www.domainspurchase.com
150.239.200.100 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://celebritiesbooking.com/ 5yr old
Effective URL:
https://www.domainspurchase.com/ 4yr old
Submission: On January 08 via automatic, source certstream-suspicious (January 8th 2026, 2:38:51 pm UTC) — Scanned from US

Summary HTTP 98 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 14 domains to perform 98 HTTP transactions. The main IP is 150.239.200.100, located in United States and belongs to SOFTLAYER, US. The main domain is www.domainspurchase.com. 4yr old
TLS certificate: Issued by R12 on December 29th 2025. Valid for: 3mo.

This is the only time www.domainspurchase.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	54.215.31.113 54.215.31.113	16509 (AMAZON-02) (AMAZON-02)
16	150.239.200.100 150.239.200.100	36351 (SOFTLAYER) (SOFTLAYER)
17	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
10	23.54.223.203 23.54.223.203	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.253.139.95 172.253.139.95	15169 (GOOGLE) (GOOGLE)
2	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
11	142.251.179.157 142.251.179.157	15169 (GOOGLE) (GOOGLE)
2	34.54.226.84 34.54.226.84	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	142.250.176.193 142.250.176.193	15169 (GOOGLE) (GOOGLE)
3	35.209.233.198 35.209.233.198	15169 (GOOGLE) (GOOGLE)
1	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
1	34.111.60.239 34.111.60.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	23.196.3.195 23.196.3.195	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1 2	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.33.40.142 23.33.40.142	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
3	142.250.217.1 142.250.217.1	15169 (GOOGLE) (GOOGLE)
1	142.250.80.68 142.250.80.68	15169 (GOOGLE) (GOOGLE)
98	21

2 54.215.31.113 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-31-113.us-west-1.compute.amazonaws.com

celebritiesbooking.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
www.mall24hours.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

16 150.239.200.100 (United States)

ASN36351 (SOFTLAYER, US)
PTR: hs20.name.tools

www.domainspurchase.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

17 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 23.54.223.203 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-223-203.deploy.static.akamaitechnologies.com

creator.expediagroup.com 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.253.139.95 (United States)

ASN15169 (GOOGLE, US)
PTR: yuiadsk-in-f95.1e100.net

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

11 142.251.179.157 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f157.1e100.net

googleads.g.doubleclick.net 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.54.226.84 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 84.226.54.34.bc.googleusercontent.com

static.admaster.cc 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 142.250.176.193 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f1.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 35.209.233.198 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 198.233.209.35.bc.googleusercontent.com

tracenep.admaster.cc 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

www.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.111.60.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.60.111.34.bc.googleusercontent.com

imagesnep.admaster.cc 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 23.196.3.195 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-196-3-195.deploy.static.akamaitechnologies.com

c.travel-assets.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

gtracenep.admaster.cc 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 68.67.179.153 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.18.26.193 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 23.33.40.142 (New York, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-33-40-142.deploy.static.akamaitechnologies.com

a.travel-assets.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.250.217.1 (United States)

ASN15169 (GOOGLE, US)
PTR: pnlgaa-as-in-f1.1e100.net

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.80.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 9yr old tpc.googlesyndication.com — Cisco Umbrella Rank: 208 13yr old	380 KB
16	domainspurchase.com www.domainspurchase.com 4yr old	132 KB
15	travel-assets.com c.travel-assets.com — Cisco Umbrella Rank: 13360 12yr old a.travel-assets.com — Cisco Umbrella Rank: 11798 12yr old	442 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 56yr old cm.g.doubleclick.net — Cisco Umbrella Rank: 307 9yr old	83 KB
10	expediagroup.com creator.expediagroup.com — Cisco Umbrella Rank: 386708 10mo old	54 KB
8	admaster.cc static.admaster.cc — Cisco Umbrella Rank: 4456 2yr old tracenep.admaster.cc — Cisco Umbrella Rank: 4756 2yr old imagesnep.admaster.cc — Cisco Umbrella Rank: 4477 2yr old gtracenep.admaster.cc — Cisco Umbrella Rank: 2375 2yr old	15 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 350 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 359 2yr old	26 KB
3	gstatic.com fonts.gstatic.com 9yr old www.gstatic.com 9yr old	79 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 640 12yr old	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 313 9yr old	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 56yr old	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2 56yr old	568 B
1	mall24hours.com 1 redirects www.mall24hours.com 7yr old	212 B
1	celebritiesbooking.com 1 redirects celebritiesbooking.com 5yr old	208 B
98	14

	Domain	Requested by
17	pagead2.googlesyndication.com	www.domainspurchase.com pagead2.googlesyndication.com googleads.g.doubleclick.net ep2.adtrafficquality.google
16	www.domainspurchase.com	www.domainspurchase.com
12	c.travel-assets.com	creator.expediagroup.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	creator.expediagroup.com	www.domainspurchase.com creator.expediagroup.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net
3	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
3	a.travel-assets.com	creator.expediagroup.com
3	tracenep.admaster.cc	googleads.g.doubleclick.net
2	ep1.adtrafficquality.google	pagead2.googlesyndication.com
2	dsum-sec.casalemedia.com	1 redirects static.admaster.cc
2	ib.adnxs.com	1 redirects static.admaster.cc
2	gtracenep.admaster.cc	static.admaster.cc googleads.g.doubleclick.net
2	static.admaster.cc	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.domainspurchase.com googleads.g.doubleclick.net
1	www.google.com	ep2.adtrafficquality.google
1	cm.g.doubleclick.net	static.admaster.cc
1	imagesnep.admaster.cc	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.mall24hours.com	1 redirects
1	celebritiesbooking.com	1 redirects
98	22

This site contains links to these domains. Also see Links.

Domain
domainspurchase.com
adclick.g.doubleclick.net
adssettings.google.com
www.admaster.cc
tracenep.admaster.cc

Subject Issuer	Validity	Valid
mail.domainspurchase.com R12	`2025-12-29` - `2026-03-29`	3mo	crt.sh
*.g.doubleclick.net WR2	`2025-12-03` - `2026-02-25`	3mo	crt.sh
*.expediagroup.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-06-10` - `2026-06-10`	1yr	crt.sh
upload.video.google.com WR2	`2025-12-03` - `2026-02-25`	3mo	crt.sh
*.gstatic.com WR2	`2025-12-03` - `2026-02-25`	3mo	crt.sh
static.admaster.cc WR3	`2025-12-08` - `2026-03-08`	3mo	crt.sh
tpc.googlesyndication.com WR2	`2025-12-03` - `2026-02-25`	3mo	crt.sh
tracenep.admaster.cc WR3	`2026-01-01` - `2026-04-01`	3mo	crt.sh
imagesnep.admaster.cc WR3	`2026-01-07` - `2026-04-07`	3mo	crt.sh
c.travel-assets.com E8	`2025-12-13` - `2026-03-13`	3mo	crt.sh
a.travel-assets.com E8	`2025-12-13` - `2026-03-13`	3mo	crt.sh
adtrafficquality.google WR2	`2025-12-03` - `2026-02-25`	3mo	crt.sh
*.google.com WR2	`2025-12-03` - `2026-02-25`	3mo	crt.sh

This page contains 14 frames:

Primary Page: https://www.domainspurchase.com/
Frame ID: 239F2837C424D7B78EAD504A2F566FE5
Requests: 27 HTTP requests in this frame

Frame: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Frame ID: D836A685D30359FB51B65C827241B8D1
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260105/r20190131/zrt_lookup_fy2021.html
Frame ID: 3C3A519DA31097824FA01B3D88E293DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&adk=1812271804&adf=3025194257&lmt=1756221167&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.domainspurchase.com%2F&pra=5&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883133874&bpp=172&bdt=435&idt=486&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5066885412379&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=544
Frame ID: 5AD377D3E0268F6AC4C4D8C340C22C16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421
Frame ID: 59E1E87DC0F75E684427E95C5CD383CE
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Frame ID: 6B6899020DD0FE8157F0FA9D7B38A385
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4163489957&adf=99222838&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134122&bpp=2&bdt=684&idt=412&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=421
Frame ID: 2542F68E3997FBBD458FAFAE1A61A615
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4163489957&adf=3413137819&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134125&bpp=1&bdt=687&idt=434&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=440
Frame ID: 56CEC7F969D373B3F2A0222B2994BF1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4163489957&adf=845228895&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134126&bpp=6&bdt=688&idt=454&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2016&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=458
Frame ID: D7C7919E55EE7691EB0D3CA1E0471D64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4832625289&adk=2474917049&adf=923039568&pi=t.ma~as.4832625289&w=950&fwrn=4&fwrnh=0&lmt=1756221167&rafmt=1&armr=3&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134134&bpp=3&bdt=696&idt=461&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280%2C950x280%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=466
Frame ID: 67B4180E6DE095BCDCCC379AFCD92428
Requests: 1 HTTP requests in this frame

Frame: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Frame ID: C083EE7A0C7634B5AA44EF47AC97B14F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_DpAYn8KnW9JzIpbp6zFdMsHex1DOAPmwtavu8uJTio.js
Frame ID: E3B5B464A4E5C88B19FB1ED374284857
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: DE4BDBF58B22C7FA50FE3421B3C3D67D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24A4C691D589601815C0CCA54BD35533
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Premium Domain Names | Register Your Domain Name

Page URL History Show full URLs

https://celebritiesbooking.com/ HTTP 302
https://www.mall24hours.com/ HTTP 302
https://www.domainspurchase.com/ Page URL

Detected technologies

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

98
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

22
Subdomains

21
IPs

2
Countries

1216 kB
Transfer

3716 kB
Size

18
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://domainspurchase.com/
Title: Domains Purchase

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CiL9bfsFfabf-JeDzkPIPyrjXqAW4w7qKgwHzkPO6_BGX3qK9wAEQASCG8q5XYMmGgIDco8QQoAG4wfClKsgBCagDAcgDywSqBO4BT9A1ntNx3nRLtkv_kKK3nHyUbnTq4oI9KA8Z3N8PZPYicbjWv6Yq1LGNUVxEdcwoc5wswsqLoQdLDl3-n2o350DzwKgtf93R_lRvxk7gJlAe8ehl4-PzU1gkCbatv0a2XFucxv624SvzegDWYx1bwETDMtOzBAVzWCDPgsvuwwsR2MQUCS8bJ7jr-KjmRqqSLGVoZCdcpKBRah4JA5B5mhlaAvNhCKxHC0sRW7CIcSvEFH0L6YXW8bUu7Lm4G-0tYF_yVHShglmsHMwKrrOFpF6nuthkxf3pkAJmZIYlwtmvHKOmmXbH1s4JaDvkgMAEqoqpmKwEiAWB1eHdTKAGLoAHuPnAhQWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwDSCC8IgGEQARifAzIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljmzvfxlfyRA7EJfk1OkiviPRmACgGYCwHICwGADAHaDBAKChDA7qfKtdaz_RISAgEDqg0CVVPIDQHqDRMIs7b58ZX8kQMV4DlECB1K3BVV8A0CiA4J2BMDiBQB0BUByhYCCgD4FgGAFwGyFw4YASoKNDMwMjY4MTE2N7oXAjgBqhgXCQAAAADASwZBEgo0MzAyNjgxMTY3GAGyGAkSAqpQGC4iAQDQGAHCGQIIAQ&ae=1&ase=2&gclid=EAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE&num=1&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&sig=AOD64_0_Qp-b7JJY9YN2pK3F9jtTLzcsUg&client=ca-pub-8049534086604188&rf=1&nb=9&adurl=https://mdlpa.org/%3Fgad_source%3D5%26gad_campaignid%3D20597729921%26gclid%3DEAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CiL9bfsFfabf-JeDzkPIPyrjXqAW4w7qKgwHzkPO6_BGX3qK9wAEQASCG8q5XYMmGgIDco8QQoAG4wfClKsgBCagDAcgDywSqBO4BT9A1ntNx3nRLtkv_kKK3nHyUbnTq4oI9KA8Z3N8PZPYicbjWv6Yq1LGNUVxEdcwoc5wswsqLoQdLDl3-n2o350DzwKgtf93R_lRvxk7gJlAe8ehl4-PzU1gkCbatv0a2XFucxv624SvzegDWYx1bwETDMtOzBAVzWCDPgsvuwwsR2MQUCS8bJ7jr-KjmRqqSLGVoZCdcpKBRah4JA5B5mhlaAvNhCKxHC0sRW7CIcSvEFH0L6YXW8bUu7Lm4G-0tYF_yVHShglmsHMwKrrOFpF6nuthkxf3pkAJmZIYlwtmvHKOmmXbH1s4JaDvkgMAEqoqpmKwEiAWB1eHdTKAGLoAHuPnAhQWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwDSCC8IgGEQARifAzIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljmzvfxlfyRA7EJfk1OkiviPRmACgGYCwHICwGADAHaDBAKChDA7qfKtdaz_RISAgEDqg0CVVPIDQHqDRMIs7b58ZX8kQMV4DlECB1K3BVV8A0CiA4J2BMDiBQB0BUByhYCCgD4FgGAFwGyFw4YASoKNDMwMjY4MTE2N7oXAjgBqhgXCQAAAADASwZBEgo0MzAyNjgxMTY3GAGyGAkSAqpQGC4iAQDQGAHCGQIIAQ&ae=1&ase=2&gclid=EAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE&num=1&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&sig=AOD64_0_Qp-b7JJY9YN2pK3F9jtTLzcsUg&client=ca-pub-8049534086604188&rf=1&nb=0&adurl=https://mdlpa.org/%3Fgad_source%3D5%26gad_campaignid%3D20597729921%26gclid%3DEAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE
Title: Learn Why Limestone Rocks

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CiL9bfsFfabf-JeDzkPIPyrjXqAW4w7qKgwHzkPO6_BGX3qK9wAEQASCG8q5XYMmGgIDco8QQoAG4wfClKsgBCagDAcgDywSqBO4BT9A1ntNx3nRLtkv_kKK3nHyUbnTq4oI9KA8Z3N8PZPYicbjWv6Yq1LGNUVxEdcwoc5wswsqLoQdLDl3-n2o350DzwKgtf93R_lRvxk7gJlAe8ehl4-PzU1gkCbatv0a2XFucxv624SvzegDWYx1bwETDMtOzBAVzWCDPgsvuwwsR2MQUCS8bJ7jr-KjmRqqSLGVoZCdcpKBRah4JA5B5mhlaAvNhCKxHC0sRW7CIcSvEFH0L6YXW8bUu7Lm4G-0tYF_yVHShglmsHMwKrrOFpF6nuthkxf3pkAJmZIYlwtmvHKOmmXbH1s4JaDvkgMAEqoqpmKwEiAWB1eHdTKAGLoAHuPnAhQWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwDSCC8IgGEQARifAzIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljmzvfxlfyRA7EJfk1OkiviPRmACgGYCwHICwGADAHaDBAKChDA7qfKtdaz_RISAgEDqg0CVVPIDQHqDRMIs7b58ZX8kQMV4DlECB1K3BVV8A0CiA4J2BMDiBQB0BUByhYCCgD4FgGAFwGyFw4YASoKNDMwMjY4MTE2N7oXAjgBqhgXCQAAAADASwZBEgo0MzAyNjgxMTY3GAGyGAkSAqpQGC4iAQDQGAHCGQIIAQ&ae=1&ase=2&gclid=EAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE&num=1&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&sig=AOD64_0_Qp-b7JJY9YN2pK3F9jtTLzcsUg&client=ca-pub-8049534086604188&rf=1&nb=7&adurl=https://mdlpa.org/%3Fgad_source%3D5%26gad_campaignid%3D20597729921%26gclid%3DEAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE
Title: Limestone aggregate is a precious natural resource

