www.iglobal.co Open in urlscan Pro
23.23.113.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.iglobal.co/canada/toronto/show-me-up-media
Effective URL:
https://www.iglobal.co/canada/toronto/show-me-up-media
Submission: On October 20 via manual (October 20th 2021, 5:37:22 am UTC) from IN — Scanned from DE

Summary HTTP 62 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 18 domains to perform 62 HTTP transactions. The main IP is 23.23.113.145, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.iglobal.co.
TLS certificate: Issued by Amazon on April 6th 2021. Valid for: a year.

This is the only time www.iglobal.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	23.23.113.145 23.23.113.145	14618 (AMAZON-AES) (AMAZON-AES)
4	18.66.107.129 18.66.107.129	16509 (AMAZON-02) (AMAZON-02)
11	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
13	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
2	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
3	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.150.96.104 54.150.96.104	16509 (AMAZON-02) (AMAZON-02)
62	17

3 23.23.113.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-113-145.compute-1.amazonaws.com

www.iglobal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.107.129 (United States)

ASN16509 (AMAZON-02, US)

d1zscdb5kxpxcu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.150.96.104 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-96-104.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	334 KB
13	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	82 KB
5	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	cloudfront.net d1zscdb5kxpxcu.cloudfront.net	151 KB
3	gstatic.com www.gstatic.com	12 KB
3	iglobal.co www.iglobal.co	50 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	760 B
2	googletagservices.com www.googletagservices.com	75 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	adingo.jp cc.adingo.jp	44 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	quantserve.com cms.quantserve.com	464 B
1	nr-data.net bam-cell.nr-data.net	711 B
1	newrelic.com js-agent.newrelic.com	11 KB
1	googleadservices.com partner.googleadservices.com	656 B
62	18

	Domain	Requested by
12	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	pagead2.googlesyndication.com	www.iglobal.co pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	d1zscdb5kxpxcu.cloudfront.net	www.iglobal.co d1zscdb5kxpxcu.cloudfront.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	www.iglobal.co	www.iglobal.co
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	d1zscdb5kxpxcu.cloudfront.net www.google-analytics.com
1	cc.adingo.jp	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.iglobal.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
62	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
www.arzion.com

Subject Issuer	Validity	Valid
iglobal.co Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.iglobal.co/canada/toronto/show-me-up-media
Frame ID: 1633C3A391CAD8D9D815DD1877A4489F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/zrt_lookup.html
Frame ID: 5B7C054A21122E512E1C5EC4140B6180
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&adk=1812271804&adf=3025194257&lmt=1634708238&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708237992&bpp=2&bdt=172&idt=96&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7115496325909&frm=20&pv=2&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108
Frame ID: E5186F62C1FF892F7148F3481DEE556C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4592985641236670&output=html&h=15&slotname=8474587873&adk=191214660&adf=2338692533&pi=t.ma~as.8474587873&w=728&lmt=1634708238&psa=0&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708237994&bpp=3&bdt=174&idt=111&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7115496325909&frm=20&pv=2&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=290&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YzJuX825m3&p=https%3A//www.iglobal.co&dtd=114
Frame ID: 072750B18F1DEAD7AABEC42B57414D60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10
Frame ID: 246009EA3C9A0B610EA67A51B81D27EA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1
Frame ID: 295AEC6C79212A4B732AA06C0BF1FBBD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5B4CF4BCD2D36B70E585B8D2A5CBF6ED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4335BA1273B5BF030A9FCB25B1D8B860
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Frame ID: 841525ACA3DA3E952B4985970B66C352
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 190AA97109779B706F0D123118A5862B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 675471304532FD7170D0F6189507CBB9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A946C58DD7BEA79AB676D120CCA51AC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 36D57EC65B28E792141CFB865DE34ADC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SHOW ME UP MEDIA

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

62
Requests

98 %
HTTPS

0 %
IPv6

18
Domains

21
Subdomains

17
IPs

6
Countries

741 kB
Transfer

2018 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media&text=Show+me+up+media

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media

Search URL Search Domain Scan URL

URL: https://www.arzion.com/
Title: Developed by ARZION

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIL-FO6uTeqOGkgHYIJ8QYEiHO2RxKiPpdiU8FmR-49y0RmFzr-iEY6V9XX2SlW2SAcKOT0pPss-DMqQyytf2Jw-Bc4cb0&google_gid=CAESEKTsYcUas9MMss7yjsBp--U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVdAckR3QUFBZTh3bWxiZQ&google_push=AYg5qPIL-FO6uTeqOGkgHYIJ8QYEiHO2RxKiPpdiU8FmR-49y0RmFzr-iEY6V9XX2SlW2SAcKOT0pPss-DMqQyytf2Jw-Bc4cb0

Request Chain 53

https://rtb.openx.net/sync/dds?google_gid=CAESENmysAfeA_4DgIQ47lxuQnQ&google_cver=1&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESENmysAfeA_4DgIQ47lxuQnQ&google_cver=1&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O&google_hm=zteLPZGMzUgzg5G-9OuRJg==

