ja.calgraf.com Open in urlscan Pro
104.21.62.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ja.calgraf.com/
Effective URL:
https://ja.calgraf.com/
Submission: On March 03 via manual (March 3rd 2021, 7:43:02 am UTC) from JP

Summary HTTP 204 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 20 domains to perform 204 HTTP transactions. The main IP is 104.21.62.125, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.calgraf.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 22nd 2020. Valid for: a year.

This is the only time ja.calgraf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	104.21.62.125 104.21.62.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:80f::2010	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 16	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	80.239.201.87 80.239.201.87	1299 (TELIANET ...) (TELIANET Telia Carrier)
29	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
5	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
20	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4 4	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
4	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
7 7	52.57.167.187 52.57.167.187	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
4 6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 2	3.121.49.210 3.121.49.210	16509 (AMAZON-02) (AMAZON-02)
204	27

19 104.21.62.125 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ja.calgraf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
calgraf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.calgraf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.239.201.87 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-87.teliacarrier-cust.com

ymetrica1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a4bb27adf5884c8535e8ef6501ae3ddd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

bk.jampartizan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.253.128.188 (Amsterdam, Netherlands) 4 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.57.167.187 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-167-187.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.49.210 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-49-210.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	googlesyndication.com a4bb27adf5884c8535e8ef6501ae3ddd.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	533 KB
44	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	250 KB
19	calgraf.com 1 redirects ja.calgraf.com calgraf.com i.calgraf.com	123 KB
16	yandex.ru 1 redirects mc.yandex.ru	68 KB
13	googletagservices.com www.googletagservices.com	402 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	105 KB
8	google.com 4 redirects adservice.google.com www.google.com	1 KB
7	bidswitch.net 7 redirects x.bidswitch.net	3 KB
7	zx-adnet.com cdn.zx-adnet.com	132 KB
5	jampartizan.com bk.jampartizan.com	7 KB
4	blismedia.com tr.blismedia.com	478 B
4	simpli.fi 4 redirects um.simpli.fi	2 KB
4	googleapis.com storage.googleapis.com fonts.googleapis.com	3 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	google.de adservice.google.de	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
1	rfihub.com 1 redirects p.rfihub.com	743 B
1	googleadservices.com partner.googleadservices.com	480 B
1	ymetrica1.com ymetrica1.com	370 B
204	20

	Domain	Requested by
46	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com ja.calgraf.com
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
17	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.calgraf.com
16	mc.yandex.ru	1 redirects ja.calgraf.com
15	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com bk.jampartizan.com googleads.g.doubleclick.net
13	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net
12	cm.g.doubleclick.net	googleads.g.doubleclick.net
9	i.calgraf.com	ja.calgraf.com
8	calgraf.com	ja.calgraf.com
7	x.bidswitch.net	7 redirects
7	cdn.zx-adnet.com	ja.calgraf.com cdn.zx-adnet.com
6	www.google.com	4 redirects googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	bk.jampartizan.com	ja.calgraf.com pagead2.googlesyndication.com
4	tr.blismedia.com	googleads.g.doubleclick.net
4	um.simpli.fi	4 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	rtb.mfadsrvr.com	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects ja.calgraf.com
2	stackpath.bootstrapcdn.com	ja.calgraf.com stackpath.bootstrapcdn.com
2	ja.calgraf.com	1 redirects
1	p.rfihub.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	a4bb27adf5884c8535e8ef6501ae3ddd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ymetrica1.com	mc.yandex.ru
1	storage.googleapis.com	cdn.zx-adnet.com
204	29

This site contains links to these domains. Also see Links.

Domain
calgraf.com
sl.calgraf.com
hr.calgraf.com
uk.calgraf.com
bg.calgraf.com
cs.calgraf.com
pl.calgraf.com
sr.calgraf.com
ar.calgraf.com
da.calgraf.com
de.calgraf.com
el.calgraf.com
en.calgraf.com
es.calgraf.com
et.calgraf.com
fi.calgraf.com
fr.calgraf.com
hi.calgraf.com
hu.calgraf.com
id.calgraf.com
it.calgraf.com
iw.calgraf.com
ko.calgraf.com
lt.calgraf.com
lv.calgraf.com
ms.calgraf.com
nl.calgraf.com
no.calgraf.com
pt.calgraf.com
ro.calgraf.com
sv.calgraf.com
th.calgraf.com
tr.calgraf.com
vi.calgraf.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-22` - `2021-09-22`	a year	crt.sh
www.lamato.de GTS CA 1D2	`2021-01-23` - `2021-04-23`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
ymetrica.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
enterprise.mlw.life GTS CA 1D2	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tr.blismedia.com GTS CA 1D2	`2021-01-03` - `2021-04-03`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://ja.calgraf.com/
Frame ID: CDF97D5FD0E98C3D4FAA7F9B7F585C0B
Requests: 63 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLHTSd-zaamqPPAKZFWwfx0Yys9ZHD6FJ8W3pAELeUl0C5l2yA2fzcKgiuHJcu3lDEwjPVOoQwgIUkq5NkCPOwZUeUOI9HsRl5gTlT6GxMJeJ1FlJGMVDa0J_vVJQv7h1xoN6BRh8Ab2PSY9SVDCNdAJDByjwVFSM8UMys_M1bQXPJCGbkzle6q164IHGboVg_MdESMxwRuw8w6iXrRHVHjd_D-DX6g9ttR3ncwlNVylePbp744lUtqo8TgIMfE-a8hldau8Lyx4CtuvNUUtWDR6GMI7wxkqM&sai=AMfl-YQMecdc0NIcaoRYSHu2dyeZcJcxZEPyYuRXdUWKKC_9n2QSi0Gys_VQqYE-nt-PRy_DWblm6DshP--A4yZMvWWx2ODxKtqWPnDzCUO_w81cDLYqEEDD_Dt916CYm7Y&sig=Cg0ArKJSzPnfbmr5wTlJEAE&urlfix=1&adurl=
Frame ID: C4968CE5CBFD05D9FA1BB8ADECC991AC
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWpTXOnTRZo7fFKSze7B-zAsd9sl7RMQxwTFkwbPYHgldFWIKedvaPXi3NnmeAq4Nv60tOtLNDiaXhsh0BoiTlIbmcqpLmd_bWWXnVdxg-X7fLemX3z0YLMrxy1V1MWFtw1lZ3jDNsfV1WuKYocrxdWqdVNi0pTtagKNaClzPFWiRsSEpMXRf6QafcxDA6bs-fpRiqG3FM_z1cl__iBU3Rd7NDjVRSj16EsyGlfD4OpQzOs3fHTdWQaT7erCGMLWunHVUZ46oX-S1SjHCivuerLTimTrM_zvI&sai=AMfl-YR_ruYTXMDzey5MsGxKI9nBlN_b9kvj0TGMKyBZpdvWBjb_3oUzJkN4C9GSLuEAv2ueeRVANfBMOzKJNivvhmxudqMiTp_UIrZhRVSW3hhB6Tc9bM6LMZFEx7i2gsLW&sig=Cg0ArKJSzJl-749YD6KZEAE&urlfix=1&adurl=
Frame ID: 8B277994581728139DED23D93D012C7A
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAta_OHZPqtyAS-FcqH01ehJdgKx3kH_Z4E9ikXa01w4FDtGV6hzX0PyI_4jERBthX0BtQHdCFXXeLd-uxR2_PyIIWBcyHzEMVYanMOBV8oR6WSxxYg_UlfvVVHaD_5squU09a_OQECr5Ab9uE4X35nKHuMGR72LkLXqj4vIj_SkvSWejEP5_YEX84n4pxzXiUWx2bXENbBOwBCsfpGS_lF2GLtyLKjMVHjLbLBFqtk8TyngcDywO5QgBcZk0p1bAoVRgpyHpwnEcvqFJ1gOhpVlOl7C4hh9ZKl2e5zg&sai=AMfl-YQ1rpdlCeZ_iuTCfZTv5zHUmmcYUFfdM_E5-0tepMQsDAtWkRwPBvOuBTQ9vwRooOSzMJEBqU-y0cNzUiVOY4-mlV7MiIkIdYUEEJGgTCtQNGKgshtN9aZobm7Icc0H&sig=Cg0ArKJSzLRHTcHK45q7EAE&urlfix=1&adurl=
Frame ID: A626E83F803C0A2F7E624D2BEB4710BF
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO__7Muk8g1uldS3iwWg0qWK8qCsLJ8kivS5GzCrvWVn8fo0TpvqBymmYlhyPETNDzYfWIAwzuNv28XLoAq3dE3qa87Q8EDFn19go6CUSTZp3Tys7VPNkA_pkVr0E7Z5xxPhq5JtGtDxWTMfGr55V7mOmIhASJtIYfHsS_Yw3TivDLC_hf0kW1V9Nwlhh1HIEzKPqEE5x28bhSHbOoXqa2UJaInwicW0L4s2BvEaxJho9B6CmRtcFIHgYRWCg_A8QcZfKEfWJ-NBWNp4vbEwQqg5Vx7HeUsbM&sai=AMfl-YTRLmpER3d_xn7wimgBvZThh5aUIXRDbWR0-KUHd9KJnK2FYFCl3pUbIqA-48cQzXhm-NV59vN6Z63pcI2znLbgrjAA_q87edageQ_VECm77G_9q9VQEJvFaXB0qFO2&sig=Cg0ArKJSzDFqpNM7_-9HEAE&urlfix=1&adurl=
Frame ID: 1C6ED3A1DF70E2914952DC8EED0E4776
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE2TaY5GxagpQqBZ2HyXRUZTv9tDKKX5DQGAVZpu7Ea98Iuk5MmaQLHCYOw_ubx7nnfVsDDjpQGEN2gJLo2DtfdLODae9I5DGvqcu5K0ZBt-o84Y7jhVLqFiQuPJj7r9K3Iru7hPwxITxqq4ZNFe3CRrGxHFNdypNWH8wEMasWfCRZ3xbOwf-2v_qsdCeAF6T2WuqSvboAEWPexiMdpRgp31eH-Te2YoTGzQFo_a-2juV-svNaWgSR1F5Nb2dVIaEcy19inEZ_bW-1WXDktLILGFkfladN3hH7At2wOf-8QoUam4KM9Bdw3VRS4Q&sai=AMfl-YQphedR1pCD1EcWknCkC3TpJk7-fryr0bboKAVNTumv-uIfuJHktScSrHNcDRougt9Be0Giy73ZGHzu-vsXSNv8TLR48Uc01K4Pu3yPyWB_5cDQk04Tv4HIeoHHXio7&sig=Cg0ArKJSzHgxrVRLotZQEAE&urlfix=1&adurl=
Frame ID: 7444ADB29DC8D94271CCA9DD9F07CC39
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 8526D65BA26F7814239404F82D778531
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210301/r20190131/zrt_lookup.html
Frame ID: 1079BC9B1A0A0126F5096C7908A08D7C
Requests: 1 HTTP requests in this frame

Frame: https://bk.jampartizan.com/adx/1_zxm.html
Frame ID: 497C4BD5AE99EE9B14BA62BD5450FC5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
Frame ID: FE42243DBDBAE534A75CD26315DC971B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
Frame ID: C26F0501E68EA1F6261C5747F2D1ED4A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
Frame ID: 99CC47B503EA23B4B4F4B909AA58BD81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
Frame ID: 842063669BBDAADE39C062E8FFF56C82
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
Frame ID: 695DAD5D624C515AAFA42ED5D83640DD
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4E7EA69D7B79F6125F998A74AB91A200
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D468F797C97834BACCFCE948D4343980
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E92BB1C048EADC6CD0B0055F550C37C5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFE0207AB7CF6F0DAED8FACAB7020F50
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 046B8A510890F67E4DC2339D385BDB40
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C76C6ECAD8942C1BC030948FB224951
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js
Frame ID: F621F336A69022A71CCB135F0C0CEAF7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 1223BCE262F56709937381991B5B10E3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
Frame ID: E316CA900143D79B1B3610B99A7727F0
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js
Frame ID: D3CD9447F7D70252C5BB4D342B7D7870
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2D27CB52329D1CE4E9C983C27D75D57D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 917296E0568CC4A39DA0E3F9AD439CDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js
Frame ID: 4CF69DD911D151FBE6CBF6DF766718E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ja.calgraf.com/ HTTP 301
https://ja.calgraf.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