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CiL9bfsFfabf-JeDzkPIPyrjXqAW4w7qKgwHzkPO6_BGX3qK9wAEQASCG8q5XYMmGgIDco8QQoAG4wfClKsgBCagDAcgDywSqBO4BT9A1ntNx3nRLtkv_kKK3nHyUbnTq4oI9KA8Z3N8PZPYicbjWv6Yq1LGNUVxEdcwoc5wswsqLoQdLDl3-n2o350DzwKgtf93R_lRvxk7gJlAe8ehl4-PzU1gkCbatv0a2XFucxv624SvzegDWYx1bwETDMtOzBAVzWCDPgsvuwwsR2MQUCS8bJ7jr-KjmRqqSLGVoZCdcpKBRah4JA5B5mhlaAvNhCKxHC0sRW7CIcSvEFH0L6YXW8bUu7Lm4G-0tYF_yVHShglmsHMwKrrOFpF6nuthkxf3pkAJmZIYlwtmvHKOmmXbH1s4JaDvkgMAEqoqpmKwEiAWB1eHdTKAGLoAHuPnAhQWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwDSCC8IgGEQARifAzIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljmzvfxlfyRA7EJfk1OkiviPRmACgGYCwHICwGADAHaDBAKChDA7qfKtdaz_RISAgEDqg0CVVPIDQHqDRMIs7b58ZX8kQMV4DlECB1K3BVV8A0CiA4J2BMDiBQB0BUByhYCCgD4FgGAFwGyFw4YASoKNDMwMjY4MTE2N7oXAjgBqhgXCQAAAADASwZBEgo0MzAyNjgxMTY3GAGyGAkSAqpQGC4iAQDQGAHCGQIIAQ&ae=1&ase=2&gclid=EAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE&num=1&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&sig=AOD64_0_Qp-b7JJY9YN2pK3F9jtTLzcsUg&client=ca-pub-8049534086604188&rf=1&nb=8&adurl=https://mdlpa.org/%3Fgad_source%3D5%26gad_campaignid%3D20597729921%26gclid%3DEAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CiL9bfsFfabf-JeDzkPIPyrjXqAW4w7qKgwHzkPO6_BGX3qK9wAEQASCG8q5XYMmGgIDco8QQoAG4wfClKsgBCagDAcgDywSqBO4BT9A1ntNx3nRLtkv_kKK3nHyUbnTq4oI9KA8Z3N8PZPYicbjWv6Yq1LGNUVxEdcwoc5wswsqLoQdLDl3-n2o350DzwKgtf93R_lRvxk7gJlAe8ehl4-PzU1gkCbatv0a2XFucxv624SvzegDWYx1bwETDMtOzBAVzWCDPgsvuwwsR2MQUCS8bJ7jr-KjmRqqSLGVoZCdcpKBRah4JA5B5mhlaAvNhCKxHC0sRW7CIcSvEFH0L6YXW8bUu7Lm4G-0tYF_yVHShglmsHMwKrrOFpF6nuthkxf3pkAJmZIYlwtmvHKOmmXbH1s4JaDvkgMAEqoqpmKwEiAWB1eHdTKAGLoAHuPnAhQWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwDSCC8IgGEQARifAzIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljmzvfxlfyRA7EJfk1OkiviPRmACgGYCwHICwGADAHaDBAKChDA7qfKtdaz_RISAgEDqg0CVVPIDQHqDRMIs7b58ZX8kQMV4DlECB1K3BVV8A0CiA4J2BMDiBQB0BUByhYCCgD4FgGAFwGyFw4YASoKNDMwMjY4MTE2N7oXAjgBqhgXCQAAAADASwZBEgo0MzAyNjgxMTY3GAGyGAkSAqpQGC4iAQDQGAHCGQIIAQ&ae=1&ase=2&gclid=EAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE&num=1&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&sig=AOD64_0_Qp-b7JJY9YN2pK3F9jtTLzcsUg&client=ca-pub-8049534086604188&rf=1&nb=1&adurl=https://mdlpa.org/%3Fgad_source%3D5%26gad_campaignid%3D20597729921%26gclid%3DEAIaIQobChMIt7X58ZX8kQMV4DlECB1K3BVVEAEYASAAEgKU4PD_BwE
Title: M-DLPA

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AUJjZ_6tYKycI18L-9zHtU_NYAtNu-nBJ3xZbfdMYIwYHEKA565Y8Dbb2aRzFmXH3NPi0NnsumwGkT0X7VLZgQzNjSdTkJqsg5vHDXSpzw7dsoMKJqugNHi63uibsee_l9ictufTJGOj0j9HgTtTCbXHy39Uyc69S4VOMj4M6XKevfYh1PT9BckGeFMlD3oiTLjUHqzcaBQLGpNgjCjJwJhRbhz3jrnifdeRsL5A3m337jiuxdTv06KftMABfGHINW3OdpuKoM8ce07gzIN58umiHPjV1KIuPIVEgrBgllX1GkYYdJOMmLBOqtI4Opb6Rv3uHbCqVNoO9aq6-2GFPkbfgn-9IU9MRSur00RapWAsPBCgoxvx8EOjtAyciXN46-7XsL1iEESRyNI9x3ozKDzz51crlSuUECQx7Md3E12_oohYWaPiatEM7IO6_eGurHz1hnPOH2hhz7qCriDNj0uX_CaOGxMvEk5OTS9juLtu9pNbMflH_MGpYX_fegqEqOyoTnda6Z3FR6KfXHlDCMj6ouaZ1zPe03aX4dUHZz3pgZ4izaXltIR2u5pmkZoFzsqCQWuRhRt9QgSLCMu1iP1LiHTDGUiITWLql59ccg0KyDnYlvJTYNDPZ3qJNxsFxhoMn80OwOTAV4lmw7w5NCOM60dv9NXrFPlAiBlWWvYt5j7qXYET4J1ZMPqJvgpwKEVEiDtGF1GYFjNltw96p4BH17fFWAfK1_NRayt-6HFUY9F_8FFIqaJm6us4MY-HDnEE4kHklj4JEVXjSI4AwdsdN5NNomW9yEH3VJYT1uiYXSB5Fj3A_lagVO0Bfy9axBPCzOoz-8zIBAL0G8IZXVe0UHEHDqaNBi1dmDSEQq9Lli3iSjT3OKV6NFeKpyGhgkJpshvcXnBHcM20WIDqXeHDBeDyjevuGF-m0rMzQRqkIU3MglUcJoEo1YMQ77qqHWaJtue5Lq-1WtKBrc77h9nHuSRCFhaz212928Zff1V3S8si0Nsz4pBPSkHNeZPVdmGAjexRUnwflRwj2arCoksp0YBcglav9k2mHeLJ2CcFlLp1dwVrHYNep9l0JlE4Wsnqj3Y5kd9EckDC15v2p-aThlB_rWNawM5srjWUBGadT6-mtNKyxU0rfF-wGWNw0gW7MFAopWxDrxM8x_l7S9ypkSr3utVC-UrcLVQ1-ZN_pdW9iX7XHFoABx-w0YxBjcbd5DjlulRxPviNlgECe-n0SEcXhHaUQKpzMh3cTTq3E5gi2FIUjtD_siqAzac_555hqzRTMcE_wQ08aQph8QbKhEa3nHUaSrzmcy_ooS2DBrEhSv-XMpbtUfD1zNbZjGo9J10-gckyJxHl0uOPTUq6j9s63cmLQx3dxKDbNLDGEzCJKJO5uKiSCYGBaXcKD9PT1CuCTCg6ghEydEs0aZCs48JufaytrkuiI1yB9tVSFldqoRHm-Z9q5Nfghr91N1cVvTIq_FZ5ZztpZDPLTK9-glqp8UOIIz3FD-QR5lLQN2eFkkRbY4JOgeUpBVXXnB0B12doTZf3D2Mo11a_guYVOyBQ05a_GaU_gFBJWSapcF3QSIsF02Q32dy9Y9nz70vja1hgrTOzVaeV7IrHhF3eibai5TkJZwpIwxfEYdVuefm8V6dsSb7ZgGs3HDSqsiyrGEBsNrkPceVGxADfPzffSKaMC26kCZZIxPrCzCPTzEVGBxxDV2KMcnCUZsgTOu0MkN6HJ7Pvircs93a_FMQqBjJXEFQMBx6INuq_6iYc_yvuTOD2jRbhDKk8SY0COMyY0NTkHl7d2LU7luCIEdr9Yp23kKC97H3YKZb3_675A5fjcDCjdG-aoEVsYWZI8lz3q8XnuS84pVfTqSXRPuynhpOOx4pBqPXNWOhpYuIn3p7pVTgecYqqRN10zjxczfvpum8mdyUF4q3Mk3Om6FNieqj8-2HNOJr6I_nYp5mTffdoD11YryARD-5yKigsHGKRUe47z1TKB2-0Kqxm5mLiLknIP3wtRQLzJ8GmIeX0FpqDpC4vyWzYdoCXp1ZuC8Ag_mVhp7KU9iuMgU9f23mOKvybolXqai4ftq19saqJeBn-QcpgY-y1NKATaIXlEI7RfabMCI29oIgs3Cejw04xeqYz5Pa6tV6g5chi08SNf43W0Zz9LsLk_kT4dtJtw5N21HB-CxEYO4SGZ-vJI6o2GCnQFXMGohokqkGlkT_qELxhHcl8rYhNrNX_ypRVokqxe56ojKfqnp2QaBgSicrS5hvHyBVqEGSosFtpigPq92ai0Jqqgcv7y5-d4PRNxrry3yMAc-rSRUHpspAmwPA-y1BnhU4bMJHYyhH9fA9vP49oeZ-ves4Zev5rVIK9MUk_8xliOMBTJhO-FYz7et_slyIrC3fnAY-_ly81KssfE2doyRYWjOpJgMttv9ec_uZdTE8FWwq0HYaRfIlXoSpAeZL9G7ZscBVwgKqEUcLQQvJ4Frxi4l8nkVkGKvC9JSfIGny-SIguDM6XPRT5gEZlU1e2w3pS2iusF-MbgRNvFpvpDwovCNcoKcztlYVdNBcNaizFjgXk-6ksJqNz0KbGqbK8hSIckBmJWfrg5fosajcY3Uhm8KfGw2ktuMK6BpAuKEnfW0vX3iaRDKgedzc92BMxz3Yoz5U&opi=122715837

Search URL Search Domain Scan URL

URL: https://www.admaster.cc/privacy

Search URL Search Domain Scan URL

URL: https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=df2f3f58e3737c667e2c3e16c1f03205&acid=75&data=yx_vI1SuVfC42Y-iSalHr9NZTw19dp_NojmrQLi36UXL90rBEbcDAHEBXQJfXoB9RGZV-3_Z2s17Lbb1RLQXjOtVHevtlx65I3_4Hq6KP_RjQxTfMmLbcIp6sKdBonxJLEc2fv3DxLtPLlMdkbM4J2zQLE6iExQlJABecDfO3uSEZG8bSLoAInuozAo3SaS1QqolBs9f7SnfVEQFUPGZS4hPK6buwWV7jItCvZn_kMHHPge8OfpUjpLakIfRWAWeiinMWKlKwXnR1eFs_LPH5AVNWo9RAUkxfRscufXLeJgkAa4L6r4GeNVvHVsbMHnKABMEtaOYSg8UFqNm6B_jZqg4aorkcfxfZXkc2PeDdhNNvDwZiwEsL9UUcFJxkN8zROozqipV22n4kGMutnLz1M3J3cEqNziSaycwmWtM6I3F800x4jJFpcIeHWoElcVgSaKgGh1EDdYMX5e1UaxXy-tQKXa4BqqCwTd583cB2RWCriDgn7cIb0Bhr7Lt9yaeklkhdNkAb0aw1Q6N2pyOGejOvtkObxc2iDJIOtClK9H6lemHwz0CWPq7vF6V3rE12GUT9fPu-0MAilM6Rr_pzWnN2_AwjUYCxgAxzcMBCPA4rV8HQHF5SgfMuBdhwLLZDJ-14kwVSIwL9u4R5WBytDM-NZ8SZykmxbXhfYh6lhFP1zmVpHTBggoCEOPZ3rEE2qI0BEDEOmyUfZaNp5ReaQBYhZvAEr6YmMA1ZJblh_h3sQJJaGsTwhaMqSPX8F1TXABe8P00EfPDAXUeHi7sw2-_953RyPcpq6tYO2MLiRXqwmpNIp1aw8nNcX-TO1navYCQyaSmy3h_96ua_SpZZ0N1RH_vfcgmhhHNR87lNF7Pd1bjHFsl_3w1noseg687qb1Vjv5uPFKpJWBlFSZnK_QA1VLuR6ZWNz25ieSBhbOToF5PXI_qwcQk4gc-81HNaSS6nxDp4lAFVEl7lJUmSzXBObK312lomAL_GEV5xYxwTyY5FXr6Q0zYk0FwbN9Hj-Sp3MaqSZbZxMRIBNAEm6aTChljszQGl8AmjdYmvFzdin19OP77yVpBFjuc2SzW5iajyzZRM30Wgy46MFljVcVXc6OioUw8E5tL8XaEsmN8vFT4r0Abbcagv7TxWkVL3OVSQV7l0o8BxU2JiJy-ZPeVlstyVsKvC7ZtTqXr7QAlsLlZGCtTChg7-r27OqkA3jNMDVd7EkFtJ17mFrbUZPffruqgK1spgDTov1PhrMoHG7IslrqXZSheFc7RgazT2rT7eYqpbLAhwzjXbSi2dmhtGyfA1m2N9_-saBzhbhxeJziuYaOKNdGOq3JOwbTuiJWOy6gltjkZiM7YZQ2TZOK86hOd1HwiClUtPB8WKPn9_hYBfffUj4u6xcWuDpWKfpAWXzGh9y9ueIdubpYGBm1mBKmD-F7m46b3yGTrTlwmsD3akpbkdblSECug6BOcm6WjKjXQMXgdLqOBfifVRUFoqCppD2zPMT4oRdBKzs969EgFQ_6CjTjI15f3DN6-Vd1YBLP0MlG6NFYifHtz3bfDaswF-fYLBqObtHMVhcXXmsIq2fkNRLvkGY0_Ibi0NiO0JWyeF9jSlH-rvTiW9NBHqadaOB3MoFYg8ePJo_bIGF0adUvFN75c3jNud7Z4Sn8_K1XLIAxijU4tJxvXY85wPTN41wx91E5AJmkSGINwNkPOJG6ymwhHlGLZZTJtyOZDfaHQjh8viRt4goMYoaFJtefkq_gKoqAhWiyygEsf1duCtIH4EUHvqXDpClHVOR2QAEzfUBDS9bUPFRjlTNUopi98px48ZUgmxPf4kT5duJL5gdEGYLR-2ovNhJ1LZG_KnCLjpnv3NXraACyljnYWQtFIOR2HEIz7jEqErxCQqZC5KgzoSPifxJMVk5ZJMoENHPCARtvpaCplsPPsk0yWVATYKniOWxthEsIw9KqjIBnah09WZGrsmyBiswpFJ4NE6HDzZEkzAa1dMDiLOyCkg57niF_5giQSesRWo93cw_fA77TxTRHJ1c-kV5y9yVhI87GNaavyuC6ZjIBJvv7rodGfbaQ7y5EIeeJUpRs&uid=mid_2f6ae0c83382b7b112d47e58b8ce4e98&mguid=&ap=0.019813&tid=102&gprice=nR8mHqBbgj_Srbkmaqi0MEwGSRemduI2i2aYeMZD4yk&campaignid=4391681&google_click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwwd_fsFfaYqmJaHHpfgP0dCU4QyltoSEe8z8yrWgE8CNtwEQASCG8q5XYMmGgIDco8QQyAEJqAMByAMCqgTIAU_QMvT4kHlyARfyQIGDUYMDfulaqt-gq9PrFPj7KXLTAiq1XjFKKT7C4WSz9ygCW01V4wj-X0QAvKwb0-S6xW5XmEfS3N8aivuqo_kYiAAYVS2X4pyYwmpePWsejaHoNwNu7WcE5WWp1xFtcwvPz968RLk8vOL6ASyzZjJ0XWH2IPWyDxsLE1v1Ts8dDALzk7KbWJxmQhU8Z_tVYCtHYN0rrc9vtWexEyE5yvUhMO_lfVMAUsrZ6YczxKo92GKJrNzYlubrFcNmgAaV3rus7KvV3pYBoAYhqAeT2LECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WMbJ9_GV_JED-gsCCAGADAGqDQJVU-oNEwj23fjxlfyRAxWhYwkJHVEoJcyIDgnQFQGAFwGyFxAYDCoKNDMwMjY4MTE2N1ABqhgXCe-nxksHsM1AEgo0MzAyNjgxMTY3GAE%26num%3D1%26sig%3DAOD64_3Et5cddJj4kZosF2O-i4pNk4m9Mw%26client%3Dca-pub-8049534086604188%26adurl%3D
Title: Ask a Pro: "How Long Does $2.5 Million Last in Retirement?"