Request Chain 54

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGW4O0zqzHet_uLArrfRMas&google_cver=1&google_push=AYg5qPJfkvtwxFzLkb4USK63FkDmJET9miTvJBvw4yMmtZVgV3Oztc_QY16a8LhQeY-0OlOtzeZsKcFSnHH7PSnL8Ifd5f-vFRIp HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGW4O0zqzHet_uLArrfRMas&google_cver=1&google_push=AYg5qPJfkvtwxFzLkb4USK63FkDmJET9miTvJBvw4yMmtZVgV3Oztc_QY16a8LhQeY-0OlOtzeZsKcFSnHH7PSnL8Ifd5f-vFRIp&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=463fvecaTvOCOZTjoEpqTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJfkvtwxFzLkb4USK63FkDmJET9miTvJBvw4yMmtZVgV3Oztc_QY16a8LhQeY-0OlOtzeZsKcFSnHH7PSnL8Ifd5f-vFRIp

Request Chain 55

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAZ6QD3Boe-ygEuSfAPLiCw&google_cver=1&google_push=AYg5qPI9XouBQnEB0fRww2b8yXWYT-zAXZ48AAZQnNxc2a2e7EhLvfpJmico17XAOsuj7k7wNsGUGv1gwPtalTlBgpwmP4Fn4nPu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMzJVRzEtUy1FM0xE&google_push=AYg5qPI9XouBQnEB0fRww2b8yXWYT-zAXZ48AAZQnNxc2a2e7EhLvfpJmico17XAOsuj7k7wNsGUGv1gwPtalTlBgpwmP4Fn4nPu

Request Chain 56

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECALgoWFyar1S11ki_mZMhY&google_cver=1&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set show-me-up-media Show response
www.iglobal.co/canada/toronto/ 110 KB
26 KB 542ms
240ms Document
text/html 23.23.113.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iglobal.co/canada/toronto/show-me-up-media
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.113.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-113-145.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c057bdca740d0b32f0adabf22bfa8102e24fa90a2200a012bc44aa67865ac431

Request headers

Host: www.iglobal.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 05:37:17 GMT
Server: nginx
Set-Cookie: ig_user_location=%7B%22country_code%22%3Anull%2C%22country_name%22%3Anull%2C%22city%22%3Anull%2C%22city_permalink%22%3A%22n-a%22%2C%22latitude%22%3Anull%2C%22longitude%22%3Anull%2C%22location_method%22%3A%22GeoIP%22%7D; expires=Wed, 27-Oct-2021 05:37:17 GMT; Max-Age=604800; path=/; domain=.iglobal.co AWSELB=031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D;PATH=/;MAX-AGE=86400 AWSELBCORS=031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D;PATH=/;MAX-AGE=86400;SECURE;SAMESITE=None
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK igv40.css
d1zscdb5kxpxcu.cloudfront.net/assets/computer/generated/ 136 KB
26 KB 65ms
7ms Stylesheet
text/css 18.66.107.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zscdb5kxpxcu.cloudfront.net/assets/computer/generated/igv40.css
Requested by: Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e06222c2c6424e440cd22d9b81e24feef3f51e79e24e877b462cea25d23835c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 03:39:06 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 30 Sep 2021 17:36:11 GMT
Server: nginx
Age: 7091
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf-8
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Cache-Control: no-cache="set-cookie"
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: InhksvosTQ9j08UDm-U3pygdLmS7NRJzn7nVWdiN3n_pU3OfjB9Cfw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 79ms
39ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1542063256585005

Requested by

Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4b65ad014f5d52f4e51ced795026f9e744219929f0807842c4f912bbbe16c1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iglobal.co/
Origin: https://www.iglobal.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50889
x-xss-protection: 0
server: cafe
etag: 12249623839536139271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 05:37:17 GMT

GET
H/1.1 200
OK shop.png
www.iglobal.co/assets/common/img/ 14 KB
15 KB 99ms
98ms Image
image/png 23.23.113.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iglobal.co/assets/common/img/shop.png
Requested by: Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.113.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-113-145.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 92a05c87b5b931b139c533fd8cb480a70e2d9ed1936c13e38864aae79f64de32