204
Requests

96 %
HTTPS

60 %
IPv6

20
Domains

29
Subdomains

27
IPs

5
Countries

1708 kB
Transfer

4732 kB
Size

6
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://calgraf.com/

Search URL Search Domain Scan URL

URL: https://sl.calgraf.com/

Search URL Search Domain Scan URL

URL: https://hr.calgraf.com/

Search URL Search Domain Scan URL

URL: https://uk.calgraf.com/

Search URL Search Domain Scan URL

URL: https://bg.calgraf.com/

Search URL Search Domain Scan URL

URL: https://cs.calgraf.com/

Search URL Search Domain Scan URL

URL: https://pl.calgraf.com/

Search URL Search Domain Scan URL

URL: https://sr.calgraf.com/

Search URL Search Domain Scan URL

URL: https://ar.calgraf.com/

Search URL Search Domain Scan URL

URL: https://da.calgraf.com/

Search URL Search Domain Scan URL

URL: https://de.calgraf.com/

Search URL Search Domain Scan URL

URL: https://el.calgraf.com/

Search URL Search Domain Scan URL

URL: https://en.calgraf.com/

Search URL Search Domain Scan URL

URL: https://es.calgraf.com/

Search URL Search Domain Scan URL

URL: https://et.calgraf.com/

Search URL Search Domain Scan URL

URL: https://fi.calgraf.com/

Search URL Search Domain Scan URL

URL: https://fr.calgraf.com/

Search URL Search Domain Scan URL

URL: https://hi.calgraf.com/

Search URL Search Domain Scan URL

URL: https://hu.calgraf.com/

Search URL Search Domain Scan URL

URL: https://id.calgraf.com/

Search URL Search Domain Scan URL

URL: https://it.calgraf.com/

Search URL Search Domain Scan URL

URL: https://iw.calgraf.com/

Search URL Search Domain Scan URL

URL: https://ko.calgraf.com/

Search URL Search Domain Scan URL

URL: https://lt.calgraf.com/

Search URL Search Domain Scan URL

URL: https://lv.calgraf.com/

Search URL Search Domain Scan URL

URL: https://ms.calgraf.com/

Search URL Search Domain Scan URL

URL: https://nl.calgraf.com/

Search URL Search Domain Scan URL

URL: https://no.calgraf.com/

Search URL Search Domain Scan URL

URL: https://pt.calgraf.com/

Search URL Search Domain Scan URL

URL: https://ro.calgraf.com/

Search URL Search Domain Scan URL

URL: https://sv.calgraf.com/

Search URL Search Domain Scan URL

URL: https://th.calgraf.com/

Search URL Search Domain Scan URL

URL: https://tr.calgraf.com/

Search URL Search Domain Scan URL

URL: https://vi.calgraf.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ja.calgraf.com/ HTTP 301
https://ja.calgraf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.calgraf.com/;0.3863643483583119 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.calgraf.com/;0.3863643483583119

Request Chain 30

https://mc.yandex.ru/watch/53304094?wmode=7&page-url=https%3A%2F%2Fja.calgraf.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A7444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1313468415989%3Ahid%3A590388961%3Az%3A60%3Ai%3A20210303084239%3Aet%3A1614757360%3Ac%3A1%3Arn%3A327502346%3Au%3A1614757360598147750%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614757351977%3Awv%3A2%3Ads%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C318%2C12%2C%2C%2C%2C7560%3Adsn%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C308%2C12%2C%2C%2C%2C7560%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614757360%3At%3A%E7%A7%91%E5%AD%A6%E6%8A%80%E8%A1%93%E3%80%81%E4%BB%8A%E6%97%A5%E3%81%AE%E4%B8%96%E7%95%8C%E3%81%AE%E6%9C%80%E3%82%82%E9%87%8D%E8%A6%81%E3%81%AA%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%80%82%E3%82%B5%E3%82%A4%E3%83%88%E4%B8%8A%E3%81%A7%E6%9C%80%E6%96%B0%E3%81%AE%E7%A7%91%E5%AD%A6%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%92%E5%8F%82%E7%85%A7%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82%202021 HTTP 302
https://mc.yandex.ru/watch/53304094/1?wmode=7&page-url=https%3A%2F%2Fja.calgraf.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A7444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1313468415989%3Ahid%3A590388961%3Az%3A60%3Ai%3A20210303084239%3Aet%3A1614757360%3Ac%3A1%3Arn%3A327502346%3Au%3A1614757360598147750%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614757351977%3Awv%3A2%3Ads%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C318%2C12%2C%2C%2C%2C7560%3Adsn%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C308%2C12%2C%2C%2C%2C7560%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614757360%3At%3A%E7%A7%91%E5%AD%A6%E6%8A%80%E8%A1%93%E3%80%81%E4%BB%8A%E6%97%A5%E3%81%AE%E4%B8%96%E7%95%8C%E3%81%AE%E6%9C%80%E3%82%82%E9%87%8D%E8%A6%81%E3%81%AA%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%80%82%E3%82%B5%E3%82%A4%E3%83%88%E4%B8%8A%E3%81%A7%E6%9C%80%E6%96%B0%E3%81%AE%E7%A7%91%E5%AD%A6%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%92%E5%8F%82%E7%85%A7%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82%202021

Request Chain 88

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=ZXM%2Fzxm_optr&adk=3731286713&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_optr&w=1200&fwrn=3&fwrnh=100&format=1200x90&url=https%3A%2F%2Fja.calgraf.com%2F&ea=0&flash=0&fwr=0&rh=90&rw=1200&wgl=1&dt=1614757360645&bpp=15&bdt=57&idt=72&shv=r20210301&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dbae7ddc44747a162-22cb6bb0a9ba0027%3AT%3D1614757360%3AS%3DALNI_MZOkvmtBsafvNkNyp8SGWPfcc7pDA&correlator=1884164454743&frm=23&ife=4&pv=2&ga_vid=343811020.1614757361&ga_sid=1614757361&ga_hid=1360343786&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1215&biw=1600&bih=1200&isw=1600&ish=90&ifk=1462852190&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1710028341841673&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.oaxkwgfwo052&btvi=1&fsb=1&dtd=84 HTTP 302
https://bk.jampartizan.com/adx/1_zxm.html

Request Chain 128

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUKy5E13BlgNRyliAmBNHAUr_OFaZeohdtS4AZp9py7ltVpxt0QDDwBjXtC1cAxOyNzrhzp8U2ehMP9T2t6fxcQZbqRYNdo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUKy5E13BlgNRyliAmBNHAUr_OFaZeohdtS4AZp9py7ltVpxt0QDDwBjXtC1cAxOyNzrhzp8U2ehMP9T2t6fxcQZbqRYNdo

Request Chain 130

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitUIWaea55AMelsC52yKzgIxG66MBMAjlYW9DVtOzkm3Kg-Nn8zq4pu5JisKKjc7gY-8Ebx2qIRSOhTWbGveEHJ404_XdYg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitUIWaea55AMelsC52yKzgIxG66MBMAjlYW9DVtOzkm3Kg-Nn8zq4pu5JisKKjc7gY-8Ebx2qIRSOhTWbGveEHJ404_XdYg HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=1870471593034458867&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 137

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUJl4c4o92NpdzT1Ru5OsGXIvVzMGGSLFyaTjOlULkFjZ276GV1lY0---VEi-YLGZO9cEfMLFWK1BazyUtJT-9tEaYKaJ5Td8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUJl4c4o92NpdzT1Ru5OsGXIvVzMGGSLFyaTjOlULkFjZ276GV1lY0---VEi-YLGZO9cEfMLFWK1BazyUtJT-9tEaYKaJ5Td8w

Request Chain 139

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitULUY_1yR4waTvUFaZZgQKO_Ag8hnuWq9A0EWIizN6r7wgW8maB6gm3pi4BkSuwBTMJS7pKi7VTM2NHKRGFOlkmDXRaBEQaeTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULUY_1yR4waTvUFaZZgQKO_Ag8hnuWq9A0EWIizN6r7wgW8maB6gm3pi4BkSuwBTMJS7pKi7VTM2NHKRGFOlkmDXRaBEQaeTA&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Request Chain 141

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUL7JRyNqfzb_ALemThV2v8K5viJPMv_TYxmPNYgzyCA4oHZx_Uf9SNh3UGEBcdJiguWtolWGGYXkfXhenI1vLy6_zjqIJ5d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUL7JRyNqfzb_ALemThV2v8K5viJPMv_TYxmPNYgzyCA4oHZx_Uf9SNh3UGEBcdJiguWtolWGGYXkfXhenI1vLy6_zjqIJ5d

Request Chain 143

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 179

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUK6gtzevo-i-g7dLXDlCrQZqwIo1revWOGh-TqGiLeeKbUBPD824cIcfmPub2HQbfYcT7Pt2xuIBFbltOB_JKmQixQCLJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUK6gtzevo-i-g7dLXDlCrQZqwIo1revWOGh-TqGiLeeKbUBPD824cIcfmPub2HQbfYcT7Pt2xuIBFbltOB_JKmQixQCLJA

Request Chain 181

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitUJGjEg_FtRz5PTWceHC16Vvt8yoG0ZImuCy96SsPbJubY7XLOe1LStu4dCZ9w-HyHdrjOwASoUy9RYbSlAwgEd1t3aROXJL HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=0cfeb88b-c812-4b0d-a783-5acfbed14005 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=0cfeb88b-c812-4b0d-a783-5acfbed14005 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=bfecfa53-3709-4c94-aa35-2b0e588d6573&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJGjEg_FtRz5PTWceHC16Vvt8yoG0ZImuCy96SsPbJubY7XLOe1LStu4dCZ9w-HyHdrjOwASoUy9RYbSlAwgEd1t3aROXJL&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Request Chain 189

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

204 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ja.calgraf.com/
Redirect Chain

http://ja.calgraf.com/
https://ja.calgraf.com/

91 KB
20 KB

7184ms
7141ms

Document
text/html

104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a89da8fa415e2585e52405662af47220c3c028ae20e2ee0f6b3a585cf54ef10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ja.calgraf.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d368798a9c0d7e71122b0f183ff2f09c01614757352; expires=Fri, 02-Apr-21 07:42:32 GMT; path=/; domain=.calgraf.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=86400
expires: Thu, 04 Mar 2021 07:42:39 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0898a2ea930000c775cfbdd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ifANb5lZKPqjXMUe8SW6sVRTtdZnOtfFmKU6pq6lpNDfgDpPnylIXRSVuVWGtE0DADYr7S%2F4BT%2F7KdtrLbi200vdwRO7iTaG2C%2BbDeFHHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 62a13a8a8ce0c775-AMS
content-encoding: br

Redirect headers

Date: Wed, 03 Mar 2021 07:42:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 03 Mar 2021 08:42:32 GMT
Location: https://ja.calgraf.com/
cf-request-id: 0898a2ea4c00009c991abbb000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VFcCwcYddcrN4CxW2WBqmyMPSzcSC0VwQPxxGP6l8t1J3aSluJLfyfCKA0uV2RZZHDNOnZmvmhltZ1bIeVaUpWvxljkzg5FdkbHPmWcV6A%3D%3D"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 62a13a8a184a9c99-AMS

GET
H2 200 main.min.css
calgraf.com/template/css/ 127 KB
35 KB 44ms
34ms Stylesheet
text/css 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calgraf.com/template/css/main.min.css