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://celebritiesbooking.com/ HTTP 302
https://www.mall24hours.com/ HTTP 302
https://www.domainspurchase.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://ib.adnxs.com/setuid?entity=529&code=8df1d1e144e611ad2spoza00mk5jz1i6 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3D8df1d1e144e611ad2spoza00mk5jz1i6

Request Chain 74

https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=8df1d1e144e611ad2spoza00mk5jz1i6 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=8df1d1e144e611ad2spoza00mk5jz1i6&C=1

98 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.domainspurchase.com/
Redirect Chain

https://celebritiesbooking.com/
https://www.mall24hours.com/
https://www.domainspurchase.com/

7 KB
2 KB

211ms
85ms

Document
text/html

150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: e9039ee379f5fb5750709b125d0fbe75a552d97149f046cbb1259edd808af961

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Thu, 08 Jan 2026 14:38:53 GMT
last-modified: Tue, 26 Aug 2025 15:12:47 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding

Redirect headers

cache-control: private, no-cache, no-store, max-age=0
content-length: 0
content-type: text/plain
date: Thu, 08 Jan 2026 14:38:53 GMT
expires: Mon, 01 Jan 1990 0:00:00 GMT
location: https://www.domainspurchase.com
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
54 KB 254ms
99ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8049534086604188

Requested by

Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ebf6d533a07989d0d156ca700650eb87e4ff6efce052affc94753c2884af9b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://www.domainspurchase.com
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
etag: 4626945357110988618
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 14:38:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55609
x-xss-protection: 0
server: cafe

GET
H2 200 style.css
www.domainspurchase.com/ 18 KB
4 KB 174ms
79ms Stylesheet
text/css 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/style.css
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: a7c39cbafaddb314a469ab3c4f5c1ab96abe13c59bdb9f6ec8846978a2a39019

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 08 Mar 2024 19:27:08 GMT

GET
H2 200 media-queries.css
www.domainspurchase.com/ 3 KB
1001 B 175ms
80ms Stylesheet
text/css 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/media-queries.css
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 25510a6d17816246d9a90f5be9434642dff5dfcd36f76af12a7fa8a0097e5e3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 08 Mar 2024 19:27:26 GMT

GET
H2 200 jquery-1.11.3.min.js Show response
www.domainspurchase.com/JQuery/ 94 KB
32 KB 196ms
102ms Script
application/javascript 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/JQuery/jquery-1.11.3.min.js
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 08 Mar 2024 19:30:13 GMT

GET
H2 200 javascripts.js Show response
www.domainspurchase.com/ 1 KB
688 B 218ms
126ms Script
application/javascript 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/javascripts.js
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 34deed95bd6d3b8a88ca59ecabc82f0f5723a25b74e5aca1fbca48d569fd4bb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 08 Mar 2024 19:27:32 GMT

GET
H2 200 header.js Show response
www.domainspurchase.com/ 3 KB
1 KB 216ms
125ms Script
application/javascript 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/header.js
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 0fb83e71daabbea59c8218be73035fc17076fe013dd2a662be9176f3a265d88d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Tue, 11 Feb 2025 19:44:45 GMT

GET
H2 200 home.jpg
www.domainspurchase.com/picts/ 48 KB
48 KB 225ms
122ms Image
image/jpeg 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/picts/home.jpg
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: d14b1e3cfb6476bac6ecbaf2fe4f34b1d1cde8f515c9d3377959e305ef2f5481

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 49063
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: image/jpeg
last-modified: Fri, 08 Mar 2024 19:29:37 GMT
server: nginx

GET
H2 200 eg-affiliate-banners.js Show response
creator.expediagroup.com/products/banners/assets/ 6 KB
3 KB 608ms
356ms Script
application/javascript 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://creator.expediagroup.com/products/banners/assets/eg-affiliate-banners.js

Requested by

Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-223-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

e59aaf2eb1ac9ef86c0b011e544b27447417ff6051d3e0a6d4e7058fa25e2db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

x-akamai-reference-id: 0.16623417.1767883133.6df0cb79
x-cgp-info: noJvmRouteSet;55655a0a-1057-421a-846f-577ebb4e374b
content-encoding: gzip
etag: "19232df042dc445a879184b3f18a73c13f9e723d-gzip"
x-content-type-options: nosniff
date: Thu, 08 Jan 2026 14:38:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Aug 2025 02:17:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cache-control: no-cache
trace-id: 71d5073c-d6ba-4bbd-8ebb-06d91be19093
x-download-options: noopen
accept-ranges: bytes
x-b3-traceid: 71d5073cd6ba4bbd8ebb06d91be19093
content-length: 1574
x-xss-protection: 1; mode=block

GET
H2 200 home-small-1.jpg
www.domainspurchase.com/picts/ 8 KB
8 KB 70ms
60ms Image
image/jpeg 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/picts/home-small-1.jpg
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 4047b6b06c11a4710302b0b81d43d74ceea977feee30cdc0b7b386468b263352

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 8424
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: image/jpeg
last-modified: Fri, 08 Mar 2024 19:29:39 GMT
server: nginx

GET
H2 200 home-small-2.jpg
www.domainspurchase.com/picts/ 7 KB
8 KB 70ms
50ms Image
image/jpeg 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/picts/home-small-2.jpg
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 26d98b7c04bbabef98191f2f233d81693ff6dffadc29f229c75170eae622abc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 7605
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: image/jpeg
last-modified: Fri, 08 Mar 2024 19:29:40 GMT
server: nginx

GET
H2 200 footer.js Show response
www.domainspurchase.com/ 630 B
412 B 69ms
67ms Script
application/javascript 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/footer.js
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 3304c6bdb1874898e281ca8397ff32ceb257ea4a35d956664bf7fa91f6815c44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
date: Thu, 08 Jan 2026 14:38:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Tue, 04 Feb 2025 15:53:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 316ms
94ms Stylesheet
text/css 172.253.139.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700

Requested by

Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.253.139.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yuiadsk-in-f95.1e100.net

Software

ESF /

Resource Hash

963de1188c46de111dc13a3364c70c98fb2f1fdedd0c70b9512381083c858ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 14:38:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Jan 2026 14:38:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 08 Jan 2026 14:34:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/ 531 KB
172 KB 79ms
77ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8049534086604188

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

84c2e813fa84f3090cecebba63d4064ecb2618b7de922568e84c442e987c22e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: br
etag: 13839644120018305622
age: 50479
x-content-type-options: nosniff
expires: Thu, 22 Jan 2026 00:37:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 08 Jan 2026 00:37:35 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 176501
x-xss-protection: 0
server: cafe

GET
H2 200 menu-icon-black.png
www.domainspurchase.com/header-icons/ 799 B
913 B 69ms
65ms Image
image/png 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/header-icons/menu-icon-black.png
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 31f3077b84773c423e16fd64c7e8f092786d09c5242a3300c612d45085ab50d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 799
date: Thu, 08 Jan 2026 14:38:54 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 15:14:44 GMT
server: nginx

GET
H2 200 icon_contact-black.png
www.domainspurchase.com/header-icons/ 601 B
715 B 69ms
65ms Image
image/png 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/header-icons/icon_contact-black.png
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 2afe233f4be310f37b387564c6e6b7955cbc2fa3570eba331366d4e84ccf1587

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 601
date: Thu, 08 Jan 2026 14:38:54 GMT
content-type: image/png
last-modified: Tue, 11 Feb 2025 19:40:31 GMT
server: nginx

GET
H2 200 icon_home-black.png
www.domainspurchase.com/header-icons/ 386 B
500 B 68ms
64ms Image
image/png 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/header-icons/icon_home-black.png
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: 001673eed381382498d9e64a21b1a171f7d18403d5bd026ffea3f81fe69f7ebd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 386
date: Thu, 08 Jan 2026 14:38:54 GMT
content-type: image/png
last-modified: Tue, 11 Feb 2025 19:40:18 GMT
server: nginx

GET
H2 200 logo.jpg
www.domainspurchase.com/picts/ 22 KB
22 KB 75ms
71ms Image
image/jpeg 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/picts/logo.jpg
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: a70cee23501766bca55e104c29bcb78b05ecda1dbea8b1f468d113db7b492d26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 22254
date: Thu, 08 Jan 2026 14:38:54 GMT
content-type: image/jpeg
last-modified: Mon, 29 Apr 2024 18:59:18 GMT
server: nginx

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 15 KB
15 KB 258ms
62ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://www.domainspurchase.com
Referer: https://fonts.googleapis.com/

Response headers

age: 280532
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 05 Jan 2027 08:43:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 05 Jan 2026 08:43:22 GMT
last-modified: Wed, 10 Sep 2025 16:47:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14868
x-xss-protection: 0
server: sffe

GET
H2 200 eg-affiliate-banners.css
creator.expediagroup.com/products/banners/assets/ 156 B
797 B 1304ms
1295ms Stylesheet
text/css 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://creator.expediagroup.com/products/banners/assets/eg-affiliate-banners.css

Requested by

Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners/assets/eg-affiliate-banners.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-223-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

4c8b53d4b93c9f0b627787ea47156488d1d9c9b08c75efd2d183cdc2bd698a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

x-akamai-reference-id: 0.16623417.1767883134.6df0ce2e
strict-transport-security: max-age=15768000
cache-control: no-cache
x-cgp-info: noJvmRouteSet;28e2371f-14fe-4bac-b3b5-8d62dd5a59fa
etag: "4bf06babaae04f029a11b730184feedbff99ca2e"
trace-id: fb13c135-e047-432e-be0c-1ded4801677e
x-content-type-options: nosniff
x-download-options: noopen
accept-ranges: bytes
x-b3-traceid: fb13c135e047432ebe0c1ded4801677e
content-length: 156
x-xss-protection: 1; mode=block
date: Thu, 08 Jan 2026 14:38:55 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 27 Aug 2025 02:17:14 GMT

GET
H2 200 arrow-up.png
www.domainspurchase.com/picts/ 570 B
684 B 75ms
68ms Image
image/png 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to Show image

Full URL: https://www.domainspurchase.com/picts/arrow-up.png
Requested by: Host: www.domainspurchase.com
URL: https://www.domainspurchase.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: e08c806b2b82f01fa8d3318153742c29f20a52029a62474003200874dfa43cb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 570
date: Thu, 08 Jan 2026 14:38:54 GMT
content-type: image/png
last-modified: Fri, 08 Mar 2024 19:29:34 GMT
server: nginx

GET
H2 200 banners Show response
creator.expediagroup.com/products/ Frame D836 241 KB
46 KB 1188ms
1011ms Document
text/html 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Requested by

Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners/assets/eg-affiliate-banners.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-223-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

c820c815e315378c90154479b46a1a1176e035f1d89693868a5d94ea31561a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-language: en-CA
content-length: 45922
content-type: text/html; charset=utf-8
date: Thu, 08 Jan 2026 14:38:55 GMT
strict-transport-security: max-age=15768000
trace-id: d4905769-c80e-46b1-b408-649591b3259f
vary: Accept-Encoding
x-akamai-reference-id: 0.16623417.1767883134.6df0d06b
x-app-info: eg-affiliate-products,unknown
x-b3-traceid: d4905769c80e46b1b408649591b3259f
x-cgp-info: noJvmRouteSet;99ddfb2b-e25d-4532-98c9-d9ad26618061
x-content-type-options: nosniff
x-download-options: noopen
x-page-id: Banners
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20260105/r20190131/ Frame 3C3A 8 KB
4 KB 207ms
58ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20260105/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3878
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:34:01 GMT
etag: 9949080804817620733
expires: Thu, 22 Jan 2026 14:34:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5AD3 0
19 B 315ms
197ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&adk=1812271804&adf=3025194257&lmt=1756221167&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.domainspurchase.com%2F&pra=5&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883133874&bpp=172&bdt=435&idt=486&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5066885412379&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=544

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:54 GMT
expires: Thu, 08 Jan 2026 14:38:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 59E1 145 KB
48 KB 513ms
440ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

f03878c0416229bdc083f4f114535df05ad3b043b3c6d48c3ddd05c6e3aac59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48967
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:54 GMT
expires: Thu, 08 Jan 2026 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B68 69 KB
27 KB 386ms
372ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

2013ef7dc772b153e4fa579cbe95aa038e5b239bcc22ae11a97c5dc80e2ff9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 27548
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:54 GMT
expires: Thu, 08 Jan 2026 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2542 2 KB
933 B 256ms
255ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4163489957&adf=99222838&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134122&bpp=2&bdt=684&idt=412&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=421

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

e5941f97a77d0280411fca38723c00150aaaa74e5d20934559a57897598a86a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:54 GMT
expires: Thu, 08 Jan 2026 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56CE 2 KB
960 B 262ms
259ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4163489957&adf=3413137819&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134125&bpp=1&bdt=687&idt=434&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=440

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

e5de263e5c408ae0209a665712c9e6d310b152f290a6050bc1365b88f6554401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 936
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:54 GMT
expires: Thu, 08 Jan 2026 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7C7 2 KB
977 B 267ms
266ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4163489957&adf=845228895&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134126&bpp=6&bdt=688&idt=454&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2016&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=458

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

d0efd03bead9e44e4a947b2f09cfacb01f5aecf757563b49d4e180769081a709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 953
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:54 GMT
expires: Thu, 08 Jan 2026 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67B4 2 KB
958 B 286ms
269ms Document
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4832625289&adk=2474917049&adf=923039568&pi=t.ma~as.4832625289&w=950&fwrn=4&fwrnh=0&lmt=1756221167&rafmt=1&armr=3&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134134&bpp=3&bdt=696&idt=461&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280%2C950x280%2C950x280%2C950x280%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

869d235cbebd000e0ca5eadc57736459e414234c5ef2d09b06b0e7bf85614368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 934
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:54 GMT
expires: Thu, 08 Jan 2026 14:38:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 style_banner_34a16e.css
static.admaster.cc/js/template/style/ Frame 6B68 1 KB
889 B 256ms
78ms Stylesheet
text/css 34.54.226.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://static.admaster.cc/js/template/style/style_banner_34a16e.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.226.54.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94e5a4052c8f4acff783d75d4f41f1f43783ad6d80031044110083f9cbbc0fff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=9PupSg==, md5=5Y/tuloHkXzUS3cwd7atWg==
content-encoding: br
age: 1531
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1520
date: Thu, 08 Jan 2026 14:13:24 GMT
last-modified: Fri, 26 Dec 2025 02:16:17 GMT
vary: Origin, Accept-Encoding
content-type: text/css
x-guploader-uploadid: AHVrFxOvVYK1Mpum2mBZw6x7CJKYMIljHzsP8kcLHztd3DcOD_UGTD3dFSgiO8uaj4KzGmbTCndn67M
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1766715377316156
content-length: 430
content-language: en
server: UploadServer

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/ Frame 6B68 3 KB
1 KB 279ms
101ms Script
text/javascript 142.250.176.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 6986
x-content-type-options: nosniff
expires: Thu, 22 Jan 2026 12:42:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 08 Jan 2026 12:42:29 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/ Frame 6B68 21 KB
9 KB 266ms
89ms Script
text/javascript 142.250.176.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

cafe /

Resource Hash

7c2a319af282b5ae2ed151a1daf4ace7f5d041af58157b8fd7c27974bf40187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 5680856984361098836
age: 67615
x-content-type-options: nosniff
expires: Wed, 21 Jan 2026 19:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 07 Jan 2026 19:52:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8670
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6B68 227 KB
70 KB 191ms
63ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