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.iglobal.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.iglobal.co/canada/toronto/show-me-up-media
Cookie: ig_user_location=%7B%22country_code%22%3Anull%2C%22country_name%22%3Anull%2C%22city%22%3Anull%2C%22city_permalink%22%3A%22n-a%22%2C%22latitude%22%3Anull%2C%22longitude%22%3Anull%2C%22location_method%22%3A%22GeoIP%22%7D; AWSELB=031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D; AWSELBCORS=031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/canada/toronto/show-me-up-media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:37:17 GMT
Last-Modified: Thu, 30 Sep 2021 17:33:51 GMT
Server: nginx
ETag: "6155f4ff-3801"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 14337
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK classified.png
www.iglobal.co/assets/common/img/ 10 KB
10 KB 199ms
99ms Image
image/png 23.23.113.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iglobal.co/assets/common/img/classified.png
Requested by: Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.113.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-113-145.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01d7134292c876822e5806ca3da69d5c4c85d5a8b73f2e3a6292f17ea67e8b3f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.iglobal.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.iglobal.co/canada/toronto/show-me-up-media
Cookie: ig_user_location=%7B%22country_code%22%3Anull%2C%22country_name%22%3Anull%2C%22city%22%3Anull%2C%22city_permalink%22%3A%22n-a%22%2C%22latitude%22%3Anull%2C%22longitude%22%3Anull%2C%22location_method%22%3A%22GeoIP%22%7D; AWSELB=031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D; AWSELBCORS=031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/canada/toronto/show-me-up-media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:37:18 GMT
Last-Modified: Thu, 30 Sep 2021 17:33:52 GMT
Server: nginx
ETag: "6155f500-278c"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 10124
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK igv34.js Show response
d1zscdb5kxpxcu.cloudfront.net/assets/computer/generated/ 183 KB
57 KB 12ms
12ms Script
application/x-javascript 18.66.107.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zscdb5kxpxcu.cloudfront.net/assets/computer/generated/igv34.js
Requested by: Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e081deb7cbefb96eb3f3d0b9b7a8f13c94dc7ed09b2cfeb129847326efd0b22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 02:07:46 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 30 Sep 2021 17:36:10 GMT
Server: nginx
Age: 12571
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript; charset=utf-8
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Cache-Control: no-cache="set-cookie"
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: dvE1M_9Ig0PpyzomVLUmGUUP8ZJI9oFxa4Zw3o9hYpcsYN56QOX50g==

GET
H/1.1 200
OK on_error.png
d1zscdb5kxpxcu.cloudfront.net/assets/common/img/ 4 KB
4 KB 15ms
7ms Image
image/png 18.66.107.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zscdb5kxpxcu.cloudfront.net/assets/common/img/on_error.png
Requested by: Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b8c6a7960b3f71ba8707167b57c17794ba85f2bd9f3980bd93608500dbda894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 08:00:49 GMT
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Age: 16061787
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3754
Last-Modified: Tue, 06 Oct 2020 23:27:00 GMT
Server: nginx
ETag: "5f7cfd44-eaa"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: KHPuFMG4nzBnCQNvU2LVk4urL_4w-I0q38LFmrzbX4i8Zc9D4mkIiw==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
d1zscdb5kxpxcu.cloudfront.net/assets/common/fonts/ 63 KB
64 KB 23ms
8ms Font
application/octet-stream 18.66.107.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zscdb5kxpxcu.cloudfront.net/assets/common/fonts/fontawesome-webfont.woff2
Requested by: Host: d1zscdb5kxpxcu.cloudfront.net
URL: https://d1zscdb5kxpxcu.cloudfront.net/assets/computer/generated/igv40.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://d1zscdb5kxpxcu.cloudfront.net/assets/computer/generated/igv40.css
Origin: https://www.iglobal.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 05:29:08 GMT
Via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
Age: 11232489
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64464
Last-Modified: Mon, 26 Apr 2021 15:28:06 GMT
Server: nginx
ETag: "6086dc06-fbd0"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: r3n09v8LcqwrjACxSxeL4cS6V2yHyj_z5YXlfOdi-UWj5zj05VoZrA==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 30ms
6ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d1zscdb5kxpxcu.cloudfront.net
URL: https://d1zscdb5kxpxcu.cloudfront.net/assets/computer/generated/igv34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 5771
date: Wed, 20 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 20 Oct 2021 06:01:06 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 271 KB
97 KB 59ms
37ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1542063256585005

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

3970aa6c7fe64632262645b7bb0ea4e1b138d0ddde8d649c587b6b444de57da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99349
x-xss-protection: 0
server: cafe
etag: 14003910082488433168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 05:37:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/ Frame 5B7C 10 KB
5 KB 49ms
13ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1542063256585005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211018/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iglobal.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 19 Oct 2021 14:30:45 GMT
expires: Tue, 02 Nov 2021 14:30:45 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 54393
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1026477976&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media&ul=en-us&de=UTF-8&dt=SHOW%20ME%20UP%20MEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2135678911&gjid=1139939075&cid=1659886742.1634708238&tid=UA-124552-20&_gid=335486148.1634708238&_r=1&_slc=1&z=166962934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iglobal.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.iglobal.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
656 B 67ms
25ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.iglobal.co&callback=_gfp_s_&client=ca-pub-1542063256585005