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96cc3e09a5b130cc9db6c90c672aca161eb3bd53b0fee244d6501769301e2b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 96554
vary: Accept-Encoding
cf-request-id: 0898a3068a0000c775c023c000000001
last-modified: Thu, 03 Dec 2020 23:30:44 GMT
server: cloudflare
etag: W/"1fc51-5b597bfb7357a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oHSoxHqJP9xk%2BNj%2BmSrJ3NrSHUanQaop8%2Fq2LLOJtprpLmewU%2BCokwCk%2FQoUZHW0ziQVBmVO6Ek9RuA%2B%2FceZpHNRjo350NPdblnR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 62a13ab74dd8c775-AMS
expires: Tue, 16 Mar 2021 04:53:25 GMT

GET
H2 200 jquery.js Show response
calgraf.com/template/js/ 95 KB
32 KB 57ms
47ms Script
application/javascript 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calgraf.com/template/js/jquery.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d4c43f68c47e19be7184c316c903223b984fc57c4634fada219f486663cefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 787302
cf-polished: origSize=97168
vary: Accept-Encoding
cf-request-id: 0898a3068a0000c77574833000000001
last-modified: Thu, 02 Aug 2018 21:00:00 GMT
server: cloudflare
etag: W/"17b90-5727a1821d400-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R5r3zngtMg2Ya1kdk3QKW7mx97Mru8EEDFR4br%2ByawoQ3ywySVa35MOAS6irw%2Bjut%2Bvr157muLjaicnQS4TkxaIBF3xbguCcj83SPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 08 Mar 2021 05:00:57 GMT
cache-control: max-age=1209600
cf-ray: 62a13ab74ddac775-AMS
cf-bgj: minify

GET
H2 200 optr_overlay_19091901.js Show response
cdn.zx-adnet.com/adx/ 5 B
348 B 57ms
17ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/optr_overlay_19091901.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757359.271298,VS0,VE1
etag: "008e573f046db72edd806683cf4c63685d1d8dcc88a7dba93fc5d238aeef0d91"
x-served-by: cache-ams21071-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 03 Mar 2021 07:42:39 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 5
x-cache-hits: 1

GET
H2 200 logo.jpg
calgraf.com/template/img/ 4 KB
4 KB 24ms
23ms Image
image/jpeg 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://calgraf.com/template/img/logo.jpg

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b0d90f08b1ba7421ab0e08d356d85410f09be56222e2d8b4afb56a6c41525d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10120613
vary: Accept-Encoding
content-length: 3753
cf-request-id: 0898a306d10000c7757c1fc000000001
last-modified: Sun, 14 Apr 2019 22:33:43 GMT
server: cloudflare
etag: "ea9-5868520d29fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A8NxbJvZp22lqZ0hJ1Orfocu2Ms%2FVGpecnQvic6qvWgjzddt1ipEb2XU8mPt2lWHa%2BCdNhS%2Btrr4E7FzkFG6PdT%2BoyWTh5FpJlmkYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62a13ab7be95c775-AMS
expires: Sat, 06 Nov 2021 04:25:46 GMT

GET
H2 200 optr_19071801.js Show response
cdn.zx-adnet.com/adx/ 146 KB
19 KB 17ms
17ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/optr_19071801.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7bf0903602b5ed2592fd655af6b3bb6e261678e873475044870b368c19621603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757359.291698,VS0,VE1
etag: "053225e28f9df1981b51363f59cd56f5d63ea3f21439756543774503d70c06a5-br"
x-served-by: cache-ams21071-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 03 Mar 2021 07:42:39 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19709
x-cache-hits: 1

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 20ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 jquery-sticky.js Show response
calgraf.com/template/js/ 7 KB
2 KB 32ms
30ms Script
application/javascript 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calgraf.com/template/js/jquery-sticky.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a486f6038525ea495c131010ac4c9e46688b7affa076a5e4781d9531362ffe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 352351
cf-polished: origSize=16096
vary: Accept-Encoding
cf-request-id: 0898a306d00000c77591142000000001
last-modified: Thu, 02 Aug 2018 21:00:00 GMT
server: cloudflare
etag: W/"3ee0-5727a1821d400-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zzDPABqSIZeac0bfvRBX8NOJXkHONscktlG80balr%2FBY7MyC03TJhM8CY8wO2hgYpjs4NW812ozZVHOoTqzZZI4rfFSJtC6woNfXNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 13 Mar 2021 05:50:08 GMT
cache-control: max-age=1209600
cf-ray: 62a13ab7be8ac775-AMS
cf-bgj: minify

GET
H2 200 jquery-touch.js Show response
calgraf.com/template/js/ 627 B
631 B 23ms
22ms Script
application/javascript 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calgraf.com/template/js/jquery-touch.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1332c8a7080f0812b912170b5c08e793b1d42be98384796aa857ba53dd11ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 751489
cf-polished: origSize=952
vary: Accept-Encoding
cf-request-id: 0898a306d00000c775cf9a0000000001
last-modified: Thu, 02 Aug 2018 21:00:00 GMT
server: cloudflare
etag: W/"3b8-5727a1821d400-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t72GKjl5TqHhYHygeDGzfQWivTgSdTx7o3y%2Bf8qLKaul6sjVqw%2BJGO%2FM5pAL5gyZfF2tTF4pftZNwRWzJZGnOkU6Lri%2BJcLl6ehNCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 08 Mar 2021 14:57:50 GMT
cache-control: max-age=1209600
cf-ray: 62a13ab7be8dc775-AMS
cf-bgj: minify

GET
H2 200 jquery-popup.js Show response
calgraf.com/template/js/ 20 KB
7 KB 39ms
38ms Script
application/javascript 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calgraf.com/template/js/jquery-popup.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40888936f3dc9567204785d9d55fdaf5506d753e25ed5e45f7bd199501a0b1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 529041
cf-polished: origSize=20219
vary: Accept-Encoding
cf-request-id: 0898a306d10000c77574839000000001
last-modified: Thu, 02 Aug 2018 21:00:00 GMT
server: cloudflare
etag: W/"4efb-5727a1821d400-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uf4RISjGUMto9bxfj7IdyhCy5Ar8VRYi0lVMaxQGbQaH63AcgtOzNru44KHujG6nmiCiBdPkkedHWlvlfqbw4TS8sBhJnIiTPsEosA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 11 Mar 2021 04:45:18 GMT
cache-control: max-age=1209600
cf-ray: 62a13ab7be8fc775-AMS
cf-bgj: minify

GET
H2 200 jquery-swiper.js Show response
calgraf.com/template/js/ 85 KB
20 KB 29ms
28ms Script
application/javascript 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calgraf.com/template/js/jquery-swiper.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d30f2e559513e5ae255d673b7a608b332e9c2f7e6431447adc6cbf18141f359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 529041
cf-polished: origSize=86937
vary: Accept-Encoding
cf-request-id: 0898a306d20000c775b2b5f000000001
last-modified: Thu, 02 Aug 2018 21:00:00 GMT
server: cloudflare
etag: W/"15399-5727a1821d400-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JfPlJ6s8m6GfrsKNV%2F4coppHo9fbYigEmqyWCUdyqwv0seifm8v5KZ4Xk972%2FE9xAJzX87XB8rtxeZVfxlzNiMQOyP1C%2Bs7bIOQw8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 11 Mar 2021 04:45:18 GMT
cache-control: max-age=1209600
cf-ray: 62a13ab7be91c775-AMS
cf-bgj: minify

GET
H2 200 jquery-init.js Show response
calgraf.com/template/js/ 4 KB
1 KB 23ms
22ms Script
application/javascript 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://calgraf.com/template/js/jquery-init.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24826297ebac3e88094d08b364ac45c118d3c13a00dbb28ca8615d1343f5ba16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 694307
cf-polished: origSize=6048
vary: Accept-Encoding
cf-request-id: 0898a306d10000c775d6b6c000000001
last-modified: Thu, 02 Aug 2018 21:00:00 GMT
server: cloudflare
etag: W/"17a0-5727a1821d400-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X6%2FXUu%2F8uv%2F%2FmrpHFFL52KQhqfqf2iVMA51G2RtA2MBqBgDmSpKgTqBuF7B2cURk2%2FI8WPv5ck92dUFgf7XqZAzc8yL8bHPx1TKcfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 09 Mar 2021 06:50:52 GMT
cache-control: max-age=1209600
cf-ray: 62a13ab7be93c775-AMS
cf-bgj: minify

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
9 KB 396ms
395ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8645340410058675

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757359.311610,VS0,VE377
etag: "5291f663321e7e3f6bfff9a37feadf115ecea3ab57d443f46f5035c626a0edda-br"
x-served-by: cache-ams21071-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Wed, 03 Mar 2021 07:42:39 GMT
accept-ranges: bytes
content-length: 9496
x-cache-hits: 0

GET
H2 522 sony-c5303-harakteristiki-opisanie-otzivi-dostoinstva-i-nedostatki-smartfona.jpg
i.calgraf.com/photo/tehnologii/161/ 0
0 15526ms
15510ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/161/sony-c5303-harakteristiki-opisanie-otzivi-dostoinstva-i-nedostatki-smartfona.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 nabrannij-vami-nomer-vremenno-zablokirovan-sposobi-razblokirovki-nomera.jpg
i.calgraf.com/photo/tehnologii/093/ 0
0 7536ms
7520ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/093/nabrannij-vami-nomer-vremenno-zablokirovan-sposobi-razblokirovki-nomera.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET kak-perezagruzit-ajfon-7-dvumya-knopkami-chto-izmenilos-instrukciya.jpg
i.calgraf.com/photo/tehnologii/90/ 0
0

GET
H2 404 neskolko-slov-o-tom-kak-pravilno-zaryazhat-akkumulyator.jpg
i.calgraf.com/photo/tehnologii/384/ 0
0 5548ms
5532ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/384/neskolko-slov-o-tom-kak-pravilno-zaryazhat-akkumulyator.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 522 tverdotelnoe-rele-princip-raboti-podklyuchenie.jpg
i.calgraf.com/photo/tehnologii/94/ 0
0 15209ms
15193ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/94/tverdotelnoe-rele-princip-raboti-podklyuchenie.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 raspredelennaya-generaciya-proektirovanie-obekti-tendencii-i-razvitie-opisanie-obektov.jpg
i.calgraf.com/photo/tehnologii/78/ 0
0 6530ms
6515ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/78/raspredelennaya-generaciya-proektirovanie-obekti-tendencii-i-razvitie-opisanie-obektov.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 2 B
629 B 142ms
122ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.6263459219201766
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Ux3sHXsc7HJOOsbLAjFXaSIl3B7zqPrXt77RpbAijwfDqU1cIuwljh8Af9eQLZj7Uf2YUqoQ4QOiOLe3K3liWdMsV8d8w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22
last-modified: Tue, 02 Mar 2021 21:41:08 GMT
server: UploadServer
etag: "14293ad9ad0ffaf9f7a3acf1b0793b66"
vary: Accept-Encoding
x-goog-hash: crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
x-goog-generation: 1614721267954742
cache-control: public, max-age=31536000
x-goog-stored-content-length: 22
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 03 Mar 2022 07:42:39 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
232 B 330ms
330ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.29097437067955534

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757359.428908,VS0,VE313
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-ams21071-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 03 Mar 2021 07:42:39 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 0

GET
H2 404 istochniki-besperebojnogo-pitaniya-besperebojnoe-pitanie-dlya-gazovogo-kotla.jpg
i.calgraf.com/photo/tehnologii/146/ 0
0 4563ms
4562ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/146/istochniki-besperebojnogo-pitaniya-besperebojnoe-pitanie-dlya-gazovogo-kotla.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 potolochnie-svetilniki-dlya-natyazhnih-potolkov-svetodiodnie-ogni-v-kachestve-optimalnogo-varianta.jpg
i.calgraf.com/photo/tehnologii/168/ 0
0 4555ms
4555ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/168/potolochnie-svetilniki-dlya-natyazhnih-potolkov-svetodiodnie-ogni-v-kachestve-optimalnogo-varianta.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 karcher-sc-1020-otzivi-instrukciya-ceni.jpg
i.calgraf.com/photo/tehnologii/27/ 0
0 4690ms
4689ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/27/karcher-sc-1020-otzivi-instrukciya-ceni.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 404 chto-takoe-resiver-cifrovoj-televizionnij.jpg
i.calgraf.com/photo/tehnologii/777/ 0
0 4581ms
4581ms Image
text/html 104.21.62.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.calgraf.com/photo/tehnologii/777/chto-takoe-resiver-cifrovoj-televizionnij.jpg
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.62.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 8ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://ja.calgraf.com
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.calgraf.com/;0.3863643483583119
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.calgraf.com/;0.3863643483583119