73b6bc92bb30d26ac26c7f3eccc350f2694260c064cdaf588cdd945a642b16f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 12901288525138330123
age: 1963
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 15:06:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 08 Jan 2026 14:06:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 71561
x-xss-protection: 0
server: cafe

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B68 0
0 83ms
82ms Fetch
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKIkCfsFfaYqmJaHHpfgP0dCU4QyltoSEe8z8yrWgE8CNtwEQASCG8q5XYMmGgIDco8QQyAEJqAMByAMCqgTFAU_QMvT4kHlyARfyQIGDUYMDfulaqt-gq9PrFPj7KXLTAiq1XjFKKT7C4WSz9ygCW01V4wj-X0QAvKwb0-S6xW5XmEfS3N8aivuqo_kYiAAYVS2X4pyYwmpePWsejaHoNwNu7WcE5WWp1xFtcwvPz968RLk8vOL6ASyzZjJ0XWH2IPWyDxsLE1v1Ts8dDALzk7KbWJxmQhU8Z_tVYCtHYJ8pjF2CWICy9sZUVSwiqB6SUFn1W-TBaDfyxzLGWkaltDMQaeUOgAaV3rus7KvV3pYBoAYhqAeT2LECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WMbJ9_GV_JEDgAoB-gsCCAGADAGqDQJVU-oNEwj23fjxlfyRAxWhYwkJHVEoJcyIDgnQFQGAFwGyFyoKGBIUcHViLTgwNDk1MzQwODY2MDQxODgYABgMKgo0MzAyNjgxMTY3UAGqGBcJ76fGSwewzUASCjQzMDI2ODExNjcYAQ&sigh=7VM4x5R3n2s&uach_m=%5BUACH%5D&cid=CAQSswEAwksa0djGH_CUXdgIhjTL9Mr4dDfVc_Rz7AVlkEVknxjgqyXJYF-bHE-lGrjsxDUjhrxKUYuUX5d6zspM1Z1S0T2FyEpaA-SlnbWo9FxOPpJfa-fXq3bccKP1fCLb0ztY2dBpNTPPMqInu0Wj5fd4tjbCUZZsDDjGpyDLEeAZXRbqry-6P4VanD19wUXVdBA7tpeBy5XF4YRBpqCwTiqzOAFcUJHkD0SfLaAJHJHcGpivxRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 14:38:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 95ms
93ms Fetch
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s37-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.domainspurchase.com/

Response headers

GET
H2 204 win
tracenep.admaster.cc/ju/ Frame 6B68 0
0 431ms
188ms Fetch
text/html 35.209.233.198
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://tracenep.admaster.cc/ju/win?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=df2f3f58e3737c667e2c3e16c1f03205&acid=75&data=tu-8g1IJXAQAXuBm0uXAOh4O3D1yOufenjESGQ7j2yGphH2cvDBqsqtKyUKXzkU_0vKDwx82B8BbzORWuzjRE-S4j-yMzuWgGemeFOxYkZEm9fB4El6neSrtHrJ8PwLOFRh6ISNL2605QSkR9E3dRkuPxffh48J-BL0nr3fpj_y-2xxPoCXGWCGvai328ojJZoMUYkPl5XwojQjGuYa0YU9V5gu_uucggp_m_WdJ8cipFxT85t2PkctvNWTGjBVJYfof5YrY3k3Q0HaYmunEDQOW11xtJ-p6GBzOaN19WWUV0qLuHd7fcCazbl9F8ZBzlHI_qPvyVZgmLpZFM5I4MnUNMQ3bJ376UZcdpCa9TuiIK81FCuvRBlGWHF21zTWJkXJKkZIQPusFid4Ta8xhS7vDgxPQrn58KShzAZiKKHp5AmU6Qoujt19QFdv2fOjFMWSyT1g_RCD58GGCTU17IAmXdPXdiGSHM2PP5FDICvlxpnA6jY4S2dX7cxLsQ8mIC7I5Ds_iT-VBbupgvakPdxmD5f_0FUtfz6E_t0KPy9Z4JGXKpR8dhcKqdXkTiXyPcLdVY0_1yW2ipWFuzgwrTcRj6FatR66BFMDOZgqUn5QHgrxY3ZVtempit7-Rp1944TeSVR0-FBRqq96IHuqISMV3G-RM_GXtdGCJDgN46jdlyik3RYgyf2554DXNtjYDD8JwlzE50gCNVRJzCn1q6nQuKxzhUSp6qdVGduecNGsmsqP_p2vsZoOaSFikHpu4ws8xaqiZxlypK5HRM9On8-eSTmXl0yPnkau9SGUU4gRH2U98Qwj5qXY08SDHbYH_yM8lOjsrBbBaK8CHGBVQiaTJgeW-FaLrjhYng4co51c&uid=mid_2f6ae0c83382b7b112d47e58b8ce4e98&mguid=&ap=aV_BfgAJUwoJCWOhACUoUemCm8kByNc0_kre8Q&tid=102
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.233.209.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Jan 2026 14:38:55 GMT
content-type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ Frame 59E1 17 KB
2 KB 225ms
100ms Stylesheet
text/css 172.253.139.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.253.139.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yuiadsk-in-f95.1e100.net

Software

ESF /

Resource Hash

cb0a81e3b65b55f5686972c4337591bfe6f2b9113e5965942c2141d53ad1f477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 14:38:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Jan 2026 14:38:55 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 08 Jan 2026 13:04:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/ Frame 59E1 2 KB
899 B 199ms
104ms Script
text/javascript 142.250.176.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

cafe /

Resource Hash

e108480a9894485059f2b1676b6e05a34af2ecc20fbcdd034d37e768e5356223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 17680144762512659466
age: 67615
x-content-type-options: nosniff
expires: Wed, 21 Jan 2026 19:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 07 Jan 2026 19:52:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 818
x-xss-protection: 0
server: cafe

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 59E1 0
0 90ms
87ms Fetch
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4t_PfsFfabf-JeDzkPIPyrjXqAW4w7qKgwHzkPO6_BGX3qK9wAEQASCG8q5XYMmGgIDco8QQoAG4wfClKsgBCagDAcgDywSqBOsBT9A1ntNx3nRLtkv_kKK3nHyUbnTq4oI9KA8Z3N8PZPYicbjWv6Yq1LGNUVxEdcwoc5wswsqLoQdLDl3-n2o350DzwKgtf93R_lRvxk7gJlAe8ehl4-PzU1gkCbatv0a2XFucxv624SvzegDWYx1bwETDMtOzBAVzWCDPgsvuwwsR2MQUCS8bJ7jr-KjmRqqSLGVoZCdcpKBRah4JA5B5mhlaAvNhCKxHC0sRW7CIcSvEVn86ewMVXMv2QfVtirP-8RcbzCZVMi-eFkgDhaszWNf5aWuM49PxMMHmNnKfMOKDBCdQLAgf-y-u48AEqoqpmKwEiAWB1eHdTKAGLoAHuPnAhQWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgH98KxAtgHAPIHBBD4kgvSCC8IgGEQARifAzIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljmzvfxlfyRA5oJOmh0dHBzOi8vbWRscGEub3JnLz9nYWRfc291cmNlPTUmZ2FkX2NhbXBhaWduaWQ9MjA1OTc3Mjk5MjGACgHICwHaDBAKChDA7qfKtdaz_RISAgEDqg0CVVPqDRMIs7b58ZX8kQMV4DlECB1K3BVViA4J2BMDiBQB0BUByhYCCgD4FgGAFwGyFyoKGggAEhRwdWItODA0OTUzNDA4NjYwNDE4OBgAGAEqCjQzMDI2ODExNje6FwI4AaoYFwkAAAAAwEsGQRIKNDMwMjY4MTE2NxgBshgJEgKqUBguIgEA0BgBwhkCCAE&sigh=nMWy5H0Y4mU&uach_m=%5BUACH%5D&ase=2&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&template_id=5000&ebtr=1&vis=1&nis=6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Response headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260107/r20110914/ Frame 59E1 21 KB
8 KB 189ms
103ms Script
text/javascript 142.250.176.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260107/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

cafe /

Resource Hash

bd04667d5d5feb14319f345a1a8e7486d8ab5aea560fb8be53cae5f6bc9d0e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 11386605814003084292
age: 67615
x-content-type-options: nosniff
expires: Wed, 21 Jan 2026 19:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 07 Jan 2026 19:52:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8505
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/ Frame 59E1 3 KB
0 206ms
206ms Script
text/javascript 142.250.176.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 6986
x-content-type-options: nosniff
expires: Thu, 22 Jan 2026 12:42:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 08 Jan 2026 12:42:29 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/ Frame 59E1 21 KB
0 201ms
201ms Script
text/javascript 142.250.176.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260107/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

cafe /

Resource Hash

7c2a319af282b5ae2ed151a1daf4ace7f5d041af58157b8fd7c27974bf40187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 5680856984361098836
age: 67615
x-content-type-options: nosniff
expires: Wed, 21 Jan 2026 19:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 07 Jan 2026 19:52:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8670
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 59E1 227 KB
0 99ms
99ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

73b6bc92bb30d26ac26c7f3eccc350f2694260c064cdaf588cdd945a642b16f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 12901288525138330123
age: 1963
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 15:06:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 08 Jan 2026 14:06:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 71561
x-xss-protection: 0
server: cafe

GET
H2 200 45be4f91b3dddab999519aa341f7f43e.js Show response
www.gstatic.com/mysidia/ Frame 59E1 42 KB
18 KB 246ms
74ms Script
text/javascript 142.251.111.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/45be4f91b3dddab999519aa341f7f43e.js?tag=addon/mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

543c818289f74293ed0e90a66f71d16ab30e2d737e52365740c4111f2743cb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
age: 5486
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
x-content-type-options: nosniff
expires: Fri, 09 Jan 2026 13:07:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Jan 2026 13:07:29 GMT
last-modified: Wed, 07 Jan 2026 22:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-opener-policy: same-origin; report-to="mysidia"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
accept-ranges: bytes
content-length: 17502
x-xss-protection: 0
server: sffe

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2665042819683008466/ Frame 59E1 21 KB
21 KB 201ms
123ms Image
image/jpeg 142.250.176.193
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2665042819683008466/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f1.1e100.net

Software

sffe /

Resource Hash

8d6e71f6d554195307e6d969a336e7b7f6c9409bc99ec1626c42741015c2ba9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

age: 10229
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 08 Jan 2027 11:48:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 08 Jan 2026 11:48:26 GMT
last-modified: Tue, 20 Feb 2024 22:17:49 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 21033
x-xss-protection: 0
server: sffe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 109ms
107ms Fetch
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s37-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.domainspurchase.com/

Response headers

GET
H2 200 8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
imagesnep.admaster.cc/ML/ Frame 6B68 9 KB
10 KB 367ms
34ms Image
image/webp 34.111.60.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://imagesnep.admaster.cc/ML/8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.60.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bfdf1278ebc31404f5a9a52f8d69e1ffc2c99a00fec4290482bd012cf24492f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
x-goog-hash: crc32c=0LPMCg==, md5=8Hfu6deM9CRT0A9dks0ujw==
etag: "f077eee9d78cf42453d00f5d92cd2e8f"
age: 582
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9614
date: Thu, 08 Jan 2026 14:29:13 GMT
last-modified: Tue, 31 Dec 2024 23:50:02 GMT
content-type: image/webp
x-guploader-uploadid: AHVrFxOEFiCGf3akvf1RwkA61_XY2k9nvEcshcT9oamo_t8IPO7miO9Hb-6HEq75Jq7qz8B3
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1735689002192221
content-length: 9614
server: UploadServer

GET
H3 200 cookieSync.html Show response
static.admaster.cc/js/ Frame C083 8 KB
3 KB 82ms
47ms Document
text/html 34.54.226.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.226.54.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-encoding: br
content-language: en
content-length: 3371
content-type: text/html
date: Thu, 08 Jan 2026 13:55:58 GMT
last-modified: Fri, 02 Aug 2024 07:32:17 GMT
server: UploadServer
vary: Origin, Accept-Encoding
via: 1.1 google
x-goog-generation: 1722583937076126
x-goog-hash: crc32c=gjgw1Q== md5=SO8vtU0BbZFyVEylosiXmw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8007
x-guploader-uploadid: AHVrFxNXPdYDy5zhlvWv2vJdYCPBaOXGnZOD64uQ8PKIIHbVn2JI8ToIoTcFhFyMY9m9kHQ_

GET
H2 204 ic
tracenep.admaster.cc/ju/ Frame 6B68 0
123 B 151ms
115ms Image
text/html 35.209.233.198
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=df2f3f58e3737c667e2c3e16c1f03205&acid=75&data=Eq6MtM7axIydS0Yo_T7xoOugX0TXjBv2pXb44gKyaxTk6Kk7_ZWosBFwv7sznhHg7VLMJl6xEf-M85K_ebLNmDHnnv26nZJLZNc1trc6zUiD2RxibdwH-6KSvRFWAwHHQoksDaBH18-oGgMEVwUSJHP4FJmScL0Ip4csQR8FNh3DzCTknCS_H3wMu6H8cNjxbzB5d7r8wqc30NMHHVg6h6w0D55S6DZB28FjNch471eHRV_wfc7W5Vtn_ipQZaz8f9lQW3xXn_xfmXCjuYRdygiHnEbzVla3uc1LCYa7xm4SMGxjPOhjLNG0un2MosfYY-i6jYWaVvwHrumDIPINF5KN0ym1wRwElHuuPhPg04aqdH-VYOyX-6hOg32iA7GSLstHdv467Jqi7rjiOCSHJq4D6rYyOuWS3oPt607fbLkImu-4Ni4m5aJVJozOupEHhPfLr7Ign4D6nZTHe00qnaMntbb3QCs-WXbMIsAsPx69GTFJHC1izLbIwlQZXDBvnh_ApR_kjG321Goskb4Xd7YjSOANTNJ-_HCxsanYGw_7HOwrsO9vrvKpENjrWVPdUL8nh-HYdQrGMmX73LCLkf-Dl9B0XrArM4tbwHmS2VBedMn_Ui59GmICFXL0p8tls5BDbSL3nXXAiPkpWURGSEMQIqjBLgXxSMn8ps6sODCu5xqjgUbLSqineGhpMqakkl3E9xDr9_3Y8dN0eOlPS9mvoNNTySqa_c7UlWgfhJ6-vE2dVpnoUO6wjSAL8wIajLcfeiDKyWBT6NHiPYs2VkUJ6lZYPEe5pFFBY39DEY-HllCrT_ZZTvp5hZvJFj6gY5s_XfkHemaMX6oEKWJ3GeVmB4ovSF0F0qcCehc63A2oM_jS8zPJ1XbdD76jUJAz221mT-GtVJZAdiC9A_Yl1n6qLq1Js5DU0MNnAM1zsOQkDVDh-qH9tO9VP6eRfL9imDk9STEWLH0nJOpfxQSVzG_7Y0uEaHIir3WGDBY36h5rT-Gvs6wk9oOl_r04Weu1A1Q9wGMjDL7SsQMfH44euMSQhWEw4tgLyDjJkc7AW48DmCvdwclk8OLbxQkGR6W9ELQUaI3GHmQSuH-dJgJSpDEnG4wTT8P9CP6LyEg4C2szD30ctacSPItsjQUiKwkWTKt00Vuy2n4BKXmxoec0JdtGZ2oGVMBVZrmfEBhlWXW8Gj3mlMG-MnCH1d-aQhjdOFyUTrNJ8KQTOEl83bosEzabgFNmMacTgcRW3OovJDpYW6c_V1jaBi7czpk-mhpioagSTxXB8mBk7iVayM2eXjaCEOniMYpbyP0Pu5zpiciUo9dp_4PMNv8OcleqWvpy32qAejPOgc3In5Gh-GpRvdYYlE27HYr49O2uPdvjqSlnw3TV7jfvUxCSq2TboooKL_1Ewo2j8YvSAGzxGlaZmgdoVvIjerwXyh0-zeWYsB-ILgTVaqLq39wnA4kRSej8zQ5I6oIni40PPHTylHndiNS50ApotOC90xwVqKDkR8ks_al49Q1EQpOpZArhBiQo4Ah1Bf3zbUODAPgvEx7J-8rr7FM6oSN0-OHX9D--4BJUECbtShyfdiwUmrkwaDzcqQIVZ545Ytx7iH0qUdv3A1iPCHFb83gaJaC9DLgXY9ks9ogBs8byazHMk_K1YYLIgYuYok36aUIN8UAE2PD8rMo0yMhq1Edxv8CT2PJJupc&uid=mid_2f6ae0c83382b7b112d47e58b8ce4e98&mguid=&ap=0.019813&tid=102&c_sync=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.233.209.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Jan 2026 14:38:55 GMT
content-type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6B68 212 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a8fd762c01b6a323bf30c601ea96dd9fccb8aa9a16ab0c0daf957722cc26bdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B68 0
0 99ms
97ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B68 0
0 112ms
112ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 59E1 211 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01e3bad31a61b7a85a6954d1ae58441cf91da85cae4c9703ad72156da9575f6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59E1 0
0 95ms
91ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59E1 0
0 95ms
89ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B68 0
0 95ms
90ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 en_CA.202b66b277e7cc4a32da.js Show response
c.travel-assets.com/eg-affiliate-products/l10nBundle/ Frame D836 51 KB
13 KB 502ms
172ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/l10nBundle/en_CA.202b66b277e7cc4a32da.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 70b97cb9b036cbe3c530fbf798f384fa07be481226a1b96263b86b7b09ed4406