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f0eebcd7d81fbe8adf4e20fcac5c1cf9d1dcbcddcdc141984a317daff7d1495c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&tn=DIV&id=ig-main&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 77ms
34ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.iglobal.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 05:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E518 205 KB
44 KB 1019ms
994ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&adk=1812271804&adf=3025194257&lmt=1634708238&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708237992&bpp=2&bdt=172&idt=96&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7115496325909&frm=20&pv=2&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8141eac8760f07eb89366858fa0cd762d68042e614256a3458d76fbc0c1a6220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1542063256585005&output=html&adk=1812271804&adf=3025194257&lmt=1634708238&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708237992&bpp=2&bdt=172&idt=96&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7115496325909&frm=20&pv=2&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iglobal.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Oct 2021 05:37:19 GMT
server: cafe
content-length: 44782
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 05:52:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 05:37:19 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0727 603 B
68 B 54ms
36ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4592985641236670&output=html&h=15&slotname=8474587873&adk=191214660&adf=2338692533&pi=t.ma~as.8474587873&w=728&lmt=1634708238&psa=0&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708237994&bpp=3&bdt=174&idt=111&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7115496325909&frm=20&pv=2&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=290&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YzJuX825m3&p=https%3A//www.iglobal.co&dtd=114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4592985641236670&output=html&h=15&slotname=8474587873&adk=191214660&adf=2338692533&pi=t.ma~as.8474587873&w=728&lmt=1634708238&psa=0&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708237994&bpp=3&bdt=174&idt=111&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7115496325909&frm=20&pv=2&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=290&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YzJuX825m3&p=https%3A//www.iglobal.co&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iglobal.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Oct 2021 05:37:18 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 05:52:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 05:37:18 GMT
cache-control: private

GET
H2 200 nr-1198.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 28ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1198.min.js
Requested by: Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "59c98195ba35e0b45cbe2e5beebd1ac8"
x-amz-request-id: 08AK5FKX4FNA2XR0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10682
x-amz-id-2: andaonyM/hgrb21SONVV4FCGkoPCx7nYKn9ukoek/YsV8hjRlnru6RbE1dGMRhyZ9OHdwh51jHo=
x-served-by: cache-hhn4070-HHN
last-modified: Fri, 29 Jan 2021 19:19:08 GMT
server: AmazonS3
x-timer: S1634708239.170846,VS0,VE0
date: Wed, 20 Oct 2021 05:37:19 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 46

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 34ms
20ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211018&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

39611a556f8f48d940ce89a08ca69c9750ce6eb4f4c8993c165212d04974fb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 05:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8427
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 143 KB
51 KB 53ms
53ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

65df9ee8b02291bd97d41fc726e63cef862534fc636cd566498ff179cea680ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52650
x-xss-protection: 0
server: cafe
etag: 12434589335017691048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 05:37:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.iglobal.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 05:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2460 71 KB
27 KB 509ms
508ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

23a0a8d14c93cb5dac25a7faf0e5ac9c8c7537a65f9175b9818cbc46c82e55ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iglobal.co/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Oct 2021 05:37:19 GMT
server: cafe
content-length: 27901
x-xss-protection: 0
set-cookie: IDE=AHWqTUl2fdsXJXNNk28dCvml5C8_fALrncwCI_nO_eWiYPptAYA0KOuUb1yv4A6BHPU; expires=Fri, 20-Oct-2023 05:37:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 05:37:19 GMT
cache-control: private

GET
H/1.1 200
OK 1d395453ff Show response
bam-cell.nr-data.net/1/ 49 B
711 B 615ms
567ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/1d395453ff?a=5937428&v=1198.fe6ec20&to=YldXMUACVkFZARZYV1sddAZGCldcFyENXEhUXExKWw1cV0A%3D&rst=2034&ck=1&ref=https://www.iglobal.co/canada/toronto/show-me-up-media&ap=43&be=693&fe=2000&dc=867&perf=%7B%22timing%22:%7B%22of%22:1634708237148,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:11,%22c%22:11,%22s%22:107,%22ce%22:304,%22rq%22:304,%22rp%22:544,%22rpe%22:545,%22dl%22:672,%22di%22:867,%22ds%22:867,%22de%22:875,%22dc%22:1999,%22l%22:1999,%22le%22:2002%7D,%22navigation%22:%7B%7D%7D&fp=788&fcp=788&at=ThBURwgYRU8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 05:37:19 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a0fe4bf3ee327a0-PRG

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 67ms
30ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 20 Oct 2021 05:37:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.iglobal.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 05:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/ Frame 295A 10 KB
5 KB 16ms
16ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iglobal.co/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 19 Oct 2021 15:06:51 GMT
expires: Tue, 02 Nov 2021 15:06:51 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 52228
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 css2
fonts.googleapis.com/ Frame 295A 4 KB
1 KB 37ms
16ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 05:29:02 GMT
server: ESF
date: Wed, 20 Oct 2021 05:37:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 05:37:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 295A 205 B
764 B 28ms
6ms Image
image/png 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 12:12:36 GMT
x-content-type-options: nosniff
age: 62683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Oct 2022 12:12:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 295A 604 B
695 B 28ms
7ms Image
image/png 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:42:44 GMT
x-content-type-options: nosniff
age: 28475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Oct 2022 21:42:44 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/ Frame 295A 18 KB
8 KB 23ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