43 B
496 B

56ms
56ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.calgraf.com/;0.3863643483583119

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Mar 2021 07:42:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Mar 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Mar 2021 07:42:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.calgraf.com/;0.3863643483583119
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 02 Mar 2020 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 210 KB
66 KB 150ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ee48c70479dd48e6046830d53bc5a03b172cb2139a5cb3872a2f763b49b197f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "603efc40-1071a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67354
expires: Wed, 03 Mar 2021 08:42:39 GMT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 17ms
16ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8645340410058675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757360.715691,VS0,VE1
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-ams21071-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 03 Mar 2021 07:42:39 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 1

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 19ms
18ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757360.823424,VS0,VE1
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-ams21071-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 03 Mar 2021 07:42:39 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 1

GET
H2

200

1 Show response
mc.yandex.ru/watch/53304094/
Redirect Chain

https://mc.yandex.ru/watch/53304094?wmode=7&page-url=https%3A%2F%2Fja.calgraf.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A7444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.ru/watch/53304094/1?wmode=7&page-url=https%3A%2F%2Fja.calgraf.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A7444%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

186 B
268 B

57ms
56ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53304094/1?wmode=7&page-url=https%3A%2F%2Fja.calgraf.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A7444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1313468415989%3Ahid%3A590388961%3Az%3A60%3Ai%3A20210303084239%3Aet%3A1614757360%3Ac%3A1%3Arn%3A327502346%3Au%3A1614757360598147750%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614757351977%3Awv%3A2%3Ads%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C318%2C12%2C%2C%2C%2C7560%3Adsn%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C308%2C12%2C%2C%2C%2C7560%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614757360%3At%3A%E7%A7%91%E5%AD%A6%E6%8A%80%E8%A1%93%E3%80%81%E4%BB%8A%E6%97%A5%E3%81%AE%E4%B8%96%E7%95%8C%E3%81%AE%E6%9C%80%E3%82%82%E9%87%8D%E8%A6%81%E3%81%AA%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%80%82%E3%82%B5%E3%82%A4%E3%83%88%E4%B8%8A%E3%81%A7%E6%9C%80%E6%96%B0%E3%81%AE%E7%A7%91%E5%AD%A6%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%92%E5%8F%82%E7%85%A7%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82%202021

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1032e0e7c930a900d3b39f11996b8cc5b46e7c26dd5f2e36cba2d9d85ff9a6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 03-Mar-2021 07:42:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.calgraf.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:39 GMT
last-modified: Wed, 03-Mar-2021 07:42:39 GMT
location: /watch/53304094/1?wmode=7&page-url=https%3A%2F%2Fja.calgraf.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A7444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1313468415989%3Ahid%3A590388961%3Az%3A60%3Ai%3A20210303084239%3Aet%3A1614757360%3Ac%3A1%3Arn%3A327502346%3Au%3A1614757360598147750%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614757351977%3Awv%3A2%3Ads%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C318%2C12%2C%2C%2C%2C7560%3Adsn%3A0%2C42%2C7141%2C14%2C54%2C0%2C%2C308%2C12%2C%2C%2C%2C7560%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614757360%3At%3A%E7%A7%91%E5%AD%A6%E6%8A%80%E8%A1%93%E3%80%81%E4%BB%8A%E6%97%A5%E3%81%AE%E4%B8%96%E7%95%8C%E3%81%AE%E6%9C%80%E3%82%82%E9%87%8D%E8%A6%81%E3%81%AA%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%80%82%E3%82%B5%E3%82%A4%E3%83%88%E4%B8%8A%E3%81%A7%E6%9C%80%E6%96%B0%E3%81%AE%E7%A7%91%E5%AD%A6%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%92%E5%8F%82%E7%85%A7%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82%202021
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.calgraf.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:39 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
383 B 312ms
312ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.calgraf.com/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.29097437067955534
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-ams21071-AMS
server: Google Frontend
x-timer: S1614757360.862377,VS0,VE296
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 3820b393c6edce8a091c487ba1f523db
cache-control: max-age=3600,public
function-execution-id: ll9zwuuzwstg
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: NL
x-cache-hits: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 50ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:39 GMT
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "603efc40-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 03 Mar 2021 08:42:39 GMT

GET
H2 200 1 Show response
ymetrica1.com/watch/3/ 43 B
370 B 138ms
45ms XHR
image/gif 80.239.201.87
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL

https://ymetrica1.com/watch/3/1?

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.87 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-87.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
last-modified: Wed, 03-Mar-2021 07:42:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ja.calgraf.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:40 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 83ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

11cb6f57e40ba6b25c3610aed3bb4035a3f2af6ec2bdf0cffdfde88b2d70e76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "800 / 80 of 1000 / last-modified: 1614726621"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19335
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
19 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c810be19813ca31c2a569499d53488fae7a881eab49dc549729d6ebe38332b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "800 / 460 of 1000 / last-modified: 1614726854"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19502
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 58ms
54ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.5000618980076732

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
last-modified: Wed, 03-Mar-2021 07:42:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:40 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 60ms
56ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.calgraf.com%22:{%22https://ja.calgraf.com/%22:%22%22}}}&r=0.966434017238212
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 68ms
64ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.14155367976717104

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
last-modified: Wed, 03-Mar-2021 07:42:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:40 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 57ms
53ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.calgraf.com%22:{%22https://ja.calgraf.com/%22:%22%22}}}&r=0.9602537428526603
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 68ms
64ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.20720374584009793

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
last-modified: Wed, 03-Mar-2021 07:42:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:40 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 54ms
51ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.calgraf.com%22:{%22https://ja.calgraf.com/%22:%22%22}}}&r=0.009053949494011393
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 60ms
57ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.21502217156115222

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
last-modified: Wed, 03-Mar-2021 07:42:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:40 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 69ms
66ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.calgraf.com%22:{%22https://ja.calgraf.com/%22:%22%22}}}&r=0.47896406691634774
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 65ms
63ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.1397915121569855

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
last-modified: Wed, 03-Mar-2021 07:42:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:40 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 66ms
63ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.calgraf.com%22:{%22https://ja.calgraf.com/%22:%22%22}}}&r=0.8378023647729222
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 61ms
58ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.7811830020292254

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
last-modified: Wed, 03-Mar-2021 07:42:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Mar-2021 07:42:40 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 60ms
58ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.calgraf.com%22:{%22https://ja.calgraf.com/%22:%22%22}}}&r=0.4876470939930406
Requested by: Host: ja.calgraf.com
URL: https://ja.calgraf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pubads_impl_2021030101.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
99 KB 43ms
43ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 09:37:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101543
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.calgraf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 38ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.calgraf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 204ms
175ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1824053686427009&correlator=2177805386161735&output=ldjh&impl=fif&eid=31060309%2C31060326%2C21069710&vrg=2021030101&ptt=17&gdpr_consent=CPCeGtfPCeGtfAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_optr&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1600x90&cust_params=site_domen%3Dja.calgraf.com%26site_topdomen%3Dcalgraf.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202021%2520Web%2520Web%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.calgraf.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1614757360&dt=1614757360334&dlt=1614757359219&idt=1086&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1235&adks=550985217&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.calgraf.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=505717019.1614757360&ga_sid=1614757360&ga_hid=718940905&fws=512&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

309905f79ad92f7dd075d672d0849cc92698de7c3a6df28df2bfca9574e30f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3367
x-xss-protection: 0
google-lineitem-id: 5424010038
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308614061
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.calgraf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a4bb27adf5884c8535e8ef6501ae3ddd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 50ms
15ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a4bb27adf5884c8535e8ef6501ae3ddd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 29ms
7ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 114ms
85ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1824053686427009&correlator=2177805386161735&output=ldjh&impl=fif&eid=31060309%2C31060326%2C21069710&vrg=2021030101&ptt=17&gdpr_consent=CPCeGtfPCeGtfAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=site_domen%3Dja.calgraf.com%26site_topdomen%3Dcalgraf.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202021%2520Web%2520Web%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.calgraf.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1614757360&dt=1614757360337&dlt=1614757359219&idt=1086&frm=20&biw=1600&bih=1200&oid=3&adxs=1069&adys=230&adks=1005715999&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.calgraf.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=302x-1&msz=302x-1&ga_vid=505717019.1614757360&ga_sid=1614757360&ga_hid=718940905&fws=4&ohw=302&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a7f105b1932fa89c252036645789a38eb5c0a4136c8564213ef37cd958d78d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888
x-xss-protection: 0
google-lineitem-id: 5121405043
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287767990
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.calgraf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 105ms
75ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1824053686427009&correlator=2177805386161735&output=ldjh&impl=fif&eid=31060309%2C31060326%2C21069710&vrg=2021030101&ptt=17&gdpr_consent=CPCeGtfPCeGtfAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=site_domen%3Dja.calgraf.com%26site_topdomen%3Dcalgraf.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202021%2520Web%2520Web%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.calgraf.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1614757360&dt=1614757360338&dlt=1614757359219&idt=1086&frm=20&biw=1600&bih=1200&oid=3&adxs=1069&adys=1109&adks=1299197191&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.calgraf.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=302x-1&msz=302x-1&ga_vid=505717019.1614757360&ga_sid=1614757360&ga_hid=718940905&fws=4&ohw=302&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9bd881277f90107cb5258893136c3a850574d0148cb9139f8d0028154a4ed2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2879
x-xss-protection: 0
google-lineitem-id: 5121405043
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287458526
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.calgraf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
4 KB 101ms
73ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1824053686427009&correlator=2177805386161735&output=ldjh&impl=fif&eid=31060309%2C31060326%2C21069710&vrg=2021030101&ptt=17&gdpr_consent=CPCeGtfPCeGtfAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=site_domen%3Dja.calgraf.com%26site_topdomen%3Dcalgraf.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202021%2520Web%2520Web%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.calgraf.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1614757360&dt=1614757360339&dlt=1614757359219&idt=1086&frm=20&biw=1600&bih=1200&oid=3&adxs=1069&adys=9835&adks=794095685&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.calgraf.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=302x-1&msz=302x-1&ga_vid=505717019.1614757360&ga_sid=1614757360&ga_hid=718940905&fws=4&ohw=302&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f475d7624722e9bda46deffdff888631a5cbbf5889c762c33bafd6f9c523ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
google-lineitem-id: 5171125673
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287185880
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.calgraf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 108ms
80ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1824053686427009&correlator=2177805386161735&output=ldjh&impl=fif&eid=31060309%2C31060326%2C21069710&vrg=2021030101&ptt=17&gdpr_consent=CPCeGtfPCeGtfAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=site_domen%3Dja.calgraf.com%26site_topdomen%3Dcalgraf.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%25202021%2520Web%2520Web%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.calgraf.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1614757360&dt=1614757360340&dlt=1614757359219&idt=1086&frm=20&biw=1600&bih=1200&oid=3&adxs=1069&adys=11311&adks=304105210&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.calgraf.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=302x-1&msz=302x-1&ga_vid=505717019.1614757360&ga_sid=1614757360&ga_hid=718940905&fws=4&ohw=302&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f3853d77655c566ed7d3844312794388f177b8c673612ac279042e780568e755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2855
x-xss-protection: 0
google-lineitem-id: 5171125673
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287185829
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.calgraf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C496 0
0 57ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLHTSd-zaamqPPAKZFWwfx0Yys9ZHD6FJ8W3pAELeUl0C5l2yA2fzcKgiuHJcu3lDEwjPVOoQwgIUkq5NkCPOwZUeUOI9HsRl5gTlT6GxMJeJ1FlJGMVDa0J_vVJQv7h1xoN6BRh8Ab2PSY9SVDCNdAJDByjwVFSM8UMys_M1bQXPJCGbkzle6q164IHGboVg_MdESMxwRuw8w6iXrRHVHjd_D-DX6g9ttR3ncwlNVylePbp744lUtqo8TgIMfE-a8hldau8Lyx4CtuvNUUtWDR6GMI7wxkqM&sai=AMfl-YQMecdc0NIcaoRYSHu2dyeZcJcxZEPyYuRXdUWKKC_9n2QSi0Gys_VQqYE-nt-PRy_DWblm6DshP--A4yZMvWWx2ODxKtqWPnDzCUO_w81cDLYqEEDD_Dt916CYm7Y&sig=Cg0ArKJSzPnfbmr5wTlJEAE&urlfix=1&adurl=