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: N1N75AAQRGjBsMsxGH64Kh1h/ZqKgZcK207Iah+0Pvb3KAs3hgjt5QWeBWAObZx6KcQT0vsCuxj8xTj7eGfqJSKHJX70Z3uE
vary: Accept-Encoding
cache-control: public, max-age=92102
timing-allow-origin: *
content-encoding: br
etag: "b1b8fa1cfa2b8e27bbe482d3a9bdf834"
x-amz-version-id: MZmEt4Jmptd4.H1SAv3dKWsKrttLd.MV
x-amz-request-id: JBQRAVJZSY51P9N6
alt-svc: h3=":443"; ma=93600
content-length: 12417
date: Thu, 08 Jan 2026 14:38:55 GMT
last-modified: Sun, 11 May 2025 23:56:13 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 app.188cc46759e2d2bcd4e5.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 98 KB
18 KB 610ms
280ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/app.188cc46759e2d2bcd4e5.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29d3e9f4349ab461dd191c7d393637d2780db8adddcd0261de325922aef395b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: Zu7rwSqtvKICD66Mp+Ox+NLI5wOWX/OisTn80tgU2/1H/VDDzmwMsv9vk5ZWFPzhVjOZN3hHmok=
vary: Accept-Encoding
cache-control: public, max-age=829972
timing-allow-origin: *
content-encoding: br
etag: "e90b951aba1772f9dbdefc8392370a87"
x-amz-version-id: AiWTHDWX1K6o9q09bO42hQwFjaxhTEJ9
x-amz-request-id: WN2KSQZNQJ3W09JD
alt-svc: h3=":443"; ma=93600
content-length: 18544
date: Thu, 08 Jan 2026 14:38:55 GMT
last-modified: Wed, 27 Aug 2025 02:21:41 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor.f6bfd0e1c8d42d715564.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 226 KB
69 KB 440ms
189ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/vendor.f6bfd0e1c8d42d715564.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 423c225dd9e4167ab93a0f249bb7ed5153e03aa2a1939ed9f121425d016b1e73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: VqUOgp+k1jNk7aFMxagXPkNrGE5I46x1A5D1D65KRTQ5m+AQ9rJkoGsiGavYEPwf0umSei39Odc=
vary: Accept-Encoding
cache-control: public, max-age=345578
timing-allow-origin: *
content-encoding: br
etag: "9ca02cabad0050f1e0bd6fdee69e809f"
x-amz-version-id: t8YJjyCDyslHxY0ac2huFro4SYSGDC71
x-amz-request-id: 61F88K39S9H4ZH6M
alt-svc: h3=":443"; ma=93600
content-length: 70157
date: Thu, 08 Jan 2026 14:38:55 GMT
last-modified: Wed, 27 Aug 2025 02:21:42 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 shared-ui.d98f9ee08e271c47f6fc.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 21 KB
5 KB 644ms
393ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/shared-ui.d98f9ee08e271c47f6fc.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 66014fcf7dddddf02c194fd11928927bfff60026c8bc1d5316c860408d59a6d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: y0kRpEx7uzVP30DldiHcBYSMCyfI21UaOenlqTCAfG98dPMz6Eqda2bcMRkFjjL3cqiEpGvh1qJkFvF9qJdM6LhxFdwWGcnVr/yG+pYCL/o=
vary: Accept-Encoding
cache-control: public, max-age=390223
timing-allow-origin: *
content-encoding: br
etag: "bfd1950a2308fb614f408d0fd62a8311"
x-amz-version-id: HqsjYM0BKYdXlOX4fcHmN6_VRz5c9t8d
x-amz-request-id: Y7TX9W2CEJNYC3ZC
alt-svc: h3=":443"; ma=93600
content-length: 4994
date: Thu, 08 Jan 2026 14:38:55 GMT
last-modified: Sun, 11 May 2025 23:56:13 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pap.77d38fe620896e5669be.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 211 KB
61 KB 552ms
302ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/pap.77d38fe620896e5669be.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 73c930f46b9fc3b0ede1310ded253e8be43d27d2f1334f50018e166698d3c7a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: V1FlpZql442J90pobTeicWfiruBBmUKttaDrgRuoes70QBln43+D+PJzjYQumvgI7k3hEaeu9lEXxJRtbgF1oNUslLaM1yXU
vary: Accept-Encoding
cache-control: public, max-age=964249
timing-allow-origin: *
content-encoding: br
etag: "581e1319ee4eff08e0b57003779186fb"
x-amz-version-id: vTCwABMdGk0_mGA6GSJuU3QJ87raOKer
x-amz-request-id: 1JNAYVS186S3XKXN
alt-svc: h3=":443"; ma=93600
content-length: 62126
date: Thu, 08 Jan 2026 14:38:55 GMT
last-modified: Wed, 27 Aug 2025 02:21:42 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 global-components.d6adaea6ff39f9e21fca.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 3 KB
2 KB 529ms
280ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/global-components.d6adaea6ff39f9e21fca.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2540e4f42ffadbf6fcfe7de7726930ed5920dad172a3630a0951981b618b843a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: Z0AYtI7bcH10f8ruUgHQ1uSeB/QV6l+shEleRCVoBQr45+rSwftP5ra8mXodsCTbTu5Vq9ozVuWa5IY4djH7wAdP2R5owt2G
vary: Accept-Encoding
cache-control: public, max-age=1043659
timing-allow-origin: *
content-encoding: br
etag: "c6cde95c5243f3f9ef974b0da101f7ec"
x-amz-version-id: W21sLbki6w2Xng9Xu7cjMq9.XBuczKf8
x-amz-request-id: 89DWR17F7S04HCCE
alt-svc: h3=":443"; ma=93600
content-length: 1191
date: Thu, 08 Jan 2026 14:38:55 GMT
last-modified: Wed, 27 Aug 2025 02:21:41 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 uitk-icons.6e3649b2ec03acfa9a0b.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 4 KB
2 KB 190ms
187ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/uitk-icons.6e3649b2ec03acfa9a0b.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 084ed124865bd41911311c34f9ecec8feb9344d5af617c8641c74a8115ab5877

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: ukMuVYo2eigzRGUoDYxi9pWaZvNjPqLj7913SvenyZKot3B1x87Ey/APEMOF4LhMUOvCR503l/Q=
vary: Accept-Encoding
cache-control: public, max-age=175073
timing-allow-origin: *
content-encoding: br
etag: "2c316ba02f1edf51fe3b6a9a1e603df2"
x-amz-version-id: vTG5_GCPgyIASs_nai2mGCfJq35Qa3Cp
x-amz-request-id: JBQRXHV2YX1SKK8V
alt-svc: h3=":443"; ma=93600
content-length: 1802
date: Thu, 08 Jan 2026 14:38:56 GMT
last-modified: Sun, 11 May 2025 23:56:13 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 graphql.6dbe2668f2c76612129a.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 176 KB
48 KB 405ms
403ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/graphql.6dbe2668f2c76612129a.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3b8cd3e9250553599c127d2ae5ec4b2de54e2d529f0c68c06c4dbc8fcb36b9eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: Y8keEFBWqfKBYAqXSMuuMOCNUrbZzYz/Z7HzenRz+sFnLFU+IGCuU1S6Z8l9zneIeAHAauXaWsftY3YPAqJE2m78Fioh0DVqw0f0bjEVlLY=
vary: Accept-Encoding
cache-control: public, max-age=1031734
timing-allow-origin: *
content-encoding: br
etag: "d700305118e766931378543d225fa605"
x-amz-version-id: ZI8qj25ezLyd3vupMCFL94qTLf92n1fx
x-amz-request-id: JBQQBRBEXJST17NA
alt-svc: h3=":443"; ma=93600
content-length: 48807
date: Thu, 08 Jan 2026 14:38:56 GMT
last-modified: Sun, 11 May 2025 23:56:13 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 uitk.fcf14c3dae0240737f07.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 197 KB
52 KB 190ms
188ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/uitk.fcf14c3dae0240737f07.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4c146e3fea51cafb9809ed4c94cfc8077b492a87ce5f4b746eb74528961ffae7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: Azbo9aqBkkXsKhlGDfh9Kk7xJ3RBJpiTIlS4ay8cCePoHOabgXbNrNIjjOgb87Ou71JpgdAm8CWYDrnJ6n4GPi1SRYLZeSjQcexTlp+VC1Y=
vary: Accept-Encoding
cache-control: public, max-age=1016097
timing-allow-origin: *
content-encoding: br
etag: "cb80488dc88eb8ea3cebf91a1f21c3f5"
x-amz-version-id: cMDtapt02I6oIVmvSOWACao.1LyCqhQS
x-amz-request-id: YDGJVEY5EK211QAP
alt-svc: h3=":443"; ma=93600
content-length: 52314
date: Thu, 08 Jan 2026 14:38:56 GMT
last-modified: Wed, 27 Aug 2025 02:21:42 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 core.7d936c877f0568384a4b.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 184 KB
55 KB 269ms
268ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/core.7d936c877f0568384a4b.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 523a00b1969c40730c86d4819b233c4f07680836212c6fdcc3d85a3c54f2a0f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: Q0Gs0tpOY5WTZmVvCtOif5YfzG7aNcPsiI+TYopjXn/Cfpll39SLVrxtb5zE3bVT1Rp1fh8QCdnzgeOWkHOOPfnSW8ogosdJ
vary: Accept-Encoding
cache-control: public, max-age=1031785
timing-allow-origin: *
content-encoding: br
etag: "c67f8f923b2abe1dfe42dddbfed01028"
x-amz-version-id: sYc9lQbbt2HcHZpZJ0H7gFCJsJEu3kRi
x-amz-request-id: JBQYQBA6PED1MHQZ
alt-svc: h3=":443"; ma=93600
content-length: 55883
date: Thu, 08 Jan 2026 14:38:56 GMT
last-modified: Sun, 11 May 2025 23:56:13 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bernie.80a9b7d7febb69672d08.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 131 KB
25 KB 367ms
366ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/bernie.80a9b7d7febb69672d08.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aa66911858929052eef29717451a1fada41bec4de42ac449cb99fce3598d9204

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: DaYUPCBOlnPY7pv7UmksQP5x4LKJIckTjEqtuWpHA3E/cmXfCrVJn8ZOsrxwSMN0Qlz6FrVFbD0=
vary: Accept-Encoding
cache-control: public, max-age=1031686
timing-allow-origin: *
content-encoding: br
etag: "3d6a880296a02b776ef60cb20373b341"
x-amz-version-id: Y7MU3TDBJyyj8AKFf_Ib3b_QkvRO2WB6
x-amz-request-id: JBQQ0487X1235DF3
alt-svc: h3=":443"; ma=93600
content-length: 25399
date: Thu, 08 Jan 2026 14:38:56 GMT
last-modified: Sun, 11 May 2025 23:56:12 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59E1 0
0 191ms
104ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v44/ Frame 59E1 47 KB
47 KB 117ms
57ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/

Response headers

age: 435555
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 03 Jan 2027 13:39:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 03 Jan 2026 13:39:40 GMT
last-modified: Mon, 15 Sep 2025 16:30:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48320
x-xss-protection: 0
server: sffe

GET
H3 200 view
googleads.g.doubleclick.net/btr/ Frame 59E1 0
0 77ms
74ms Fetch
text/html 142.251.179.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/btr/view?ai=C4t_PfsFfabf-JeDzkPIPyrjXqAW4w7qKgwHzkPO6_BGX3qK9wAEQASCG8q5XYMmGgIDco8QQoAG4wfClKsgBCagDAcgDywSqBOsBT9A1ntNx3nRLtkv_kKK3nHyUbnTq4oI9KA8Z3N8PZPYicbjWv6Yq1LGNUVxEdcwoc5wswsqLoQdLDl3-n2o350DzwKgtf93R_lRvxk7gJlAe8ehl4-PzU1gkCbatv0a2XFucxv624SvzegDWYx1bwETDMtOzBAVzWCDPgsvuwwsR2MQUCS8bJ7jr-KjmRqqSLGVoZCdcpKBRah4JA5B5mhlaAvNhCKxHC0sRW7CIcSvEVn86ewMVXMv2QfVtirP-8RcbzCZVMi-eFkgDhaszWNf5aWuM49PxMMHmNnKfMOKDBCdQLAgf-y-u48AEqoqpmKwEiAWB1eHdTKAGLoAHuPnAhQWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgH98KxAtgHAPIHBBD4kgvSCC8IgGEQARifAzIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljmzvfxlfyRA5oJOmh0dHBzOi8vbWRscGEub3JnLz9nYWRfc291cmNlPTUmZ2FkX2NhbXBhaWduaWQ9MjA1OTc3Mjk5MjGACgHICwHaDBAKChDA7qfKtdaz_RISAgEDqg0CVVPqDRMIs7b58ZX8kQMV4DlECB1K3BVViA4J2BMDiBQB0BUByhYCCgD4FgGAFwGyFyoKGggAEhRwdWItODA0OTUzNDA4NjYwNDE4OBgAGAEqCjQzMDI2ODExNje6FwI4AaoYFwkAAAAAwEsGQRIKNDMwMjY4MTE2NxgBshgJEgKqUBguIgEA0BgBwhkCCAE&sigh=nMWy5H0Y4mU&uach_m=%5BUACH%5D&ase=2&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&template_id=5000&ibtr=1&nis=6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 08 Jan 2026 14:38:55 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 eplist Show response
gtracenep.admaster.cc/ju/cs/ Frame C083 346 B
789 B 433ms
210ms Script
application/javascript 35.208.249.213
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://gtracenep.admaster.cc/ju/cs/eplist?tn=2ce2e6e33746b4224011d22068a89c02&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fstatic.admaster.cc&mcb=mmgg_1767883135599_823
Requested by: Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: fd6525b17b1b8817a1a36386382b1f59378fb5e488db505baa78b0d0db818a08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://static.admaster.cc/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: https%3A%2F%2Fstatic.admaster.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 346
date: Thu, 08 Jan 2026 14:38:55 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-headers: Content-Type

GET
H3 200 _DpAYn8KnW9JzIpbp6zFdMsHex1DOAPmwtavu8uJTio.js Show response
pagead2.googlesyndication.com/bg/ Frame E3B5 57 KB
22 KB 64ms
63ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_DpAYn8KnW9JzIpbp6zFdMsHex1DOAPmwtavu8uJTio.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=4261750133&adf=1874522962&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134049&bpp=44&bdt=611&idt=389&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

sffe /

Resource Hash

fc3a40627f0a9d6f49cc8a5ba7acc574cb077b1d433803e6c2d6afbbcb894e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
age: 246175
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Tue, 05 Jan 2027 18:16:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 05 Jan 2026 18:16:00 GMT
last-modified: Fri, 19 Dec 2025 16:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22392
x-xss-protection: 0
server: sffe