73a87e1c0cffc78b42a822667206698e68ef4c25cd521d9082fc41ad87b14b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 5766211372787435734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:08:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5B4C 12 KB
5 KB 15ms
6ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iglobal.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 20 Oct 2021 05:29:57 GMT
expires: Thu, 20 Oct 2022 05:29:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4335 783 B
1 KB 37ms
16ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

9906371777389b054dd4e565bb87b800a53eadb4502d19f434e87bf89af4e4ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EoNw4eJbt4wh5PFlEkTw9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.iglobal.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 20 Oct 2021 05:37:19 GMT
date: Wed, 20 Oct 2021 05:37:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EoNw4eJbt4wh5PFlEkTw9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B4C 35 KB
13 KB 13ms
13ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 19 Oct 2022 19:47:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8415 2 KB
533 B 30ms
16ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 05:23:28 GMT
server: ESF
date: Wed, 20 Oct 2021 05:37:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 05:37:19 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 8415 2 KB
912 B 6ms
6ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:15:39 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame 8415 18 KB
8 KB 6ms
6ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7699
x-xss-protection: 0
server: cafe
etag: 16022440550062051545
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:09:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 8415 3 KB
1 KB 8ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:15:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8415 122 KB
38 KB 47ms
24ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 05:37:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 8415 14 KB
6 KB 8ms
7ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
server: cafe
etag: 5128541104351419840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:13:05 GMT

GET
H3 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 8415 27 KB
11 KB 21ms
7ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 12:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 16 Jan 2022 12:52:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4335 0
0 29ms
29ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211018&jk=229067198583048&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 190A 35 KB
13 KB 14ms
13ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: www.iglobal.co
URL: https://www.iglobal.co/canada/toronto/show-me-up-media

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 19 Oct 2022 19:47:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211018&jk=229067198583048&bg=!29il2JzNAAao6lBpqOo7ACkAdvg8WrQMETUxZ7Q6wpKBULz5i285a9kkZ3U9WqsL-F36Xlq-NhpVMgIAAAC4UgAAAAhoAQcKAJ7uDE7UW40nIwMN-GDk5NGcjRPUrL3DAX_8Qe21Y4K_Z-HwRCaV_og-2iZscEV7sIPJ4ts4_L5GLfVaXjrzOiZQQ5JZp-ahQyBn9UddvEfFVGUioNACGo8TmzlC5GfuOKRbdhqqWjmdPES6nRIM89HPNyE8OWzYB3lPfAZpzvPR2BALRtwXeQgnpaU2cDcpQ4G2qSqD8EVzuYpvNjrDBpkCrE_CQK2murmFx_06oFDbZvHvKv7ZFMo9JSYtTjSQxh-vVlSbVwnxuBLJ7tcU6lFr4X1pom2kTlM5w4BISg2FoglmoeT2jvvnsJh62XVk-5R8_AQehan_eQiXyn3bmillADhgeFhCZ1hloDmGifDtA1G4E_FtHZiocJhLWr4cd38sbqDUiMzKN2SK9eCxLrcW-yI8_Qp6B1TM9kbjdQ3NCrCfUqIOGdwdblZrmXXod35pC4utV3VSbbFkCgbeoaWHp7aWob1TJvg2IhCoTTu5kZVv1UZtQE_hmbON8g8Xcth-dt6Kmo28-8YDKWb-2LUL-3TGF-wisr42WZCVGFon-1slJrK-hwcklHzresQJEHOD45_9rS3vVYJ5iexRCNda_PhxXVj4CLdwVcm5DfDeI6tBvGBkOvydq7Q_isGbOejK06pH7scOHWMVQenPjbHOnVUnLTSovr9_4gec6ajyV-2rZauEg7FI0l5GUrzrHtpIt1zHzxyYtY8Q-KuOeXhwNSEJZ-GJBYFHfLP1fIuJ5SZHGSc_f932VywiNnrOcYxCdqUOJHtDXOh7Mt_43LC2puQwEtUrYfwp4JMTgc2ExAoZXsQEY_ADiXDVeXoUhaAxt4ox9WvGLQw0bY0PL5CZ-PB3Ny1K7zI_sJEacC9bhAHYwODhzzJheEWadXnffo04nL2TyVj9niZkKiht4GrdW9xTsJy7Zi1CsoMO9TvxIz_QSVFfy9Y7aHRqsAi2N8qRJQJzRibG71zo4bxyutgATtjqzr_k2NAJ3lvNLy0nrz5q55fvbXMXKGRqOT1ukvmG3mTPyaGkJqwqvknN-MN_t8WPh1AiDXNpCYKuLyAFGwY4YL9SciUjA7eA-yvE08FHHAxl_1oBbhWaSoXYsCvudv1ztbLIvGoYgvgUpA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.iglobal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 13333327225507076787
tpc.googlesyndication.com/simgad/ Frame 2460 25 KB
25 KB 7ms
7ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13333327225507076787?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkLKCpWyU0dTLu-WKPFVms9Qoza_g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