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 JAzxvr.88 Show response
bk.jampartizan.com/OPTR/ Frame C496 5 KB
1 KB 484ms
443ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/OPTR/JAzxvr.88

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

36cabc986091bcbd968af2321f30dcb7470f5471f6fce0d59f06bf8707dc7241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757361.505451,VS0,VE427
etag: "20986735871b23fdf651cab058cca2e8995ea9fc54bbee8ebba121f081fb0947-br"
x-served-by: cache-ams21074-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 03 Mar 2021 07:42:40 GMT
accept-ranges: bytes
content-length: 1172
x-cache-hits: 0

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C496 107 KB
33 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 42ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 44ms
23ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13b3e95a734995857dd7444ac3a04d1259c0d040997f75fd89eca876904ee7cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6752
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B27 0
0 57ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWpTXOnTRZo7fFKSze7B-zAsd9sl7RMQxwTFkwbPYHgldFWIKedvaPXi3NnmeAq4Nv60tOtLNDiaXhsh0BoiTlIbmcqpLmd_bWWXnVdxg-X7fLemX3z0YLMrxy1V1MWFtw1lZ3jDNsfV1WuKYocrxdWqdVNi0pTtagKNaClzPFWiRsSEpMXRf6QafcxDA6bs-fpRiqG3FM_z1cl__iBU3Rd7NDjVRSj16EsyGlfD4OpQzOs3fHTdWQaT7erCGMLWunHVUZ46oX-S1SjHCivuerLTimTrM_zvI&sai=AMfl-YR_ruYTXMDzey5MsGxKI9nBlN_b9kvj0TGMKyBZpdvWBjb_3oUzJkN4C9GSLuEAv2ueeRVANfBMOzKJNivvhmxudqMiTp_UIrZhRVSW3hhB6Tc9bM6LMZFEx7i2gsLW&sig=Cg0ArKJSzJl-749YD6KZEAE&urlfix=1&adurl=

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 JAzxvr.55 Show response
bk.jampartizan.com/ZXM/OPTR/ Frame 8B27 5 KB
1 KB 469ms
438ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/ZXM/OPTR/JAzxvr.55

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757361.505775,VS0,VE422
etag: "dd615af05cacdee1b2238a974184e481542d79e2bdf91caf64613feab3d739af-br"
x-served-by: cache-ams21074-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 03 Mar 2021 07:42:40 GMT
accept-ranges: bytes
content-length: 1174
x-cache-hits: 0

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B27 107 KB
33 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A626 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAta_OHZPqtyAS-FcqH01ehJdgKx3kH_Z4E9ikXa01w4FDtGV6hzX0PyI_4jERBthX0BtQHdCFXXeLd-uxR2_PyIIWBcyHzEMVYanMOBV8oR6WSxxYg_UlfvVVHaD_5squU09a_OQECr5Ab9uE4X35nKHuMGR72LkLXqj4vIj_SkvSWejEP5_YEX84n4pxzXiUWx2bXENbBOwBCsfpGS_lF2GLtyLKjMVHjLbLBFqtk8TyngcDywO5QgBcZk0p1bAoVRgpyHpwnEcvqFJ1gOhpVlOl7C4hh9ZKl2e5zg&sai=AMfl-YQ1rpdlCeZ_iuTCfZTv5zHUmmcYUFfdM_E5-0tepMQsDAtWkRwPBvOuBTQ9vwRooOSzMJEBqU-y0cNzUiVOY4-mlV7MiIkIdYUEEJGgTCtQNGKgshtN9aZobm7Icc0H&sig=Cg0ArKJSzLRHTcHK45q7EAE&urlfix=1&adurl=

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 JAzxvr.30 Show response
bk.jampartizan.com/OPTR/ Frame A626 5 KB
1 KB 453ms
428ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/OPTR/JAzxvr.30

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

efd5192a828050605b052fec591f8b0015cb1b594a546a3a2df4c9648eb4a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757361.505755,VS0,VE412
etag: "5db9ef402720077858a455ea019397b4f995b3f9a43e983a271a7f5dc41a2f58-br"
x-served-by: cache-ams21074-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 03 Mar 2021 07:42:40 GMT
accept-ranges: bytes
content-length: 1178
x-cache-hits: 0

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A626 107 KB
33 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C6E 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO__7Muk8g1uldS3iwWg0qWK8qCsLJ8kivS5GzCrvWVn8fo0TpvqBymmYlhyPETNDzYfWIAwzuNv28XLoAq3dE3qa87Q8EDFn19go6CUSTZp3Tys7VPNkA_pkVr0E7Z5xxPhq5JtGtDxWTMfGr55V7mOmIhASJtIYfHsS_Yw3TivDLC_hf0kW1V9Nwlhh1HIEzKPqEE5x28bhSHbOoXqa2UJaInwicW0L4s2BvEaxJho9B6CmRtcFIHgYRWCg_A8QcZfKEfWJ-NBWNp4vbEwQqg5Vx7HeUsbM&sai=AMfl-YTRLmpER3d_xn7wimgBvZThh5aUIXRDbWR0-KUHd9KJnK2FYFCl3pUbIqA-48cQzXhm-NV59vN6Z63pcI2znLbgrjAA_q87edageQ_VECm77G_9q9VQEJvFaXB0qFO2&sig=Cg0ArKJSzDFqpNM7_-9HEAE&urlfix=1&adurl=

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 JAzxvr.37 Show response
bk.jampartizan.com/ZXM/OPTR/ Frame 1C6E 5 KB
1 KB 438ms
419ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/ZXM/OPTR/JAzxvr.37

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
x-timer: S1614757361.505431,VS0,VE403
etag: "dd615af05cacdee1b2238a974184e481542d79e2bdf91caf64613feab3d739af-br"
x-served-by: cache-ams21074-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 03 Mar 2021 07:42:40 GMT
accept-ranges: bytes
content-length: 1174
x-cache-hits: 0

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C6E 107 KB
33 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
DATA 200
OK truncated
/ Frame A626 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 808e722fe5fcbdc2da2f1ac9f2d391c927ee5d0997035844d2cdfab6f5a735fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1C6E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e8d05fb972452a2a9feb095b03aff42cea062c16207598d10914dadcf8e9969

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C496 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a191e069c62574919b7ec461b596bcabddf71f74bd0c972347b6a42538946e3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8B27 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fc88aa9652f3c7afad6e9ba13ea48aabd330636bfaf4fc6b1e55b6150f2a6c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7444 0
0 57ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE2TaY5GxagpQqBZ2HyXRUZTv9tDKKX5DQGAVZpu7Ea98Iuk5MmaQLHCYOw_ubx7nnfVsDDjpQGEN2gJLo2DtfdLODae9I5DGvqcu5K0ZBt-o84Y7jhVLqFiQuPJj7r9K3Iru7hPwxITxqq4ZNFe3CRrGxHFNdypNWH8wEMasWfCRZ3xbOwf-2v_qsdCeAF6T2WuqSvboAEWPexiMdpRgp31eH-Te2YoTGzQFo_a-2juV-svNaWgSR1F5Nb2dVIaEcy19inEZ_bW-1WXDktLILGFkfladN3hH7At2wOf-8QoUam4KM9Bdw3VRS4Q&sai=AMfl-YQphedR1pCD1EcWknCkC3TpJk7-fryr0bboKAVNTumv-uIfuJHktScSrHNcDRougt9Be0Giy73ZGHzu-vsXSNv8TLR48Uc01K4Pu3yPyWB_5cDQk04Tv4HIeoHHXio7&sig=Cg0ArKJSzHgxrVRLotZQEAE&urlfix=1&adurl=

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7444 96 KB
35 KB 47ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ecfb6909bbbbb09106c3425b678554c6c97638912e1614dd63d5068c71dfe18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34978
x-xss-protection: 0
server: cafe
etag: 11047699853063626117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7444 107 KB
33 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 8526 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 02 Mar 2021 14:44:46 GMT
expires: Wed, 02 Mar 2022 14:44:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 61074
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8526 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb67766d29c26765f81fa9d950a302fa9811e81d98ad14e83fa3f450d6faeb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 119887
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5641
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:24:33 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210301/r20190131/ Frame 7444 227 KB
85 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210301/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.calgraf.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bd620648dd52d968fc4dbf4efc9bb43f663454e8f39e60a4a46bc06b0d15e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87296
x-xss-protection: 0
server: cafe
etag: 9485388057174683306
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210301/r20190131/ Frame 1079 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210301/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 02 Mar 2021 22:27:18 GMT
expires: Tue, 16 Mar 2021 22:27:18 GMT
content-type: text/html; charset=UTF-8
etag: 14371272352318978350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5136
x-xss-protection: 0
age: 33322
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7444 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bb53a0963244f658a0e80d34c91994946f846dcc918064203816333cde02212

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7444 12 B
480 B 95ms
43ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.calgraf.com&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3Dbae7ddc44747a162-22cb6bb0a9ba0027%3AT%3D1614757360%3AS%3DALNI_MZOkvmtBsafvNkNyp8SGWPfcc7pDA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210301/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.calgraf.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7444 107 B
777 B 44ms
28ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.calgraf.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7444 107 B
531 B 37ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.calgraf.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

1_zxm.html Show response
bk.jampartizan.com/adx/ Frame 497C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=ZXM%2Fzxm_optr&adk=3731286713&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_optr&w=1200&fwrn=3&fwr...
https://bk.jampartizan.com/adx/1_zxm.html

6 KB
2 KB

16ms
16ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/adx/1_zxm.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a3c4d80e5225b1b6263e82e1544411f6d7a1c3a1c0f649956e06d50558787e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: bk.jampartizan.com
:scheme: https
:path: /adx/1_zxm.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "9a751bcd79869e14935dd5528dba18db907a103eb7a670f4debca5913f395045-br"
last-modified: Mon, 01 Mar 2021 09:53:37 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Wed, 03 Mar 2021 07:42:40 GMT
x-served-by: cache-ams21074-AMS
x-cache: HIT
x-cache-hits: 3
x-timer: S1614757361.895725,VS0,VE1
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length: 1353