GET
H2

200

bounce
ib.adnxs.com/ Frame C083
Redirect Chain

https://ib.adnxs.com/setuid?entity=529&code=8df1d1e144e611ad2spoza00mk5jz1i6
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3D8df1d1e144e611ad2spoza00mk5jz1i6

43 B
1 KB

109ms
107ms

Image
image/gif

68.67.179.153
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3D8df1d1e144e611ad2spoza00mk5jz1i6

Requested by

Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02

Protocol

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.25.5 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://static.admaster.cc/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 37.221.112.220; 37.221.112.220; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 77b6fb5d-4513-4fa3-99ae-744f09fd59c5
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 08 Jan 2026 14:38:56 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.25.5

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3D8df1d1e144e611ad2spoza00mk5jz1i6
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 37.221.112.220; 37.221.112.220; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 2c70abde-14bb-4ed0-9937-81359c741397
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 08 Jan 2026 14:38:56 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.25.5

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C083 170 B
410 B 350ms
161ms Image
image/png 142.251.40.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=8df1d1e144e611ad2spoza00mk5jz1i6

Requested by

Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://static.admaster.cc/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Thu, 08 Jan 2026 14:38:56 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C083
Redirect Chain

https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=8df1d1e144e611ad2spoza00mk5jz1i6
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=8df1d1e144e611ad2spoza00mk5jz1i6&C=1

43 B
714 B

100ms
99ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=8df1d1e144e611ad2spoza00mk5jz1i6&C=1
Requested by: Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Protocol: H3
Server: 104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://static.admaster.cc/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7rS1Qmgf7wEVuGnK6q8iRA5WjikozAospsctPrLI8FqYbNcVbdeQH7BgEuif%2BZI7AwfMDD9ThoTzFmh9N%2FFaH0DyqO7cJOiGJUH0zQKVCiN%2B2x93bKTe"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Thu, 08 Jan 2026 14:38:56 GMT
content-type: image/gif
vary: accept-encoding
priority: u=3,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9bac71019c685c77-MIA
content-length: 43
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UurP%2Fj2e6xNz%2F32XBuh5hb6MgazDzw0Wd2eFV7PQHnZzuwlGTw1Jc9EmuwTHtZhVr1dUKDqHhlP2xfb5KTgFL48IFseeaUzR2%2FJOc3BOpDIEOw%2F59wF8"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Thu, 08 Jan 2026 14:38:56 GMT
vary: accept-encoding
priority: u=3,i
cache-control: no-cache
location: /crum?cm_dsp_id=215&external_user_id=8df1d1e144e611ad2spoza00mk5jz1i6&C=1
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9bac71011c0f5c77-MIA
content-length: 0
server: cloudflare

POST
H2 200 c
gtracenep.admaster.cc/ju/log/ Frame 6B68 0
61 B 103ms
85ms Ping
text/html 35.208.249.213
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://gtracenep.admaster.cc/ju/log/c?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=df2f3f58e3737c667e2c3e16c1f03205&mguid=&c_sync=1&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:1767,%22time%22:1767883136290,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 08 Jan 2026 14:38:56 GMT
content-type: text/html; charset=utf-8

GET
H2 204 ic
tracenep.admaster.cc/ju/ Frame 6B68 0
122 B 137ms
134ms Image
text/html 35.209.233.198
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=df2f3f58e3737c667e2c3e16c1f03205&acid=75&data=KlWcfpG3C_fvaQkJlKrh5syic2L3w_CgxevbGXarFpbx8YS8B7ZLJg1OLVEZqcYqSa0cOBf8ggjIeDo97ON1jrn2xS0pH6EruNJz_thTvyMTVkx-fLG4JKwJg6pTMGspaAxw2H43pQE3ZhRMdf_rxfVvdBhw7bIzShIptFyMPMkAHlFKlojq5vg3-8p1x6cJNdaQIYwsduCIiZjzEW4gEJthcR0kd_Mmi8cLLQeczdj0Ps-AsVr8wXWEIrzH-gzwKGEGImTc6eBfCMnqNIGq1B4dAqDf5kbaptdbWrKcvmgkDCkUjQOtuxAtcIkdPv-2M9G_Jtz5JNJ4odU5CaU3SCK_oNFFjXPBb0XjfpJ2aaibl8xd5zrP89Mc4bsn6-ogt9JVG6LvgChlskss9szgtfpYhmhfLeXKflrlEiThCUzQF4XEnyu9vjP3PycUIWHGhkw5xFstAFQ3aV919GadCnATS-uR_KKJPVTCPngxXu4-yyWEaFpbFeGuBPP-3cSiD6wJ1BiymcuScx-WM6f4gd_lheNlBdHkhL8L2BToWux4o1uaYNnNanr761aLT-cGOBRX4ok4dbD9ojynmHh2XEXBTmQhzxrPmuiejs0h_IzCE0Gpb1dEr4IDU7hBt-_6dUBa5mnllIaHr6Ht4_o8EUOMtMjnqxMOxGOleRlgOhD-hSQ4Oa3zScT1xy1p2mn7ly76mHvTAbGM_UQRGTytepjLhZdcn6_6kjd81BemRkH-auZ0d9EQLqH2QmRnOTFHkd1tNRvXIOCD2p_FlPe-63bY-V0H00U0QsvZ5ox_RdM00X4HlOMQ_sMv2dCvNGWIxgCLUUTXUyxH8ItbYIpAFOeD8CXlH1tQhEwFR_XT3co2aXyAHS4viOWRfCgcpZ39tOxF7_2jGO7jzzqFMuG_mdl5fUiw89QD6yZNq9N9zASs-ZfTKOf3RYe7sfWfTH2ZuA03dtp_T8lTGlQbf4SotKsBvJPxnaHfHYOTUZeIHax32nUKGPyQ_aEgXRGg_eAsIa-0dnEmVPmm61R5A7pymJ03EBKyLGi54NVeMLOizX1FH15RpexYaxeken_60BQ1LB7K3vMZSDhFgK0OJLJ_kDT1AhzP3qW5m9WNRU00hTWIno565cpOEnDqW1E3zzwtWSnig-WdzWrIn4cQjEhRldbrmSsDbErSIB4t8C4Pt739LyPm5hRFFa6PWb1cq4eusL2eDFh4OrubU2OpoRShySsy6Y8WGy2v1jeJBQfkIBwE1ZkssIMqEOeC1z3E8uqyUe7vQap6PEJvqKv-EvMYe173ewGt1swnS1gWdGmz56Xeco4epKE83xliANR9YTaPhv20w5BZe1LnYIw7lB-EpjjXAtRNaHWCU-hPIXbYt3aa4s-z2TDkbQtbqvf7NWBi5NZV3LtembuO3BfOI_gSbLUd09qlcJfVAhOdkxLjVes3Xw80NZ36xGyHSClGltVXtHaefhL9--X5iDwiokq1oJziB3EHMuuUY4fZOeXcQpfyi9ULUjaggi7FucU0AMHcr1hnLKhJOASXKVS5YFumFQN3ZAmLimpVGx1pFA4LZYxy6tLXyZMaS2lbs9Ds6m4ZQxeabqBJ-I3B4Yiu0Qa2pbcdlbQWGpCIecXU7MSjQKjovDwO9FI-f50f7kRMV2IDUvasyok5XTQ2s6Ex0RJNdUWcAZdFSeS1E-IeLCbnVKE&uid=mid_2f6ae0c83382b7b112d47e58b8ce4e98&mguid=&ap=0.019813&tid=102&c_sync=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8049534086604188&output=html&h=280&slotname=4302681167&adk=2097195300&adf=3660309217&pi=t.ma~as.4302681167&w=950&fwrn=4&fwrnh=100&lmt=1756221167&rafmt=1&format=950x280&url=https%3A%2F%2Fwww.domainspurchase.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1767883134102&bpp=1&bdt=664&idt=410&shv=r20260105&mjsv=m202601050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C950x280&nras=1&correlator=5066885412379&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096103%2C95378599%2C95380018%2C95380465%2C42533294%2C95344791&oid=2&pvsid=1824827493075153&tmod=1103503195&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.233.209.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Jan 2026 14:38:56 GMT
content-type: text/html; charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59E1 42 B
65 B 107ms
105ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsug6YwrtL-tuAsYdDY2wIn3Npajx-u7S4jG-_YZLJdfeuVYdEjhoFP2u6EBuys9dmX_CjIrm9GzNsIUu5DfOb3xGL8F307E1aQtahFg93j8h5B11HIpiTLcLW22JG_AmceaJc08LbdLLqao1hEDn4SpRDyQWfSPCQUyL5mlKmFLfkCYHEjnK7do3r1LekPRtV9TtLhG57tX1HOrK8rkdrJhDsXZncje4mHzsjbK68ECgp6h938P0RH6owXne1pulD_HAXZHwAe7KzrJx5N3vr-0t3wytBcdNWJ4H1w36gIanAV65qF1LNX-pFxhsBtDVW3WtGvsNjdvAlMo4tUYBhxAb3L3FhvvZZUzZ2zyRL0716kNP-S2gbo7DBQSFuQziAneHbKzl0u2kYnCsOj6aV0dTIaVSLB4j-Et2xkIKQYJFueO2J705k5ivys1dxwe8VMkCFT1G1C13eDsKq1ivqHTCeubzIOqS0O-u5_-RgZ1jvx_7OayYbuVGwrqSZeIinisimpmRPtTRbvBuBZXWmzKnXoGyfu2lDvNhXzGzrLyUNjxtnFU3ssB-sc6KCNr_UrcPZ1OjTkqjBh5niPsY8cGjlHFow37q-7gBd1z9L_LCnwMKTWIZCSSfzJ3tdmG1yRoozNGpKrDCIZLFETydA2TzgcjxoRy_EXU4WVNfYm7VEYBv20bjP3fxDmdWWVjzpRRYgkXoOkvTdQ_Gwl1pvwGvJtxfFxDof5lTW3NTPlxs86Hh1h8nG5lCklUmhQEnqbGMnBgyhQ-6-ZU2t0NWFmqp98vjLFS1ZMUXmHAmN29yD7-A_0cBAQKt-P74wvOcApQA-UPu4VCK1i2LZgXaipUiGh2unEtjEg_Ns9giyuLtt1xX2ZnUq5euLa2lVDmv9Qv-EuN_GLKaOoKNsYeL2_DRIgjaYA3A48OwUrXFsNC1ObH9kXwMWoipdVbiybXkBFVIVWst4S0sTzIYM2RRpbzLgOr5SdSJ_3k4GsCbaIvksoehVN6kpsCj9fPk6fpqM8QDZM4rm4vKkvUxlC0rrum9IvY4eMJqGD4HPDNmSn24r20m8FhS0usZ8Qds64DIEwBRl1QVuWMLvP9LW3hLsL-EuAlKEOPH0Be1aDytOIWD2ACU7BrDtKUse38fE4Cb2rS7-lXJVggs-zy0lMEADz32euP3syyVC6S4I6tERX1RmpsDqaOlwX8xcoZTQ4AA8Ex-y1kEWYsWpnlPH8tSHj6ZiPJdd-JjhiY4XxicsAYtG-PvMBr9hkzgOLB5bZIE_C9I4AtZRbwH6AMC1hi4BuUCzt6BF-7rj_r00PmrsNWsOeaSzIVsB8P0WdD9ukVEpK-r9AAVbgicdvrP5RdhCInYsxW3w5qGV9QIOJx1qjhciPkzneoO-53QzUAB8_wwpsTud8sc9vjARiCa7u9AihguBLoE65pPoGWCKl29Xf7z8L4FFbi2FQjOjgdNMoT2nYwa39PnTCGqXnLZ3Ag_OJeGUOMWGaF6mj3bZPLQybrJFcAHZtby9_byp7O4WDaNj53oStxKsA&sai=AMfl-YR-AjFGDWUhScvW3Efs7qIC1zK1Y2uqF8BrqW2OPjd3XcQQa_QQuus-TOnqT9AMtItx5A7tgBqyDgdLuvEGai18U6AnFJpvYnjQHZRS-V3caprz34Pvna_ZlNa8e9LsLUWw8fsyMtVYF6wCvZIriX8if7-1wo6IX22dFheVMbiga2-FT3w-9Et0BVnvdaTvbjqw6bKb8ihJ_h2FsGm18vWIjcoTNP_DH2wQ0QP_qRvOFxISMOVAluaEEWoHbvtDBYuxEXbZaboSV70IV_LAVEWxjJMhx7Z-Z2TPfY-hh5hrMwR7Nw&sig=Cg0ArKJSzI-hYGZmTL2AEAE&cid=CAQSswEAwksa0a3bRdY1iN5qnfPCVvB9D3_uCetdc_12h9VGB8KvJD-HObwel3yKAtDLgbm-HBf--B_-aU2ZCH2aKSPSoMuBoPJEuTv4skzrH9zVZtZAJIxplOTUAtls8_sbTKLJLFvWGWnXFwfYoPt0B8PIWtTrf-qAnw7WgM-mKZpU2LNdfiwCxsmz65c7u09fprfxwaaxt4R3q1kMz7WLMIjdfHGL2RLtUejECwRzJuzrsgEA7BgB&id=lidar2&mcvt=1000&p=0,0,280,950&tm=1088.5&tu=88.20000457763672&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4261750133&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6381593500&rst=1767883134471&rpt=1082&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 08 Jan 2026 14:38:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 202 2x2.gif
creator.expediagroup.com/cl/ Frame D836 0
559 B 167ms
167ms Image
text/plain 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://creator.expediagroup.com/cl/2x2.gif?action=logErrors&logTime=2026-01-08T14%3A38%3A56.635Z&pageName=eg-affiliate-products&message=&siteId=1&eapid=0&tpid=1&appId=eg-affiliate-products&langid=4105&locale=en_CA&guid=0f0ba934-bfde-4a1e-898e-dde07668030c&visitid=0f0ba934-bfde-4a1e-898e-dde07668030c_1767883136631&browser_name=Chrome&browser_version=143.0.0.0&browser_major=143&engine_name=Blink&engine_version=143.0.0.0&os_name=Linux&os_version=x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F143.0.0.0%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DANALYTICS_ENTRY)&label=bernie.client.analytics-entry&url=%22https%3A%2F%2Fcreator.expediagroup.com%2Fproducts%2Fbanners%3Fprogram%3Dca-expedia%26layout%3Dmedium-rectangle%26image%3Dsailing%26message%3Dexplore-world-travel%26link%3Dhome%26network%3Dpz%26camref%3D1101l3ZpAe%26instance%3Dmk5jz0mjqqdeq80buh8%22
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-223-203.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Response headers

x-akamai-reference-id: 0.16623417.1767883136.6df0e0a2
cache-control: max-age=0, no-cache, no-store
x-cgp-info: noJvmRouteSet;eb618679-a1b6-4367-a969-68fedca3c603
x-envoy-upstream-service-time: 3
pragma: no-cache
trace-id: 9ab48b65-e029-4770-b0aa-d8253724c8ee
expires: Thu, 08 Jan 2026 14:38:56 GMT
x-b3-traceid: 9ab48b65e0294770b0aad8253724c8ee
content-length: 0
date: Thu, 08 Jan 2026 14:38:56 GMT
server: istio-envoy