8a73e2cc9631dbb6b86e7c3b198546b15d82f04fe474e3d7a51a55bd052a8df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:33:20 GMT
x-content-type-options: nosniff
age: 32639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25944
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 13:10:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Oct 2022 20:33:20 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame 2460 18 KB
8 KB 6ms
6ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7699
x-xss-protection: 0
server: cafe
etag: 16022440550062051545
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:09:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 2460 3 KB
1 KB 9ms
8ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:15:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2460 122 KB
37 KB 51ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 05:37:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 2460 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
server: cafe
etag: 5128541104351419840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 05:13:05 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 2460 27 KB
11 KB 9ms
9ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

21c293e6df6dde82c613e769026a9d9e4d1a67511d217141afa59f3838926318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 14:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11253
x-xss-protection: 0
server: cafe
etag: 15720074209988684830
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Nov 2021 14:35:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2460 0
0 33ms
32ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-f0cD6tvYbWsDMXy3wO1_L2QDtyt8OBl3ZXVoMYOv-iivcABEAEg8NDgJGDJBqABzM-t1QPIAQKoAwHIA8kEqgTmAU_QNo4bRmq_Ixf4_WL7FbskrBLbrFNvY7nhnobR0YOy1LujdjH1wo-qgOCm0xUmQGBg387QN9HSDf_UBmxNjbtaPMztG4HwD4kFG3IaKh-WE6Qcsa8k756Q3Sm20dDRlx_85KPjREhMyRIX6oyBlvBcHaCGAfMWopvLMePUbx1VS2EyLcb0l0Au2Bj8PCixECGIuAW8R3dfppqb18OjwfrKi774sPIccmxhim3B-p91FD8oY7X9OjLFK2i2vqF_fBUXw7o25qoEwRGRREdDqZ3nmsSK3gpwzu3UnKcHofGm0NfeG5bewATO1IyX1AOgBgKAB8GosIsBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHAxCrf9IIBwiAYRABGF-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItMTU0MjA2MzI1NjU4NTAwNRgA&sigh=kjPlR-36YiU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Oct 2021 05:37:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6754 143 B
163 B 16ms
16ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUl2fdsXJXNNk28dCvml5C8_fALrncwCI_nO_eWiYPptAYA0KOuUb1yv4A6BHPU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 20 Oct 2021 04:43:02 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A94 1 KB
749 B 14ms
13ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 19 Oct 2021 21:06:15 GMT
expires: Wed, 20 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 30664
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5A94 35 B
464 B 32ms
9ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJNiyr1v3iaG4YphQDOIZBk&google_cver=1&google_push=AYg5qPLR9uD-wz4UWUDhz5iy22JDEX_-0SDciHcUo-6gqWBVTJuqSmr2Y7HYTpV1EvgDm7LPh-4-uwADoT-tE30YqXOnY0DhRFc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A94
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIL-FO6uTeqOGkgHYIJ8QYEiHO2RxKiPpdiU8F...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVdAckR3QUFBZTh3bWxiZQ&google_push=AYg5qPIL-FO6uTeqOGkgHYIJ8QYEiHO2RxKiPpdiU8FmR-49y0RmFzr-iEY6V9XX2SlW2SAcKOT0pPss-DMqQyytf2Jw-Bc4cb0

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVdAckR3QUFBZTh3bWxiZQ&google_push=AYg5qPIL-FO6uTeqOGkgHYIJ8QYEiHO2RxKiPpdiU8FmR-49y0RmFzr-iEY6V9XX2SlW2SAcKOT0pPss-DMqQyytf2Jw-Bc4cb0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVdAckR3QUFBZTh3bWxiZQ&google_push=AYg5qPIL-FO6uTeqOGkgHYIJ8QYEiHO2RxKiPpdiU8FmR-49y0RmFzr-iEY6V9XX2SlW2SAcKOT0pPss-DMqQyytf2Jw-Bc4cb0
Date: Wed, 20 Oct 2021 05:37:19 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A94
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENmysAfeA_4DgIQ47lxuQnQ&google_cver=1&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O
https://rtb.openx.net/sync/dds?google_gid=CAESENmysAfeA_4DgIQ47lxuQnQ&google_cver=1&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O&google_hm=zteLPZGMzUgzg5G-9OuRJg==

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O&google_hm=zteLPZGMzUgzg5G-9OuRJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeWc5UdLmn3MXwrYt_DEuftiHSPTzcvK68_VLBHoy95EL4sF072H-AIFMLXfSU2nZ767Il0Z7lcy3u8s1RFL4I4E5b304O&google_hm=zteLPZGMzUgzg5G-9OuRJg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: g513fr2kn2qb71uii6jfjisup1urij7o