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://bk.jampartizan.com/adx/1_zxm.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 03 Mar 2021 07:42:40 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7444 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:40 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 40ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030101&jk=1824053686427009&bg=!fX6lfj3NAAXdrq8Z3TsAKQB2-DxaCtJ3WsWB69aH1oaU1PdtFZiligOfnxiSgO3HR0n0071aqAMbAgAAAGFSAAAAC2gBBwoArc3gzw1jwaTJyiDUN7PGnnkdHZwHL36ZkRC0Tf7-WI2qz-obuhwKwyhRamjZSMRBHmih8cBucBNXe5M680prc2qlKYlWIGM5FJiaETjvdHyU29HCBeMhVYc28cfeshh2lhZhY5jRd-6sGMQtDHw4gsKM9vearGzGIZEm8f0IBO9ynmN9p_NcxjRFzqoqiqIrJudui8Gms_b1JIOFQxB7VhysKwggCIaqpNJxGFRhmQHnk1s9QMXho63TgpUn81kWdsgN58Dfw57Xw1YyNyWpEYxt5U0IiqYg5FGwhgMM6OBqhv3VNHKnf0qaqS8QhjsOvXXWyxamfAdzsgh-w456sL_i7q7J-ioMrnzqy9kM4bbHasx121xMdC6g_paDV3SHWV_TSnWehrbmGjQZBnCDJBrUPt6Re51j_8ZEhSJII9nNkdh2wBBHm79q_Ag_upOS1esIqrQTYUV6Zg_AgaPbF0rDe_MQeiWlo3QDKlXr7NZF8Z2x-FKs6IvXOdGgfEen1Iy1Zkau5-6RQGWaNNT8ACxdXKZoDzXGVo-2EiiQlZGWsQ-d4hxX7vAnR-lwP-Axt4wt_xT9Z4lhDSLRWXu_WE9MUlqSxKI_IVilIUwvqhnjh64OzTrieGlmopdZwuNHFaU18FCmqf7Ufmc21DySYYr3v55JEFOxhyL6zfjz_AD9KWkL71VbY0IBRucqz0QQNW4bgL4QsEXEc5R29Pz82-l9KEevYXR7ey7pjGXJOYHtuLVqr4qosa_ZFn7rrcb78Z6S_7aWI9DnJdFdaGpNoGWqdQR8h1fjRcBVb4rL0bE1izvlzeSep8eZDECk2wEGemS7hkGQ6C2CMPQkQlg3v1KBCySeh04K1U8isVsRnWDGapSLlEJOIA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE42 49 KB
14 KB 452ms
451ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/adx/1_zxm.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebff2a22ff528ad22804905a1660de78dbbc7b7c33706ea7bd3e0c31afd7de1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bk.jampartizan.com/adx/1_zxm.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bk.jampartizan.com/adx/1_zxm.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 03 Mar 2021 07:42:41 GMT
server: cafe
content-length: 14567
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C26F 59 KB
22 KB 439ms
438ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/JAzxvr.37

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

034505917d60cab9136d00a754735a35c4b937f060e1eec84440eea06fc1076a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 03 Mar 2021 07:42:41 GMT
server: cafe
content-length: 22332
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 99CC 106 KB
34 KB 726ms
725ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/OPTR/JAzxvr.30

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2212a2f496056204479696662ea12d431fba72ea86641ba79d0392aca7245c93

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPT9lvfPk-8CFfvJuwgdxyYBKg&gqi=8D0_YI2POYzigQeY3b_4Bw&layout=/sadbundle/%24csp%253Der3%24/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPT9lvfPk-8CFfvJuwgdxyYBKg&gqi=8D0_YI2POYzigQeY3b_4Bw&layout=/sadbundle/%24csp%253Der3%24/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 03 Mar 2021 07:42:41 GMT
server: cafe
content-length: 34340
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8420 73 KB
24 KB 696ms
696ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/JAzxvr.55

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a326a6f3223ab7db402b6d5347a4add149a2090c68e93ad57f2f7e2ba29e39f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 03 Mar 2021 07:42:41 GMT
server: cafe
content-length: 24072
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 695D 48 KB
14 KB 382ms
382ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/OPTR/JAzxvr.88

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66bf2afe19384e53d6950a8992c5337f38bf1c5f571e8500512faa752b0b288c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 03 Mar 2021 07:42:41 GMT
server: cafe
content-length: 13896
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 695D 4 KB
725 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 06:37:31 GMT
server: ESF
date: Wed, 03 Mar 2021 07:42:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 695D 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:38:27 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame 695D 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 7415731890135056792
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:32:53 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 695D 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 695D 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 695D 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:37 GMT

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 695D 26 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:48:51 GMT
server: sffe
age: 349585
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Fri, 28 May 2021 06:36:16 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2233912367713030725/ Frame 695D 11 KB
11 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2233912367713030725/downsize_200k_v1?w=300&h=300

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db990ca3a7886913ea06647684d1ef7331c8cb519555e603ddcf57a3a506ee5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:34:16 GMT
x-content-type-options: nosniff
age: 522505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10805
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 21:22:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:34:16 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E7E 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 03 Mar 2021 07:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 488
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D468 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Mar 2021 03:14:09 GMT
expires: Thu, 04 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 16112
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 695D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2b146acaa9212cdb2339350edfc14ec9ad13762ecb524d72006869e867c1a18

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 695D 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 422615
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 10:19:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 695D 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 445443
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 03:58:38 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame FE42 4 KB
697 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 06:40:38 GMT
server: ESF
date: Wed, 03 Mar 2021 07:42:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 14860416609979095367
tpc.googlesyndication.com/simgad/ Frame C26F 137 KB
137 KB 13ms
8ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14860416609979095367

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a618212c24ddcb2fdf27655bc9bb7b0a95d22aedcdded05781fd6b81ce6d10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:17:28 GMT
x-content-type-options: nosniff
age: 422713
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140160
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 15:32:53 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 10:17:28 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame C26F 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 7415731890135056792
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:32:53 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame C26F 3 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C26F 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame C26F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:37 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame C26F 26 KB
11 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10963
x-xss-protection: 0
server: cafe
etag: 5048180228173261443
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:20:26 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame FE42 2 KB
924 B 10ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:38:27 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame FE42 18 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 7415731890135056792
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:32:53 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame FE42 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE42 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame FE42 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:37 GMT

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame FE42 26 KB
11 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:48:51 GMT
server: sffe
age: 349585
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Fri, 28 May 2021 06:36:16 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1298643556974426282/ Frame FE42 1 KB
1 KB 13ms
9ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1298643556974426282/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cd0886fcea03fce0f7361cb35c9695a917dfdfe8efe96e3fdf102eca42d987b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 15:54:27 GMT
x-content-type-options: nosniff
age: 316094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1309
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 12:28:28 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 15:54:27 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E92B 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 03 Mar 2021 07:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 488
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CFE0 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Mar 2021 03:14:09 GMT
expires: Thu, 04 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 16112
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 046B 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 03 Mar 2021 07:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 488
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C76 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Mar 2021 03:14:09 GMT
expires: Thu, 04 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 16112
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C26F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f64a5b20ea80815ca18aa0c46b17b537d776b9fe270f04f5d49c64f0e8d571

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D468
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUKy5E13BlgNRyliAmBNHAUr_OFaZeohdtS4AZp9py7ltVpxt0QDDwBjXtC1cAxOyNzrhzp8U2ehMP9T2t6fxcQZbqRYNdo
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUKy5E13BlgNRyliAmBNHAUr_OFaZeohdtS4AZp9py7ltVpxt0QDDwBjXtC1cAxOyNzrhzp8U2ehMP9T2t6...

170 B
243 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUKy5E13BlgNRyliAmBNHAUr_OFaZeohdtS4AZp9py7ltVpxt0QDDwBjXtC1cAxOyNzrhzp8U2ehMP9T2t6fxcQZbqRYNdo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUKy5E13BlgNRyliAmBNHAUr_OFaZeohdtS4AZp9py7ltVpxt0QDDwBjXtC1cAxOyNzrhzp8U2ehMP9T2t6fxcQZbqRYNdo
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Mar 2021 07:42:41 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D468 0
136 B 73ms
22ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEGjPTH5-kAp97bkpIuLrSk&google_cver=1&google_push=AQvitULlVHXOQyUwjMqZtl48BdGsPYKoCm_q1tzMNz3C7Q5g_N6vyyB-kjk1K23NcZC0i0--56jJ_KFTgjrajufd4U_oqOxcaeo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5630493448350324
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D468
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitUIWaea55AMelsC52yKzgIxG66MBMAjlYW9DVtOzkm3Kg-Nn8zq4pu5JisKKjc7gY-8Ebx2qIRSOhTWbGveEHJ40...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitUIWaea55AMelsC52yKzgIxG66MBMAjlYW9DVtOzkm3Kg-Nn8zq4pu5JisKKjc7gY-8Ebx2qIRSOhTWbGv...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=1870471593034458867&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==

170 B
190 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==
date: Wed, 03 Mar 2021 07:42:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D468 0
78 B 32ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Js_EfjGLJdVI9JelOJo9HYhM3ax7_bR4dXQLKtyfq_-Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame FE42 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89972e22a1bd4b068b13807f3aba840d00f600c0e7e695fd6f27c4ef5b071b34

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E7E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
141 B

22ms
22ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 03-Mar-2021 08:42:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 03 Mar 2021 07:42:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C496 0
0 101ms
71ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0FW1VDY7qPmFrMNfecaUpK9if21dyN4W47_BIZVDn-yJQB1aJuTkGOt1iCQfvrgaAULJ-Fz_q6LEe6KaA7wBKesr9foYMLWLnzgOjE4d3cgt3fBAB_6w_K4jOqzwJYyKz4tHbV04QOo5IiqZ6nUqi7Il2nkGA1IXSuYWpLHPk2Kzr-Kjm89iBwEzvUGYMQZYhoSWe3-4cMI4N_A-FJJevkvzZuBS4w0fVMAGLBhu7F_jIzwnxs8BJoufJlXYyOo5PFWSmzeqHu5J-fIUKk7waCZUw4cjwdXQF5A&sai=AMfl-YSKafdspe0Gzd7DpvEZnFzyXGf18SM81sc4NIv5uXcO-cYF2imNcyV_Fv79QGrJYyA-Z6HV-eBXmq9LXsQ5LuI3SgMJ1ZKccbjJlKtf2oaVjspwoikRXPnv3EZPAvA&sig=Cg0ArKJSzL7jLPRKgjaLEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame FE42 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 438607
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 05:52:34 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame FE42 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 443822
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CFE0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUJl4c4o92NpdzT1Ru5OsGXIvVzMGGSLFyaTjOlULkFjZ276GV1lY0---VEi-YLGZO9cEfMLFWK1BazyUtJT-9tEaYKaJ5Td8w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUJl4c4o92NpdzT1Ru5OsGXIvVzMGGSLFyaTjOlULkFjZ276GV1lY0---VEi-YLGZO9cEfMLFWK1BazyUtJ...

170 B
190 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUJl4c4o92NpdzT1Ru5OsGXIvVzMGGSLFyaTjOlULkFjZ276GV1lY0---VEi-YLGZO9cEfMLFWK1BazyUtJT-9tEaYKaJ5Td8w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUJl4c4o92NpdzT1Ru5OsGXIvVzMGGSLFyaTjOlULkFjZ276GV1lY0---VEi-YLGZO9cEfMLFWK1BazyUtJT-9tEaYKaJ5Td8w
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Mar 2021 07:42:41 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CFE0 0
114 B 22ms
21ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEGjPTH5-kAp97bkpIuLrSk&google_cver=1&google_push=AQvitUKX2bFJbtb7FseJNZlM76T1m9u2NBwca6bcfiXZ1dmGK5ZFY0N6P0LpgrYQ5LM9_QvoRw8D74lBJKP6uGzuxcxPtFl_9dlxZg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CFE0
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitULUY_1yR4waTvUFaZZgQKO_Ag8hnuWq9A0EWIizN6r7wgW8maB6gm3pi4BkSuwBTMJS7pKi7VTM2NHKRGFOlkmD...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULUY_1yR4waTvUFaZZgQKO_Ag8hnuWq9A0EWIizN6r7wgW8maB6gm3pi4BkSuwBTMJS7pKi7VTM2NHKRGFOlkmDXRaBEQaeTA&google_hm=DP64i8gSSw2ng1rPvtFABQ==

170 B
190 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULUY_1yR4waTvUFaZZgQKO_Ag8hnuWq9A0EWIizN6r7wgW8maB6gm3pi4BkSuwBTMJS7pKi7VTM2NHKRGFOlkmDXRaBEQaeTA&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULUY_1yR4waTvUFaZZgQKO_Ag8hnuWq9A0EWIizN6r7wgW8maB6gm3pi4BkSuwBTMJS7pKi7VTM2NHKRGFOlkmDXRaBEQaeTA&google_hm=DP64i8gSSw2ng1rPvtFABQ==
date: Wed, 03 Mar 2021 07:42:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame CFE0 0
24 B 30ms
29ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJgJYLFA9hp6YTFUKluDHe58CRUPjnI4PaD02t927bPg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 1C76
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUL7JRyNqfzb_ALemThV2v8K5viJPMv_TYxmPNYgzyCA4oHZx_Uf9SNh3UGEBcdJiguWtolWGGYXkfXhenI1vLy6_zjqIJ5d
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUL7JRyNqfzb_ALemThV2v8K5viJPMv_TYxmPNYgzyCA4oHZx_Uf9SNh3UGEBcdJiguWtolWGGYXkfXhenI...