GET
H2 202 2x2.gif
creator.expediagroup.com/cl/ Frame D836 0
558 B 191ms
189ms Image
text/plain 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://creator.expediagroup.com/cl/2x2.gif?action=logErrors&logTime=2026-01-08T14%3A38%3A56.750Z&pageName=eg-affiliate-products&pageHydrated=2558.5&siteId=1&eapid=0&tpid=1&appId=eg-affiliate-products&langid=4105&locale=en_CA&guid=0f0ba934-bfde-4a1e-898e-dde07668030c&visitid=0f0ba934-bfde-4a1e-898e-dde07668030c_1767883136631&browser_name=Chrome&browser_version=143.0.0.0&browser_major=143&engine_name=Blink&engine_version=143.0.0.0&os_name=Linux&os_version=x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F143.0.0.0%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DAPP_HYDRATION_START)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fcreator.expediagroup.com%2Fproducts%2Fbanners%3Fprogram%3Dca-expedia%26layout%3Dmedium-rectangle%26image%3Dsailing%26message%3Dexplore-world-travel%26link%3Dhome%26network%3Dpz%26camref%3D1101l3ZpAe%26instance%3Dmk5jz0mjqqdeq80buh8%22
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-223-203.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Response headers

x-akamai-reference-id: 0.16623417.1767883136.6df0e0d7
cache-control: max-age=0, no-cache, no-store
x-cgp-info: noJvmRouteSet;68867152-1ba9-41f3-80ea-5795eb640902
x-envoy-upstream-service-time: 3
pragma: no-cache
trace-id: 814b38b0-b201-4e55-89d9-b73e251fe943
expires: Thu, 08 Jan 2026 14:38:56 GMT
x-b3-traceid: 814b38b0b2014e5589d9b73e251fe943
content-length: 0
date: Thu, 08 Jan 2026 14:38:56 GMT
server: istio-envoy

GET
H2 202 2x2.gif
creator.expediagroup.com/cl/ Frame D836 0
558 B 255ms
254ms Image
text/plain 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://creator.expediagroup.com/cl/2x2.gif?action=logErrors&logTime=2026-01-08T14%3A38%3A56.763Z&pageName=eg-affiliate-products&message=Empty%20analytics%20data%20from%20hydration%20(%27publishClientSidePayload%27%20may%20have%20not%20been%20called%20during%20SSR)&siteId=1&eapid=0&tpid=1&appId=eg-affiliate-products&langid=4105&locale=en_CA&guid=0f0ba934-bfde-4a1e-898e-dde07668030c&visitid=0f0ba934-bfde-4a1e-898e-dde07668030c_1767883136631&browser_name=Chrome&browser_version=143.0.0.0&browser_major=143&engine_name=Blink&engine_version=143.0.0.0&os_name=Linux&os_version=x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F143.0.0.0%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DWARN%20name%3DNO_ANALYTICS_DATA_WARN)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fcreator.expediagroup.com%2Fproducts%2Fbanners%3Fprogram%3Dca-expedia%26layout%3Dmedium-rectangle%26image%3Dsailing%26message%3Dexplore-world-travel%26link%3Dhome%26network%3Dpz%26camref%3D1101l3ZpAe%26instance%3Dmk5jz0mjqqdeq80buh8%22
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-223-203.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Response headers

x-akamai-reference-id: 0.16623417.1767883136.6df0e0d8
cache-control: max-age=0, no-cache, no-store
x-cgp-info: noJvmRouteSet;27c03120-34c8-4e6f-bf44-cb6c75af6e07
x-envoy-upstream-service-time: 4
pragma: no-cache
trace-id: dff7c36a-3307-45e0-8c7e-0f8044e7109a
expires: Thu, 08 Jan 2026 14:38:56 GMT
x-b3-traceid: dff7c36a330745e08c7e0f8044e7109a
content-length: 0
date: Thu, 08 Jan 2026 14:38:56 GMT
server: istio-envoy

GET
H2 200 brand-10112011210110010597.37239658b24ff610e673.js Show response
c.travel-assets.com/eg-affiliate-products/ Frame D836 112 KB
35 KB 257ms
248ms Script
application/javascript 23.196.3.195
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://c.travel-assets.com/eg-affiliate-products/brand-10112011210110010597.37239658b24ff610e673.js
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-196-3-195.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bc0d9c80218c6c1456e7b4db46e11af376d3c7722e341d2e170c6120bf8d8390

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

x-amz-id-2: Ih0lurGlCyBDqZCb348NTWAH+nihFycfGFGkmHTvk6eq8jVv1t0K7Zt7NVN0DsRSBiGcIGKXQG0=
vary: Accept-Encoding
cache-control: public, max-age=1068976
timing-allow-origin: *
content-encoding: br
etag: "d0cdfcd2d374c1c3c1100cfc9aace709"
x-amz-version-id: fcxAh8ffJ7MtRzmtl20SiYma_Dn9iLsz
x-amz-request-id: J77WNR0HTPAV7M0M
alt-svc: h3=":443"; ma=93600
content-length: 35269
date: Thu, 08 Jan 2026 14:38:56 GMT
last-modified: Wed, 27 Aug 2025 02:21:41 GMT
content-type: application/javascript
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 202 1x1.gif
creator.expediagroup.com/cl/ Frame D836 0
559 B 184ms
183ms Image
text/plain 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://creator.expediagroup.com/cl/1x1.gif?action=logTrxEvent&logTime=2026-01-08T14%3A38%3A56.802Z&pageName=eg-affiliate-products&message=page%20loaded&pageUsable=2609.4&ttfb=1191&dns=9&tcp=167&siteId=1&eapid=0&tpid=1&appId=eg-affiliate-products&langid=4105&locale=en_CA&guid=0f0ba934-bfde-4a1e-898e-dde07668030c&visitid=0f0ba934-bfde-4a1e-898e-dde07668030c_1767883136631&browser_name=Chrome&browser_version=143.0.0.0&browser_major=143&engine_name=Blink&engine_version=143.0.0.0&os_name=Linux&os_version=x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F143.0.0.0%20Safari%2F537.36&pwa=true&label=bernie.client.analytics-entry&bernie.client.analytics-entry_elapsedTime=171
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-223-203.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Response headers

x-akamai-reference-id: 0.16623417.1767883136.6df0e122
cache-control: max-age=0, no-cache, no-store
x-cgp-info: noJvmRouteSet;e84d0384-77c9-45e8-a472-54b26afa7cfd
x-envoy-upstream-service-time: 4
pragma: no-cache
trace-id: 97f2d9d7-f7e4-4714-b5e1-09c207171313
expires: Thu, 08 Jan 2026 14:38:56 GMT
x-b3-traceid: 97f2d9d7f7e44714b5e109c207171313
content-length: 0
date: Thu, 08 Jan 2026 14:38:56 GMT
server: istio-envoy

GET
H2 202 2x2.gif
creator.expediagroup.com/cl/ Frame D836 0
559 B 250ms
249ms Image
text/plain 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://creator.expediagroup.com/cl/2x2.gif?action=logErrors&logTime=2026-01-08T14%3A38%3A57.113Z&pageName=eg-affiliate-products&time=362.5&siteId=1&eapid=0&tpid=1&appId=eg-affiliate-products&langid=4105&locale=en_CA&guid=0f0ba934-bfde-4a1e-898e-dde07668030c&visitid=0f0ba934-bfde-4a1e-898e-dde07668030c_1767883136631&browser_name=Chrome&browser_version=143.0.0.0&browser_major=143&engine_name=Blink&engine_version=143.0.0.0&os_name=Linux&os_version=x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F143.0.0.0%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DAPP_HYDRATION_COMPLETE)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fcreator.expediagroup.com%2Fproducts%2Fbanners%3Fprogram%3Dca-expedia%26layout%3Dmedium-rectangle%26image%3Dsailing%26message%3Dexplore-world-travel%26link%3Dhome%26network%3Dpz%26camref%3D1101l3ZpAe%26instance%3Dmk5jz0mjqqdeq80buh8%22
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-223-203.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Response headers

x-akamai-reference-id: 0.16623417.1767883137.6df0e3ff
cache-control: max-age=0, no-cache, no-store
x-cgp-info: noJvmRouteSet;69742c4c-35c9-49d3-8150-dd6816b1b5e0
x-envoy-upstream-service-time: 3
pragma: no-cache
trace-id: 0d4225fc-64d2-440f-93d5-8da463dd2794
expires: Thu, 08 Jan 2026 14:38:57 GMT
x-b3-traceid: 0d4225fc64d2440f93d58da463dd2794
content-length: 0
date: Thu, 08 Jan 2026 14:38:57 GMT
server: istio-envoy

GET
H2 202 1x1.gif
creator.expediagroup.com/cl/ Frame D836 0
559 B 203ms
203ms Image
text/plain 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://creator.expediagroup.com/cl/1x1.gif?action=logTrxEvent&logTime=2026-01-08T14%3A38%3A57.116Z&pageName=eg-affiliate-products&hydration=2912.099998474121&siteId=1&eapid=0&tpid=1&appId=eg-affiliate-products&langid=4105&locale=en_CA&guid=0f0ba934-bfde-4a1e-898e-dde07668030c&visitid=0f0ba934-bfde-4a1e-898e-dde07668030c_1767883136631&browser_name=Chrome&browser_version=143.0.0.0&browser_major=143&engine_name=Blink&engine_version=143.0.0.0&os_name=Linux&os_version=x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F143.0.0.0%20Safari%2F537.36&pwa=true&label=Application&Application_elapsedTime=485
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-223-203.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Response headers

x-akamai-reference-id: 0.16623417.1767883137.6df0e42a
cache-control: max-age=0, no-cache, no-store
x-cgp-info: noJvmRouteSet;573a3977-d1cb-4560-a74d-4fdedd03dec4
x-envoy-upstream-service-time: 2
pragma: no-cache
trace-id: 5cdbcb42-591b-4ab1-a6c8-2855f2999b2f
expires: Thu, 08 Jan 2026 14:38:57 GMT
x-b3-traceid: 5cdbcb42591b4ab1a6c82855f2999b2f
content-length: 0
date: Thu, 08 Jan 2026 14:38:57 GMT
server: istio-envoy

GET
H2 200 81961-Tahiti.jpg
a.travel-assets.com/findyours-php/viewfinder/images/res20/81000/ Frame D836 28 KB
28 KB 653ms
177ms Image
image/webp 23.33.40.142
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://a.travel-assets.com/findyours-php/viewfinder/images/res20/81000/81961-Tahiti.jpg
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.142 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-33-40-142.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 71a02d5bc501d73d1cc782f538d4d680aa59c0d834ed973e49d2e1d6a29feca5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/

Response headers

cache-control: no-transform, max-age=31536000
timing-allow-origin: *
etag: "f4775faa2504f815bd55116b94fed42d"
expires: Fri, 08 Jan 2027 14:38:57 GMT
alt-svc: h3=":443"; ma=93600
content-length: 28658
date: Thu, 08 Jan 2026 14:38:57 GMT
last-modified: Wed, 05 Nov 2025 12:13:57 GMT
content-type: image/webp
server: Akamai Image Manager

GET
H2 200 expedia-inline.svg
creator.expediagroup.com/products/banners/assets/logos/ Frame D836 3 KB
1 KB 77ms
75ms Image
image/svg+xml 23.54.223.203
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://creator.expediagroup.com/products/banners/assets/logos/expedia-inline.svg

Requested by

Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.223.203 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-223-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

0fdbdf8dc4b0887414c8537cb32b1dc75c2f56b49ccfd405c6a0ac95185b7297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8

Response headers

x-akamai-reference-id: 0.16623417.1767883137.6df0e42b
x-cgp-info: noJvmRouteSet;6370859c-8641-11f0-9f71-0242642605af
content-encoding: gzip
etag: "7f4694c647bbc17f89de4a156bfb19f4adaa1283-gzip"
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 14:38:57 GMT
date: Thu, 08 Jan 2026 14:38:57 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Aug 2025 02:17:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
trace-id: 1f3c0651-588c-4ca5-acff-3c8575c93390
x-download-options: noopen
accept-ranges: bytes
x-b3-traceid: 1f3c0651588c4ca5acff3c8575c93390
content-length: 1054
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame D836 4 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb229a3f3c4ab51c010a1506b8e354b680f456457ca7233f11ea105e12c17c86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 CentraNo2-Medium.woff2
a.travel-assets.com/egds/fonts/CentraNo2/ Frame D836 14 KB
15 KB 647ms
196ms Font
font/woff2 23.33.40.142
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://a.travel-assets.com/egds/fonts/CentraNo2/CentraNo2-Medium.woff2
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.142 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-33-40-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1abca155c20bc29126df8acd45ea9653dcdcb6a312d5acb09b336a47dfee7d37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://creator.expediagroup.com
Referer: https://creator.expediagroup.com/

Response headers

access-control-max-age: 3000
etag: "43b021fb9130f837f62f1498c5c1efd7"
x-amz-version-id: muuqKNWf20_rr2TGB1jPOTX6.n5.wMfo
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=93600
date: Thu, 08 Jan 2026 14:38:57 GMT
last-modified: Tue, 20 May 2025 20:40:57 GMT
content-type: font/woff2
x-amz-id-2: cHz5BFZij+k8T+8Ug1nL4EusEjMXgGlUWbw8BiJS8xRIeZ0rmySF0HwdlzduXrwByrxOLd+ohJw=
cache-control: public, max-age=1204360
timing-allow-origin: *
x-amz-request-id: CT6HKC5FGM19DPNS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14708
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 CentraNo2-Bold.woff2
a.travel-assets.com/egds/fonts/CentraNo2/ Frame D836 14 KB
15 KB 666ms
217ms Font
font/woff2 23.33.40.142
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://a.travel-assets.com/egds/fonts/CentraNo2/CentraNo2-Bold.woff2
Requested by: Host: creator.expediagroup.com
URL: https://creator.expediagroup.com/products/banners?program=ca-expedia&layout=medium-rectangle&image=sailing&message=explore-world-travel&link=home&network=pz&camref=1101l3ZpAe&instance=mk5jz0mjqqdeq80buh8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.142 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-33-40-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cff4fa6238c39201fd391a24abc5747647299f725e20981a6a2a9d6272643955

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://creator.expediagroup.com
Referer: https://creator.expediagroup.com/

Response headers

access-control-max-age: 3000
etag: "e48bbf4b7231aacf26e0c7045e610485"
x-amz-version-id: UOdD6wm.tYWDfkmmwbDaxk5PAp74ochQ
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=93600
date: Thu, 08 Jan 2026 14:38:57 GMT
last-modified: Tue, 22 Nov 2022 18:26:51 GMT
content-type: font/woff2
x-amz-id-2: 0K5tLwCQrjVDlJTRreLunBwxz7BHoHC0Jsa06GS8sQ+kK6rN6tuW6uAfOPO74JmZ7zY2dCY0vP0=
cache-control: public, max-age=908243
timing-allow-origin: *
x-amz-request-id: KAP45T7E7QJSTZG7
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14708
server: AmazonS3

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B68 42 B
65 B 93ms
93ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY8F8NfsSWYSK52s3AKTR4op3PILWHKkv23NawA9L848E0PfT0dTovjMzZi8aHAGtfRW6P2F8GymWiUX9twI9kYLd9ZpMtxi15KLrcUGd7tHsJzuGi4sBVJb5w1ATawh06WcoSIx8jaOedf898KW3D_ZK-9fmxBJ9aGBxb7lSIYchIMRg&sig=Cg0ArKJSzDsUM85cdY16EAE&id=lidar2&mcvt=1000&p=0,0,280,950&tm=2039.1999969482422&tu=1039&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2097195300&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6381593500&rst=1767883134523&rpt=1946&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 08 Jan 2026 14:38:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 152ms
75ms XHR
application/json 172.253.62.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20260105&st=env&sjk=1824827493075153

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

233d7add5cc9afc4ec5cc17315267054348916a22b9804ecd20e5f7cc06d4b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13493
date: Thu, 08 Jan 2026 14:38:58 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 favicon-32x32.png
www.domainspurchase.com/ 2 KB
2 KB 67ms
66ms Other
image/png 150.239.200.100
SOFTLAYER

General

Check archive.org

Download Go to

Full URL: https://www.domainspurchase.com/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.239.200.100 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: hs20.name.tools
Software: nginx /
Resource Hash: e2d594d36f5d70692be1777d903fd734bae0897478ceb7123f3922f634bba3db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

accept-ranges: bytes
content-length: 1816
date: Thu, 08 Jan 2026 14:38:57 GMT
content-type: image/png
last-modified: Fri, 08 Mar 2024 19:27:45 GMT
server: nginx