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A94
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=463fvecaTvOCOZTjoEpqTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=463fvecaTvOCOZTjoEpqTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJfkvtwxFzLkb4USK63FkDmJET9miTvJBvw4yMmtZVgV3Oztc_QY16a8LhQeY-0OlOtzeZsKcFSnHH7PSnL8Ifd5f-vFRIp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=463fvecaTvOCOZTjoEpqTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJfkvtwxFzLkb4USK63FkDmJET9miTvJBvw4yMmtZVgV3Oztc_QY16a8LhQeY-0OlOtzeZsKcFSnHH7PSnL8Ifd5f-vFRIp
date: Wed, 20 Oct 2021 05:37:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A94
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAZ6QD3Boe-ygEuSfAPLiCw&google_cver=1&google_push=AYg5qPI9XouBQnEB0fRww2b8yXWYT-zAXZ48AAZQnNxc2a2e7EhLvfpJmico17XAOsuj7k7wNsG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMzJVRzEtUy1FM0xE&google_push=AYg5qPI9XouBQnEB0fRww2b8yXWYT-zAXZ48AAZQnNxc2a2e7EhLvfpJmico17XAOsuj7k7wNsGUGv1gwPtalTlBgpwmP4Fn4nPu

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMzJVRzEtUy1FM0xE&google_push=AYg5qPI9XouBQnEB0fRww2b8yXWYT-zAXZ48AAZQnNxc2a2e7EhLvfpJmico17XAOsuj7k7wNsGUGv1gwPtalTlBgpwmP4Fn4nPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 05:37:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VaMzJVRzEtUy1FM0xE&google_push=AYg5qPI9XouBQnEB0fRww2b8yXWYT-zAXZ48AAZQnNxc2a2e7EhLvfpJmico17XAOsuj7k7wNsGUGv1gwPtalTlBgpwmP4Fn4nPu
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 5A94
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECALgoWFyar1S11ki_mZMhY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHU...

0
0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 5A94 0
44 B 728ms
241ms Image
text/plain 54.150.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEMIaeYhsZv-PzT0ZkFWBUxE&google_cver=1&google_push=AYg5qPJq6_TbajtwGt15X3OyADy6T3vetdVzagKDErVw08xY73GYmm8AMV_PPFOVUwHkTxX4RtP3QfKk_5LojhJkB9eirjPI6rif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1542063256585005&output=html&h=240&adk=1037806272&adf=1992905307&pi=t.aa~a.1267109807~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1634708239&rafmt=1&to=qs&pwprc=6623992986&psa=0&format=300x240&url=https%3A%2F%2Fwww.iglobal.co%2Fcanada%2Ftoronto%2Fshow-me-up-media%23&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634708239163&bpp=1&bdt=1344&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da70617a6753f7f1f-2233234cf9ca0009%3AT%3D1634708238%3ART%3D1634708238%3AS%3DALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA&prev_fmts=0x0&prev_slotnames=8474587873&nras=2&correlator=7115496325909&frm=20&pv=1&ga_vid=1659886742.1634708238&ga_sid=1634708238&ga_hid=1026477976&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=176&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063005%2C31062944%2C31062524%2C31063139&oid=2&pvsid=229067198583048&pem=828&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KxRjyNGLCJ&p=https%3A//www.iglobal.co&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.96.104 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-96-104.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:20 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A94 0
78 B 21ms
21ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlFr_Uf_cZZ4M_8GKlZ33ox1UfueV2HWHnON9m3AQBqEQpYajP8VEDQG5NItpDCVNE1Vlm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:37:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6754
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