170 B
190 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUL7JRyNqfzb_ALemThV2v8K5viJPMv_TYxmPNYgzyCA4oHZx_Uf9SNh3UGEBcdJiguWtolWGGYXkfXhenI1vLy6_zjqIJ5d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUL7JRyNqfzb_ALemThV2v8K5viJPMv_TYxmPNYgzyCA4oHZx_Uf9SNh3UGEBcdJiguWtolWGGYXkfXhenI1vLy6_zjqIJ5d
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Mar 2021 07:42:41 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1C76 0
114 B 22ms
21ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEGjPTH5-kAp97bkpIuLrSk&google_cver=1&google_push=AQvitUJlW1gEi9ZDBXhuAX9I-pOH38E6u0iaYQzf56Q-1ZGCGLDqV5M5Hdff2hT8617_Ywa4qHJhLJeVlkDl7AKPgt8TdEw6KBti
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 1C76
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvg...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==

170 B
190 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULb1BvYNzMJhIUvV8EoZEuOIUeXC1SkDkffHYmPuM3-CsAhlHbpZabFJYe5xD9zzBa4cqjEATRWKz0KjftS1mvgS5gUcq_Q&google_hm=DP64i8gSSw2ng1rPvtFABQ==
date: Wed, 03 Mar 2021 07:42:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C76 0
16 B 34ms
33ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KolsQgAp5knuXDdTAiyce7dx6gtT4PDPTzEtVdtPPOrw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7444 8 KB
7 KB 46ms
33ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210301&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b5dec30f1f967a9f550b714a24faf99c48b85b73cc84ec766fdd857f5217b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6526
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E92B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 03-Mar-2021 08:42:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 03 Mar 2021 07:42:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js Show response
pagead2.googlesyndication.com/bg/ Frame F621 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb67766d29c26765f81fa9d950a302fa9811e81d98ad14e83fa3f450d6faeb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 119888
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5641
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:24:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C6E 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswaJOlGv_hQFTXWXwAGflhiPb1LV7zwTdRUgDgCltDlTt5bZOk-rH_YyHq6VLh55eZmWXViHllHj4PLGjUqiP_TgfCSeiKlJhCnOKBneEFwJMU40oeAFIyogJIYOSYd6vPM4YlaXvx2WIfqdWskfqbSlhmbbK_28m3qkSpQTgZYB2YKtpxHXYeP5vZd_Ik6ziX-BN8HGhsDL02JdW-2F4TZJsn9KQ5lS4IUzGrQxSDaeP2CmCqgkMNoCFhUgBKojZjnhCMIN7oWEKysrOoHfN5m_Stbz9ss0Os1Q&sai=AMfl-YT3ZMjxNADsNiN-egQhf5oLKX7srJp1j6jBOlxraOs_tMdx2_xSla-ZaKRG3vZJUhFkxM42l7xDrMmMPiY3reZ0EMZKrI2eE5ZR3_H2II8eYfRMl7zcocO6YEwpan0R&sig=Cg0ArKJSzNR6EdNVK5H_EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 046B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

51ms
50ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 03-Mar-2021 08:42:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 03 Mar 2021 07:42:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7444 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyO8tCoX5uNjUseO1KqbcnGshQYSDo9L2rLML3mLsT1_Jh4lNHMlUP3foOSyhU7rCtztw0PkOPDmTL_T677L-tlTt-vpT2GWVoQdfltOurdsCpbMX6lvJAH1kHFNaLWZ8v74oaS25D8k8wYKMXSmUVQn6QAsw1h38KNjuXH9WWVVWoSXZnMIlkxnFx7NgNNQt2f-BOh0q6wigJF7epnPzCn32-t1JLZ8L43RDVi8Ry4HmzXWHY_B138VE8Dx3Ofb1vy0yQh6xMRfEC-H-2Y6xFMT9dh2zCMGTmiDOUOkg34iWI4ITrinrVgDnVKGjF&sai=AMfl-YSaEcMoON8t0qAFROx9AR8Z25TaycakCRvxSOo23na8c3tOxYGAc54bwH1TMuY96ymbxIjuFD9wWcSAE5XYkp844lZDyFQFM68OBZWXLbx65IEQaCrocWVoxGTFsivn&sig=Cg0ArKJSzGKfXbG9VRa8EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7444 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8420 3 KB
607 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 06:39:46 GMT
server: ESF
date: Wed, 03 Mar 2021 07:42:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 8420 2 KB
955 B 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:38:27 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame 8420 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 7415731890135056792
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:32:53 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 8420 3 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8420 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 8420 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 8420 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm2HUESG_VEn2sjWWvxBVXeXFNAsOJ024G-o5337T0rYRKo9IsT73VEOcpNCocgpKIQXiHb1s8sSrqbC1Qr7vcOxP8Xg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 8420 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:48:51 GMT
server: sffe
age: 349585
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Fri, 28 May 2021 06:36:16 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 1223 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.calgraf.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ja.calgraf.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 02 Mar 2021 14:44:46 GMT
expires: Wed, 02 Mar 2022 14:44:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 61075
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17626355984908347172/ Frame 8420 10 KB
10 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17626355984908347172/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a9edfc40fb6d7dd1263df171b41ee819e6d02bba2f381faab32edd037e41ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:30:03 GMT
x-content-type-options: nosniff
age: 65558
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10521
x-xss-protection: 0
last-modified: Sat, 31 Oct 2020 18:31:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:30:03 GMT

GET
DATA 200
OK truncated
/ Frame 8420 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/ Frame E316 21 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Requested by

Host: ja.calgraf.com
URL: https://ja.calgraf.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8042871d35d08da41f4ce75fe2ec41ffc5db58d19aa5e55a166995692b1098b0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 02 Mar 2021 14:05:25 GMT
expires: Wed, 02 Mar 2022 14:05:25 GMT
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 3933
age: 63436
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame D3CD 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 7415731890135056792
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:32:53 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame D3CD 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3CD 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame D3CD 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 07:41:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame D3CD 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRN08s_vY8YKLOEcB9Cw-1xqlWh1F0FZqxSFVcDhHebnI9fV0CRyN6Sa_9xrds11sPvcu-FdjAmZdzdpFc_fYeDrEiSPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2D27 1 KB
750 B 8ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Mar 2021 03:14:09 GMT
expires: Thu, 04 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 16112
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8420 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56290d816b4f060dc3a3e9229ec416ae1a61e33e159c3e475bf1dd84fa18f5ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 8420 14 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 05:19:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 526967
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Fri, 25 Feb 2022 05:19:54 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 8420 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 499560
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Fri, 25 Feb 2022 12:56:41 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9172 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 03 Mar 2021 07:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 488
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D3CD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c89a0132796ff9f9ca931fea3ffa37ae567cecb0e8f0e55dd2651024a222c1c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame D3CD 0
88 B 41ms
41ms Other
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPT9lvfPk-8CFfvJuwgdxyYBKg&gqi=8D0_YI2POYzigQeY3b_4Bw&layout=/sadbundle/%24csp%253Der3%24/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E316 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 04 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E316 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 03 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 f06f4adf8e01db963900e9d234302fab.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/ Frame E316 72 KB
20 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/f06f4adf8e01db963900e9d234302fab.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf7652b0eb51b5ef21ee96200765b076c6bc7bacbe32910b8f2652d24aaba28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 32961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18823
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 22:33:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 22:33:20 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2D27
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMNkeqoBD1i8H6PvLVBvME8&google_cver=1&google_push=AQvitUK6gtzevo-i-g7dLXDlCrQZqwIo1revWOGh-TqGiLeeKbUBPD824cIcfmPub2HQbfYcT7Pt2xuIBFbltOB_JKmQixQCLJA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUK6gtzevo-i-g7dLXDlCrQZqwIo1revWOGh-TqGiLeeKbUBPD824cIcfmPub2HQbfYcT7Pt2xuIBFbltOB...

170 B
190 B

33ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUK6gtzevo-i-g7dLXDlCrQZqwIo1revWOGh-TqGiLeeKbUBPD824cIcfmPub2HQbfYcT7Pt2xuIBFbltOB_JKmQixQCLJA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=48D9C48E98E449048B299B838BB7668F&google_push=AQvitUK6gtzevo-i-g7dLXDlCrQZqwIo1revWOGh-TqGiLeeKbUBPD824cIcfmPub2HQbfYcT7Pt2xuIBFbltOB_JKmQixQCLJA
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Mar 2021 07:42:41 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2D27 0
114 B 23ms
22ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEGjPTH5-kAp97bkpIuLrSk&google_cver=1&google_push=AQvitULJq8Y0Zu2W-n7F27MEj2ZTxHiHwlVjfRxrSGq-OSH2k3TMoItSxPBQwz9AwjqQvOP8elqjpATe7yweT1v9m4vjkeeg6gqZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2D27
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHx6mMj8h3EvEwLcdPrg9jg&google_cver=1&google_push=AQvitUJGjEg_FtRz5PTWceHC16Vvt8yoG0ZImuCy96SsPbJubY7XLOe1LStu4dCZ9w-HyHdrjOwASoUy9RYbSlAwgEd1...
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=0cfeb88b-c812-4b0d-a783-5acfbed14005
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=0cfeb88b-c812-4b0d-a783-5acfbed14005
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=bfecfa53-3709-4c94-aa35-2b0e588d6573&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJGjEg_FtRz5PTWceHC16Vvt8yoG0ZImuCy96SsPbJubY7XLOe1LStu4dCZ9w-HyHdrjOwASoUy9RYbSlAwgEd1t3aROXJL&google_hm=DP64i8gSSw2ng1rPvtFABQ==

170 B
213 B

35ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJGjEg_FtRz5PTWceHC16Vvt8yoG0ZImuCy96SsPbJubY7XLOe1LStu4dCZ9w-HyHdrjOwASoUy9RYbSlAwgEd1t3aROXJL&google_hm=DP64i8gSSw2ng1rPvtFABQ==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJGjEg_FtRz5PTWceHC16Vvt8yoG0ZImuCy96SsPbJubY7XLOe1LStu4dCZ9w-HyHdrjOwASoUy9RYbSlAwgEd1t3aROXJL&google_hm=DP64i8gSSw2ng1rPvtFABQ==
date: Wed, 03 Mar 2021 07:42:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 2D27 0
16 B 32ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JyGmprsV6-4-d0j9mPTlB646R7sUyc-DMaWnZ4vfZ3MQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:42:41 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 fa63c2f8dcaea8a884e00d8c67b1cebf.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 11 KB
3 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/fa63c2f8dcaea8a884e00d8c67b1cebf.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e6a591d04fe3bdbb88ba00ab1c62ec8af93b0ee7689773f0c275e876060d1e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 63435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2819
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

GET
H3-Q050 200 6d91de00921c6d69a67840d6d4732704.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/6d91de00921c6d69a67840d6d4732704.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ddb08b34512b495a3c8c3c959427d7be53c613dc8847934140610711653b512

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 63435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2858
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

GET
H3-Q050 200 8dfda918a74bb3c2d5ba612817df9404.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 14 KB
14 KB 9ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/8dfda918a74bb3c2d5ba612817df9404.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d03abd7bd30d669c964770a3c1c7980431df93f0063f934585e5d6ce18fa029

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 63435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14183
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

