214c3f5fbdd53e1d4d3062983cec
1d56021f65ac6caf0e92b9c46d00f9a9045722766304fc6432f7927ced8a2c82
1da78c080206cba172d19d790d94c5c60a9e96e7e7b64b2683e76db7399262cf
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
241ada12551b42e44079687179abd1a5e06b5ed2b0560d03ef6656cbdce6a9f0
256b156d3d886cd12b7a0ad0374a646b0adb7671eebab7b3d9fece6e17c58b89
27421a5c2586bc492ad151019fef0b4befa9c5538e094f741f591ecf6a319ee0
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a16f1b971cf275a1b182488cfa87ed54f0edb809b703d50d5bd64c33ba69b6d
2a4289ef2cd254e85b231e3d3dda54b62eb744f53b8484ac9a3c05b74d7b7396
2a5cfa356af90e4dc14d89477463deb2c098c826ebc6d74c1577eb3d5973cac9
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
34bb8f078266067c1060b4267cb5b498cc0595ca3d4c7dead9376afdb3a3e13e
39b6c8f2c22e44ff279948884215176b579e5d8d96282c652c79cd21ace47922
39d49d5c5dd7873f5afcbe584de03911d9aa2815558f58144ec4c46de7697d49
3b4e73beba089c4c823cc457415659eeced32b74d64d0d7c9b6706cccb412d7c
3edab62f9ba2c8df0ab90d271b7b37587745c69a4de5f349c762c252d9b584ae
3fa65550b645ec6e5e829c38072f48d576d48225ff084fabbd6d6cab1b83c8a2
4027396b47239b0abc173d1a2c7058feab5179f8fb5fbe2413d60d56cc1be993
421ef940b7bf9a215f68906d24dad26c18f5c7d9f507a2e32702ede337543bc5
481c3c8577ed09c71de6607328e6701b993a91bab5c3eba5b6399a07750d0ad8
49e67b462f40cc09541556aa4b762b76c6ec5eee393c4c49221667260056e10a
4a168c67d315dad304efe9122083c1d748c194070d5d80df67a314665e1b1875
4a4bb2683722eca4d66c9c1b056aa3dc0ed6232800b7216b94e9a3989b661d4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e48b36dab43c7655377088866c76b7eaaa70323e9f43de34508d13f1fb48991
50c485a9384b2a9d81437cbef86594c914dd80d4285302c3cdaea462d227564d
5303aad48561f80b727c4da8bb74fb07ca6c0750a5dd92feb3bdbf9edb9febb4
534813d1da2f4d4550383d5db0879aedb2f74c2d0b8951ade277e8bcaea6df52
54573654901c495ecf67cc8ffd30108dd6f3a3c7332fd4dba41ab13877b75b8d
5b76c07c40a81ce20031358781ca88975dc11ba6e786f34af735fb59cb6f038c
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
611b09f31aa435141d5e6dc721940730e6df53dda798d645d5c587d2c11794f9
6a7483b7b03b7c4ee1872faec28c4ddbef5590f9a3b16216f8539167dfb3f042
78ae6d9f61f392225d938e9a14c18e80c217da8248d14f87fab86a8b26ff1f5c
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7c2a319af282b5ae2ed151a1daf4ace7f5d041af58157b8fd7c27974bf40187c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
86e9ad2cbd70b92cf469e3a7046b244044d5b0ffbf2abda45f5447f2c03f0e3e
891b4134fca2febf25fa3b4f5595849ca4e51d59fa77b5c0d7434ac3334e42dc
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a1c60310270c15b41063e11841c4efed4dc17c2b43bc3f3530a117382d25a6f
9d740e1efc4f3c4170666e735a4e34623c62570ef4c99e0b4ec41d801ddc1637
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6c08d377a2b4305fa652b46f49885a247a277988922d90e40e777a9534c1bbe
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a950fb206b996e64577c65af36a7843ee693a5a61b72b6a9c62a7cf8236b1361
ace20d7024f7972b7116cb40e434cfefb545859532e96191fa88c68d03aad797
ad83c5a37ed8cf2f7dbd99f1c46f9563929ddbd7317b61310c3aaf7d333bbbfb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b655c55023be0fa8fee2bbd2272e6bad1c920c311357090c9bf1dbec981ba5c2
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b6dfba3f37aa49c9cb322d57b2ca47c1b89ba7177ad88845c650cfb4a42e107d
bb738b0319a74b175cd3f1495bea385b2114f571428d4e56c2608ddad2dec68f
bbc8bcb95702b90051328d996eaae43ff8e950a5aba9166f45f6afbf1eb7f4be
bc6235804499ea71dcfe6dbea99f2b41be25b7e5c616e0164a9000b3b7fec9a2
bd04667d5d5feb14319f345a1a8e7486d8ab5aea560fb8be53cae5f6bc9d0e20
c2609c9b60a020e72f1127587501ae9124b9b4c42e15b5c90c92337806ca18aa
c38e17d3c4c0359acb101de8789403f06d053472f29c942258795d2b3a012a07
c3eae2c5e526c62112ade0f9edba2dc34f36ac7a0dc352bd7158e5322a878353
c69080e34624183023d3227e3c4fb157e67cc6136ceb397ffb53fc3ba0dbe0f9
c6a7c4e8052639aed0eee74fdb8ff47b87b06e71eeedbf16c87356e114747599
c83169cf862e67baca77cf3cd14a629bb84962a7fa22ac053c3a8ffb858c803e
cb5eaf47923485fe861dbe5ef19bc2a523428de7f4f1c6ebd2acbf558bc7c4ba
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce33c9584eac3cf5c20585c3d9c15f74e4132c408abc03fe5fcfacc48528e3eb
cedd707303327a2a9f8222a0f65e86573c3d19f15331240644a9d0346b31dcec
e14f785c0472d90e635d642e0e2b78053f60913859b26f111a96ee8c0fe8dd85
e207f128ce206dbc4beaebeb09407c9065109dce6cd3cbb1d0c5fa685658ef54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e8481a1ead8b50b6c0cc501d8dad8db51ed3e5ffb576e4446577c302dff9d463
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1566138227e01ae6d9b58dc6df0c77647af9ac97fce5d5833f3df59db7b7f55
f1e6926f876ab9721fe34a9e07a95eb4431dde592487ee5d45942738585b564f
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fb699cd2921111df477108e68483942a288def0a3eb4b708866c992521850107
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e