61ms
61ms

Document
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUl2fdsXJXNNk28dCvml5C8_fALrncwCI_nO_eWiYPptAYA0KOuUb1yv4A6BHPU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 20 Oct 2021 05:37:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 20-Oct-2021 06:37:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 05:37:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 20 Oct 2021 05:37:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 2460 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85fa491d177718058a2329fabbc095b1fbce19a67d5983675e2bcda83ec42f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 36D5 35 KB
13 KB 14ms
13ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 19 Oct 2022 19:47:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iglobal.co/	1970-01-19 22:15:13	Name: ig_user_location Value: %7B%22country_code%22%3Anull%2C%22country_name%22%3Anull%2C%22city%22%3Anull%2C%22city_permalink%22%3A%22n-a%22%2C%22latitude%22%3Anull%2C%22longitude%22%3Anull%2C%22location_method%22%3A%22GeoIP%22%7D
www.iglobal.co/	1970-01-19 22:06:34	Name: AWSELB Value: 031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D
www.iglobal.co/	1970-01-19 22:06:34	Name: AWSELBCORS Value: 031BA1731A8F28BF3743AE8D44AB3B0937981F0FA253AB94FC43FC7B6C4718E419D9D4018811A479ECDDAAD9D19534BEE15F38F16FE7466D5C77D69CD8DC3B2F162027D09D
.iglobal.co/	1970-01-20 15:36:20	Name: _ga Value: GA1.2.1659886742.1634708238
.iglobal.co/	1970-01-19 22:06:34	Name: _gid Value: GA1.2.335486148.1634708238
.iglobal.co/	1970-01-19 22:05:08	Name: _gat Value: 1
.iglobal.co/	1970-01-20 07:26:44	Name: __gads Value: ID=a70617a6753f7f1f-2233234cf9ca0009:T=1634708238:RT=1634708238:S=ALNI_MakCSq7_P1uKmta6yjY3UcLl9k_YA
.doubleclick.net/	1970-01-20 15:36:20	Name: IDE Value: AHWqTUl2fdsXJXNNk28dCvml5C8_fALrncwCI_nO_eWiYPptAYA0KOuUb1yv4A6BHPU
.quantserve.com/	1970-01-20 00:14:44	Name: d Value: EH8BCQHDJIEA
.quantserve.com/	1970-01-20 07:35:22	Name: mc Value: 616fab0f-bc4c1-f3768-a8401
.openx.net/	1970-01-20 06:50:44	Name: i Value: c22d3e58-918d-4b91-8f21-15e143d59861\|1634708239
.casalemedia.com/	1970-01-20 06:50:44	Name: CMID Value: YW.rDz8DGx-k6vEq1qlbYAAA
.casalemedia.com/	1970-01-20 00:14:44	Name: CMPS Value: 3203
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 63e3de8efaa45b24
.pubmatic.com/	1970-01-19 22:06:34	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 00:14:44	Name: CMPRO Value: 1213
.casalemedia.com/	1970-01-19 22:06:34	Name: CMST Value: YW+rD2Fvqw8A
.pubmatic.com/	1970-01-20 00:14:44	Name: KADUSERCOOKIE Value: E3ADDFBD-E71A-4EF3-8239-94E3A04A6A4F
.doubleclick.net/	1970-01-19 22:05:11	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW-rDz8DGx_k6vEq1qlbYAAABL0AAAAB&google_push=AYg5qPKEPqDHe4Pda7kLrHgcIhLiFLH7-ZbTL0GyzyR09iOUtGeMLlUyM04i44vd10lMEdNeRoAT6wZWh2dhsyLTHUZ7ds71t90k&google_cver=1&google_gid=CAESECALgoWFyar1S11ki_mZMhY Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
bam-cell.nr-data.net
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
d1zscdb5kxpxcu.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
image6.pubmatic.com
js-agent.newrelic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.iglobal.co
cm.g.doubleclick.net
142.250.184.194
142.250.184.226
142.250.185.100
142.250.185.162
142.250.185.225
142.250.185.227
142.250.186.162
142.250.186.42
142.250.186.78
151.101.130.137
162.247.243.146
172.217.18.98
18.66.107.129
185.64.190.78
23.23.113.145
35.186.253.211
52.18.11.109
54.150.96.104
69.173.144.138
91.228.74.133
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01d7134292c876822e5806ca3da69d5c4c85d5a8b73f2e3a6292f17ea67e8b3f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
21c293e6df6dde82c613e769026a9d9e4d1a67511d217141afa59f3838926318
23a0a8d14c93cb5dac25a7faf0e5ac9c8c7537a65f9175b9818cbc46c82e55ce
39611a556f8f48d940ce89a08ca69c9750ce6eb4f4c8993c165212d04974fb8a
3970aa6c7fe64632262645b7bb0ea4e1b138d0ddde8d649c587b6b444de57da2
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
4b65ad014f5d52f4e51ced795026f9e744219929f0807842c4f912bbbe16c1f7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e081deb7cbefb96eb3f3d0b9b7a8f13c94dc7ed09b2cfeb129847326efd0b22
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5b8c6a7960b3f71ba8707167b57c17794ba85f2bd9f3980bd93608500dbda894
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
65df9ee8b02291bd97d41fc726e63cef862534fc636cd566498ff179cea680ce
73a87e1c0cffc78b42a822667206698e68ef4c25cd521d9082fc41ad87b14b26
8141eac8760f07eb89366858fa0cd762d68042e614256a3458d76fbc0c1a6220
85fa491d177718058a2329fabbc095b1fbce19a67d5983675e2bcda83ec42f17
8a73e2cc9631dbb6b86e7c3b198546b15d82f04fe474e3d7a51a55bd052a8df3
8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852
92a05c87b5b931b139c533fd8cb480a70e2d9ed1936c13e38864aae79f64de32
9906371777389b054dd4e565bb87b800a53eadb4502d19f434e87bf89af4e4ef
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d
c057bdca740d0b32f0adabf22bfa8102e24fa90a2200a012bc44aa67865ac431
e06222c2c6424e440cd22d9b81e24feef3f51e79e24e877b462cea25d23835c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
f0eebcd7d81fbe8adf4e20fcac5c1cf9d1dcbcddcdc141984a317daff7d1495c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.iglobal.co Open in urlscan Pro 23.23.113.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

0 %IPv6

18 Domains

21 Subdomains

17 IPs

6 Countries

741 kBTransfer

2018 kBSize

19 Cookies

4 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.iglobal.co Open in urlscan Pro
23.23.113.145 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

0 %
IPv6

18
Domains

21
Subdomains

17
IPs

6
Countries

741 kB
Transfer

2018 kB
Size

19
Cookies

62 HTTP transactions
1 data transactions