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 596ms
138ms Script
text/javascript 142.250.217.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601050101/show_ads_impl_fy2021.js?bust=95380465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.217.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pnlgaa-as-in-f1.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 14:38:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 08 Jan 2026 14:38:58 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame DE4B 13 KB
5 KB 257ms
85ms Document
text/html 142.250.217.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.217.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pnlgaa-as-in-f1.1e100.net

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:16:32 GMT
expires: Thu, 08 Jan 2026 15:06:32 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 24A4 829 B
568 B 212ms
87ms Document
text/html 142.250.80.68
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f4.1e100.net

Software

ESF /

Resource Hash

80b1c4a31731e6edf2a795ffea5b4854ffc0a04487ada698edb1c3febf27f195

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6guNVH-xRBtnFYDcsMIMMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domainspurchase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6guNVH-xRBtnFYDcsMIMMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 14:38:58 GMT
expires: Thu, 08 Jan 2026 14:38:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24A4 0
17 B 89ms
89ms Image
image/ 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20260105&jk=1824827493075153&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:59 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 200 9xXazZNGk-90sC7afneTD8_dNpwltBo5cDLJ7VuQ1FY.js Show response
pagead2.googlesyndication.com/bg/ Frame DE4B 53 KB
21 KB 63ms
62ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9xXazZNGk-90sC7afneTD8_dNpwltBo5cDLJ7VuQ1FY.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

sffe /

Resource Hash

f715dacd934693ef74b02eda7e77930fcfdd369c25b41a397032c9ed5b90d456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 512775
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 02 Jan 2027 16:12:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 02 Jan 2026 16:12:44 GMT
last-modified: Fri, 19 Dec 2025 16:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 20972
x-xss-protection: 0
server: sffe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame DE4B 0
41 B 67ms
61ms Image
text/plain 142.250.217.1
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?u1XFxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.217.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: pnlgaa-as-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 08 Jan 2026 14:38:59 GMT
cross-origin-resource-policy: cross-origin

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 117ms
115ms Image
image/ 172.253.62.154
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20260105&jk=1824827493075153&bg=!-vml-bbNAAaUO1ZgtDs7ADQBe5WfOLWzwbHf7jbkOvdh1fYHCICDfw5fWHJ3KTVXz9TpJZp6Je0IPoOUJUXbdyTqwUamAgAAAMxSAAAABmgBB34AN989HYjKJpyVLybJq2O23jM02w82hD02vYm4ca0xxqjhI7aq9BIaPGz7iCFkZUuPh8cigRYEVM8KANOL7kFpW_PRLna9lsJMoYXIzR0TXfsM1otYTURWE7onbtdgWzlrRsXxt8Dt5aPVwhXlImsnN0gC0RVzI8N330M97Kk3Fsxdqm4xUMtaohXFt-S45rfSKWkILooMJpjoAt6AQGzuvBXDUUzGgY6MnUjAhl0Rv92DU8zAxZ0w2G2-HvNPW0yUeD6t6doHKfsNHWuO_vE0D8yaRV10nZTMiRwPPSwpb_F7abRTbJSVhZFGc2aSrYM6NI9EwHaN_R6oP57oMuM-y0eApbpIyUg38k_2KhgamQJeLDlbmcJUzMG6Im28J1I6736643ibFDmQ-zzW9lqmaUmOOtmxDjbyoxw2F2P_M00t3Mwpgja4RlitniXp74cT7FYtZy7YjPd5HV3W_wLLSEwuHLHKrxvFST2vD8SA5Q2-ZbdWckF44zJpp6gbt1wOEY2OjoKw1qtaNXEW1gYf3JHDkxOXqFv6hpKCs1W_xKMYsZU6zfzoQNEg9R8jnEPGCyNAzO6LyGncGoxJxX8oLlB8rxeOAeYQwYYyEypNNKSqVBlFZYEJcr9qj1d2daF4oDrTpRzKfduoR1sMChUMifyi4ZM-AaXg2OVYIxCkf4Yed8wL3VnAu72OgZHccuKLqx6w-9uFWGEcDG67dlfPn92ZwbDfVxKcRXfqEZ1v00k-0yrol1GdmJ5u3GRFPi_Js7tn_p6P0J131Po87Yq6EUbOh8N2dKNMlj7dbAuTR6zr2dLwDtinNfnQN1AM-hgV4LeOuKC2uNGkeNW6FqQQ4nZUK-ouHi-6_ki7LhNT4ZzsYiEH6IY-960f6Iv01iFBh_Mqus8PTLLoZe2TK3g1WtWsRtukeRUkPWKXlAOPAY8GXUT-8Fb9-dGCNKlOpoADh97xKsF0iazLpCM9WvHQSbRS1p9oRXqmf1WCzzbMt7pHToquZYPuvixqQENQteNrl22oqy8GHSznZuMGe8sbE47XNxAAFSe1wHo6JAgSPn7AftaGhM6ll_DyPcimMQQcujId7rFutWp08QVLfkAFyVIajQ1sRWoGfQfCq9tUqoXBjxAUYj88JVoS4nlGOG7HlhPvF-ec1shRzumOy6zY

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.domainspurchase.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 08 Jan 2026 14:38:59 GMT
x-xss-protection: 0
content-type: image/
server: cafe

Verdicts & Comments Add Verdict or Comment

63 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.creator.expediagroup.com/	1970-01-21 11:04:44	Name: HMS Value: 3bb11010-795d-30d1-b8e8-9b5b50b22c20
.creator.expediagroup.com/	1970-01-21 20:40:43	Name: MC1 Value: GUID=0f0ba934bfde4a1e898edde07668030c
.creator.expediagroup.com/	1970-01-21 20:40:43	Name: DUAID Value: 0f0ba934-bfde-4a1e-898e-dde07668030c
.domainspurchase.com/	1970-01-21 20:26:19	Name: __gads Value: ID=32d47ee1325a8cde:T=1767883134:RT=1767883134:S=ALNI_MY69D7WBYGFNa4EtTO96a8j-OYsTg
.domainspurchase.com/	1970-01-21 20:26:19	Name: __gpi Value: UID=000013240f45efb9:T=1767883134:RT=1767883134:S=ALNI_Mboal6O1tneDlR6ok_XS42C_x9HRQ
.domainspurchase.com/	1970-01-21 15:23:55	Name: __eoi Value: ID=be0ed78a5e765cc6:T=1767883134:RT=1767883134:S=AA-AfjaFXtA-CAEzOP1blIBMoTU_
.doubleclick.net/	1970-01-21 20:40:43	Name: IDE Value: AHWqTUk8EDtzc9KRNyO7y4Xu9fUJnfwgMlyL6_2jTC8VyPUpZSY3nXot6rvgRO-NLn4
.doubleclick.net/	1970-01-21 19:50:19	Name: __mggpc__ Value: 0
.admaster.cc/	1970-01-21 19:50:19	Name: __mguid_ Value: 8df1d1e144e611ad2spoza00mk5jz1i6
gtracenep.admaster.cc/	1970-01-21 19:50:19	Name: cst_44 Value: ts=1767883135
gtracenep.admaster.cc/	1970-01-21 19:50:19	Name: cst_70 Value: ts=1767883135
gtracenep.admaster.cc/	1970-01-21 19:50:19	Name: cst_78 Value: ts=1767883135
.casalemedia.com/	1970-01-21 19:50:19	Name: CMID Value: aV-BgMAoJasAAkc.A0ar5gAA
.casalemedia.com/	1970-01-21 13:14:19	Name: CMPS Value: 2910
.casalemedia.com/	1970-01-21 13:14:19	Name: CMPRO Value: 2910
.adnxs.com/	1970-01-21 13:14:19	Name: XANDR_PANID Value: 08ERxwXHq1nPE58JOihn9vcykvVb4L0XkyZTYkVO4SX8TVlB3Y5Z8Jd5awX15v-wEdCpp-qm3QsUYhQRxoybWsqAVYB-HsPHMGdz8GN67Vk.
.adnxs.com/	1970-01-21 13:14:19	Name: uuid2 Value: 3343465024785332781
.adnxs.com/	1970-01-21 13:14:19	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2HbWu5?Jf!1yIE`fSBDe%ywZ0tJOExi'uG4vBG4d1LUxx%#SG.<iD%%ouVX6uiFiZ6Vw?VN$#DI2Z#DIgl#XsfP(NmpZ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601402DC120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.travel-assets.com
c.travel-assets.com
celebritiesbooking.com
cm.g.doubleclick.net
creator.expediagroup.com
dsum-sec.casalemedia.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtracenep.admaster.cc
ib.adnxs.com
imagesnep.admaster.cc
pagead2.googlesyndication.com
static.admaster.cc
tpc.googlesyndication.com
tracenep.admaster.cc
www.domainspurchase.com
www.google.com
www.gstatic.com
www.mall24hours.com
104.18.26.193
142.250.176.193
142.250.176.194
142.250.217.1
142.250.80.68
142.251.111.94
142.251.16.94
142.251.179.157
142.251.40.194
150.239.200.100
172.253.139.95
172.253.62.154
23.196.3.195
23.33.40.142
23.54.223.203
34.111.60.239
34.54.226.84
35.208.249.213
35.209.233.198
54.215.31.113
68.67.179.153
001673eed381382498d9e64a21b1a171f7d18403d5bd026ffea3f81fe69f7ebd
01e3bad31a61b7a85a6954d1ae58441cf91da85cae4c9703ad72156da9575f6e
084ed124865bd41911311c34f9ecec8feb9344d5af617c8641c74a8115ab5877
0a8fd762c01b6a323bf30c601ea96dd9fccb8aa9a16ab0c0daf957722cc26bdb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb83e71daabbea59c8218be73035fc17076fe013dd2a662be9176f3a265d88d
0fdbdf8dc4b0887414c8537cb32b1dc75c2f56b49ccfd405c6a0ac95185b7297
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1abca155c20bc29126df8acd45ea9653dcdcb6a312d5acb09b336a47dfee7d37
2013ef7dc772b153e4fa579cbe95aa038e5b239bcc22ae11a97c5dc80e2ff9c5
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
233d7add5cc9afc4ec5cc17315267054348916a22b9804ecd20e5f7cc06d4b20
2540e4f42ffadbf6fcfe7de7726930ed5920dad172a3630a0951981b618b843a
25510a6d17816246d9a90f5be9434642dff5dfcd36f76af12a7fa8a0097e5e3b
26d98b7c04bbabef98191f2f233d81693ff6dffadc29f229c75170eae622abc5
29d3e9f4349ab461dd191c7d393637d2780db8adddcd0261de325922aef395b6
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
2afe233f4be310f37b387564c6e6b7955cbc2fa3570eba331366d4e84ccf1587
31f3077b84773c423e16fd64c7e8f092786d09c5242a3300c612d45085ab50d5
3304c6bdb1874898e281ca8397ff32ceb257ea4a35d956664bf7fa91f6815c44
34deed95bd6d3b8a88ca59ecabc82f0f5723a25b74e5aca1fbca48d569fd4bb8
3b8cd3e9250553599c127d2ae5ec4b2de54e2d529f0c68c06c4dbc8fcb36b9eb
4047b6b06c11a4710302b0b81d43d74ceea977feee30cdc0b7b386468b263352
423c225dd9e4167ab93a0f249bb7ed5153e03aa2a1939ed9f121425d016b1e73
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c146e3fea51cafb9809ed4c94cfc8077b492a87ce5f4b746eb74528961ffae7
4c8b53d4b93c9f0b627787ea47156488d1d9c9b08c75efd2d183cdc2bd698a9f
523a00b1969c40730c86d4819b233c4f07680836212c6fdcc3d85a3c54f2a0f1
543c818289f74293ed0e90a66f71d16ab30e2d737e52365740c4111f2743cb14
66014fcf7dddddf02c194fd11928927bfff60026c8bc1d5316c860408d59a6d5
691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc
70b97cb9b036cbe3c530fbf798f384fa07be481226a1b96263b86b7b09ed4406
71a02d5bc501d73d1cc782f538d4d680aa59c0d834ed973e49d2e1d6a29feca5
73b6bc92bb30d26ac26c7f3eccc350f2694260c064cdaf588cdd945a642b16f8
73c930f46b9fc3b0ede1310ded253e8be43d27d2f1334f50018e166698d3c7a8
7c2a319af282b5ae2ed151a1daf4ace7f5d041af58157b8fd7c27974bf40187c
80b1c4a31731e6edf2a795ffea5b4854ffc0a04487ada698edb1c3febf27f195
84c2e813fa84f3090cecebba63d4064ecb2618b7de922568e84c442e987c22e6
869d235cbebd000e0ca5eadc57736459e414234c5ef2d09b06b0e7bf85614368
8d6e71f6d554195307e6d969a336e7b7f6c9409bc99ec1626c42741015c2ba9c
94e5a4052c8f4acff783d75d4f41f1f43783ad6d80031044110083f9cbbc0fff
963de1188c46de111dc13a3364c70c98fb2f1fdedd0c70b9512381083c858ddf
a70cee23501766bca55e104c29bcb78b05ecda1dbea8b1f468d113db7b492d26
a7c39cbafaddb314a469ab3c4f5c1ab96abe13c59bdb9f6ec8846978a2a39019
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
aa66911858929052eef29717451a1fada41bec4de42ac449cb99fce3598d9204
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc0d9c80218c6c1456e7b4db46e11af376d3c7722e341d2e170c6120bf8d8390
bd04667d5d5feb14319f345a1a8e7486d8ab5aea560fb8be53cae5f6bc9d0e20
bfdf1278ebc31404f5a9a52f8d69e1ffc2c99a00fec4290482bd012cf24492f0
c820c815e315378c90154479b46a1a1176e035f1d89693868a5d94ea31561a7a
cb0a81e3b65b55f5686972c4337591bfe6f2b9113e5965942c2141d53ad1f477
cff4fa6238c39201fd391a24abc5747647299f725e20981a6a2a9d6272643955
d0efd03bead9e44e4a947b2f09cfacb01f5aecf757563b49d4e180769081a709
d14b1e3cfb6476bac6ecbaf2fe4f34b1d1cde8f515c9d3377959e305ef2f5481
d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0
e08c806b2b82f01fa8d3318153742c29f20a52029a62474003200874dfa43cb7
e108480a9894485059f2b1676b6e05a34af2ecc20fbcdd034d37e768e5356223
e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02
e2d594d36f5d70692be1777d903fd734bae0897478ceb7123f3922f634bba3db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5941f97a77d0280411fca38723c00150aaaa74e5d20934559a57897598a86a2
e59aaf2eb1ac9ef86c0b011e544b27447417ff6051d3e0a6d4e7058fa25e2db9
e5de263e5c408ae0209a665712c9e6d310b152f290a6050bc1365b88f6554401
e9039ee379f5fb5750709b125d0fbe75a552d97149f046cbb1259edd808af961
ebf6d533a07989d0d156ca700650eb87e4ff6efce052affc94753c2884af9b13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03878c0416229bdc083f4f114535df05ad3b043b3c6d48c3ddd05c6e3aac59a
f715dacd934693ef74b02eda7e77930fcfdd369c25b41a397032c9ed5b90d456
fb229a3f3c4ab51c010a1506b8e354b680f456457ca7233f11ea105e12c17c86
fc3a40627f0a9d6f49cc8a5ba7acc574cb077b1d433803e6c2d6afbbcb894e2a
fd6525b17b1b8817a1a36386382b1f59378fb5e488db505baa78b0d0db818a08
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

www.domainspurchase.com 150.239.200.100 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

98 %HTTPS

0 %IPv6

14 Domains

22 Subdomains

21 IPs

2 Countries

1216 kBTransfer

3716 kBSize

18 Cookies

9 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.domainspurchase.com
150.239.200.100 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

98
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

22
Subdomains

21
IPs

2
Countries

1216 kB
Transfer

3716 kB
Size

18
Cookies

98 HTTP transactions
3 data transactions