GET
H3-Q050 200 -2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4CF6 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb67766d29c26765f81fa9d950a302fa9811e81d98ad14e83fa3f450d6faeb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.2525319452153012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 119888
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5641
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:24:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B27 0
0 58ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjIBPsq8uXmNWXIdccsV0LIsHMA6IYkCGCn02bC2OWVE56qkbJnLkIowe5M1rhs05oB4XI1hh76YD8BL6Sr132w9P0YZf7VrP764rV28Yl3QHKJYuCsu1UoCMVjV62CyqDDNhTyV2mlAVDiqu6t9zl0b48Tyy94JF-pdRVmA1AK3c0Ho78Z5bHvmH0wqngPUELu3KbA_XqUryAfoPm5X_3q_Rnzlv9L2UP9P1yaXtyJPfMWmuCUtDlVtIyC15yjnxiGIB4-iBA-OCMU_aijKcR97lNb2M2FBOA2A&sai=AMfl-YQ2gJhzsFhTkFv7EmVG0OMKCGj4pKRB9qFcNBZekXaUtt1e1faYvTZ8l2-HTAyku5BwuM3baVdtzofe5kUocd2OC_s2xmMd0N19A_qwxkIHC5ECYXnTVzdHlT89v5kl&sig=Cg0ArKJSzAniOi_tBOfjEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:41 GMT

GET
H3-Q050 200 -2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1223 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb67766d29c26765f81fa9d950a302fa9811e81d98ad14e83fa3f450d6faeb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 119888
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5641
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:24:33 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9172
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.05970263828312761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9zmKbBzButEwDFrtH-ZczOW3v87OkgHcfq1997DL2VvdvlhYGGvfiib68j5U; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 03-Mar-2021 08:42:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 03 Mar 2021 07:42:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 03 Mar 2021 07:42:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 f3c1c2284f38a197d65104495085f114.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 11 KB
2 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/f3c1c2284f38a197d65104495085f114.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51f3063572dcfb3434f0b9f0d497539af83b284d359b07ec6154ca0d8241df25

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 63435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2309
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

GET
DATA 200
OK truncated
/ Frame E316 289 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecd766a690e0d4d93a1fd5713d744b6ce51963d67b62def74fe37f3747a14a30

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A626 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUj0F6qbSd3c-Ndt0fEBoEBCwuz55W9h2QOtAuoCAVQQO3dJaolSAW_2tHt8zu8ww_NwvjwKt4BbO0dag7d0vkK7lMcvYm4KZLG1CwGzipynejn_K8JEvj6q6Do2Hg6JDcJIuOir5dibu-sJmH-cQXYVsZZkQ9WIBHh30TPhLDcs9LDs9Y7tI5lRW0Nc7RqxAtWmlxPH2xtzuSGPcAE04MC4kOkhQ6ECCO_EbNV7LFlSFGy_YUKNSkaEEI-AUfbvAg5UtyTCiPfdIoCphO8O_yyUY41IltnQ_SFJzamiBI&sai=AMfl-YTdWGZfLcmyf3VdQCfl0YVY64AI5lTpCwA-2xkxC8J2jB-tDisuV774SwOuKxOGnwm2jOVbGcXiCMI02onY1p0WRS-_RF_6B4hpV7Bgiuekx8Avf39mZ4Q5LEKPFU69&sig=Cg0ArKJSzPUJfaMyEGoMEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 07:42:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:42:42 GMT

GET
H3-Q050 200 -2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js Show response
pagead2.googlesyndication.com/bg/ Frame E316 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-2d2bSnCZ2X4H6nZUKMC-pgR6B2YrRToP6P0UNb66x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb67766d29c26765f81fa9d950a302fa9811e81d98ad14e83fa3f450d6faeb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 119889
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5641
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:24:33 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7444 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210301&jk=1710028341841673&bg=!cXKlcjHNAAXdrq8Z3TsAKQB2-Dxa70uHLuzlt9t_9tHYQBp5_vtKwwaWFIa8WP8OGAiJchheCBK3AgAAAHpSAAAAGmgBBwoA6Dv0TNPKcPpZmpPkdj0PwwrZcjL6PtMf9Gz-sWP2HnEZRfqn0Bj1lPLNeuA5fuePxLPTbSeNd9CmLQ7eXig3BbBWeAKfE9kXTvN0jSGIbOf86hS7_rmFPoHcljFVU1QRazl_2anOaxJRmUrNa0fcrlqaUvF0MiUPl-6IdPcVDtcTuu2syBGFGIZwZiZp0Fvz77SYIxk6mggYDbRhqWydJI_Sw0PhW2bzyQ4utTm92SNzsZxtPaNVGFJHlviYl2Ul5AnCyUWNI3-YJ6lQj1WqGspoy98dIh4vuIf8pezz0n6nQ-zJCcVm-sGZAeFRJXr6KusxwSlhDG4lq0WkBrJYpWISY9qLvifZRqNMF26ji5S4EJV4kcUXvjCva1GD7evXYiqlWr_nabnwTJCT3_i-Lw9nvwNfGDEyWlsYih5lFfsUomW94DspdcNCuMiouts1Xc_MS2ZvTIPggWGN3FFT_EOr3zXWOnZQ49jIsa6t1nx73-lScl02oF38furZD3GKhiBNoyXL7I6XDrSZQEqrc8mIY8GWFQ82oZa85Ehe7mt6bScchh3_lZIvT0_HGxdFwZcM9rDMXyoDUt3HsL_yOt6MvAwa8JLrHEahYXy5_SXJ1NG8-Y6HWhJIM0GHllsnVpYVPFC_jWcsw1kn0UqNGU0NbP5sitDAMd-Wy9ao-_oDfzcdtaVMfVozoZPuPh-TgISoLR6GpremTc6-9vzX2rPBf5JO0zgTCV2SSWV4aE1xV0RZo3dcRAXCojyCy4cY7l-1AK4pXGV-H5bcE5673bEVz86zIaVYfl9MCPM9ukFdosgwZFTlwA-lE0tJzskPomXkSCJ8-u4tl-U9qRrsJ1PToRCYQcPb2LSzjEu4pEBQbVSL-gkhx3L5fLRzdoDirJ1umHN6iEDfng30Lhq3Tfrtt60n_RSni9IJG9G77k5qMLvehn_pMlj10nde

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C26F 42 B
92 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWWClvhc7HKRUYW1doUdKhE2zrfBMpporBjpOXox4FpOBFpMlab5sDFrlxNgASt1-f-z7-PI8fjLvnXjR7c7f2cgfloy2Wk0y1KSWa3OOaeVooVVJ9gmBj3cqXlQ&sai=AMfl-YS0HWkJ-4qnROpGYgS72UYXIgtYZdd7VHJvjJGFZt9jn2Yj16pB3jxIEuY42Tq0VzGJ5V97XD44z1isGyriZE4voX1BtdsBCWA&sig=Cg0ArKJSzGJ5BWTZEbNWEAE&cid=CAASF-RoqkCN8a4SgG8NJokkiPox5faTpIZ-&id=osdim&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3986104005&rs=5&met=mue&la=0&cr=0&osd=1&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6521265703475481
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C6E 42 B
66 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0dFx2ml6TkRW-olyAuoLXvIKKfp8Ue9SLPzvfBje_dzKVRf_wXAiGLSBFzgSG4K7LWODp3SlH16bZ3rEbCr5idfDLoFh_CIaQgJoOd04&sig=Cg0ArKJSzH_rWHinNVSrEAE&id=osdim&mcvt=1000&p=230,1069,830,1369&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210301&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1005715999&rs=4&met=ce&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE42 42 B
66 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0f7bNdIuwaL_rrWInHwH-AeTUf31wrK4EZEHBkrV-xRi4m3ksV4boGRbxLAQpdYqyYsv67j0r488OML28UrtPPVZPgK9Yjxff409OWUyI3Gri6lPritTMSjMWWCdGFAUwKX0sgNuirqnSF5xCoHLr&sai=AMfl-YSfdcjyQIyzhWYcQgF9dRtWFbaH4VUgLMNgZKEKH1VjCvFFYHOYuveuA19NW360OU3ZAqiiCpUlkw1gJwFrTp6xlWZQ2blCNyE&sig=Cg0ArKJSzMXb3VhowdTuEAE&cid=CAASF-RogapXKUTGXK5VYlRZE8KvfXqaU6mp&id=osdim&mcvt=1002&p=0,0,90,1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3896031348&rs=5&met=mue&la=0&cr=0&osd=1&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM&adk=3896031348&adf=1480696130&w=1200&guci=2.2.0.0.2.2.0.0&url=http%3A%2F%2Fde.jampartizan.com%2F&ea=0&flash=0&wgl=1&adsid=AGt39rSpULgGLTHwKezU4Pp1hlBXdnZwpSWUUAGY4O69K9qFac08QyWD8UKv9bFpG12mGtElWPA8Ipb7nhJeNeQfhvQhhPsJLy2KiWX-xhg&dt=1555332437243&bpp=35&bdt=87&fdt=118&idt=116&shv=r20190408&cbv=r20190131&saldr=sa&correlator=7272345217917&frm=23&ife=4&pv=2&ga_vid=1450164271.1542139471&ga_sid=1555332437&ga_hid=1878894941&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=772&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=40&ady=0&biw=381&bih=685&isw=300&ish=250&ifk=938619104&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C772%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=1044&bc=7&jar=2019-04-15-12&ifi=1&uci=1.vsx5bsvs42zd&fsb=1&dtd=138&p=http%3A%2F%2Fde.jampartizan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7444 42 B
66 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR5-YUsZRBMGIXqRiDitmXtN0ZPC_42sbe3fvLTUX34T7ck3q2RY0b6v4KYSlKfvX-hP9g4fwS-tWuMcfSUL544-igz3gl_6e8PhRiyq0&sig=Cg0ArKJSzPTgJzvYv1_fEAE&id=osdim&mcvt=1008&p=2333,0,2423,1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20210301&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=550985217&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1614757360591&dlt=0&rpt=85&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.calgraf.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 07:42:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 92fe1c6de604cb073f15355e0a20fa69.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 441 B
412 B 15ms
12ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/92fe1c6de604cb073f15355e0a20fa69.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb1935db427a1db3256101570bb5e50e6c9c5f4257a44d8e01f01b47eae2dafe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 32135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 22:47:11 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 22:47:11 GMT

GET
H2 200 42db7490243233c9c6c9a150f9b07f8e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 677 B
453 B 14ms
11ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/42db7490243233c9c6c9a150f9b07f8e.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a40b54b8f164ba3f406f9640049ea3627df25048633227b23eda64883d6412d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 61659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 387
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:35:07 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:35:07 GMT

GET
H2 200 d8ce333b4b7d742fc898089d261af4f2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 393 B
309 B 13ms
11ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/d8ce333b4b7d742fc898089d261af4f2.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d05f7615dfca96508eb1e972a7adff8d824373fe995457d91e09f66a875e8c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 61659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:35:07 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:35:07 GMT

GET
H2 200 cb662a825df8e108d741a5c03d278371.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 585 B
437 B 12ms
10ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/cb662a825df8e108d741a5c03d278371.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa8e92f8d4b449449d6f762886726f2c20fd49e313e5573c89ddbf90f9d45aa2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 61659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:35:07 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:35:07 GMT

GET
H2 200 b24e021efcf1f88dbed34d512a6fe0e1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 998 B
648 B 11ms
9ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/b24e021efcf1f88dbed34d512a6fe0e1.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e34eead9950588e54653bb711be9fa27c50e318abb05468e5cf81f77b479d3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 61659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 542
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:35:07 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:35:07 GMT

GET
H2 200 6d91de00921c6d69a67840d6d4732704.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 3 KB
4 KB 10ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/6d91de00921c6d69a67840d6d4732704.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ddb08b34512b495a3c8c3c959427d7be53c613dc8847934140610711653b512

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 63440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2858
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

GET
H2 200 8dfda918a74bb3c2d5ba612817df9404.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 14 KB
14 KB 13ms
12ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/8dfda918a74bb3c2d5ba612817df9404.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d03abd7bd30d669c964770a3c1c7980431df93f0063f934585e5d6ce18fa029

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 63440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14183
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

GET
H2 200 edb69450914d95c2432e25420038ef15.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 2 KB
1005 B 8ms
6ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/edb69450914d95c2432e25420038ef15.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85165a77b3a88021b1870dfd3bdbb712b289b115c170cc8d349d6539cc63ae10

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 61659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 916
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:35:13 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:35:13 GMT

GET
H2 200 6d91de00921c6d69a67840d6d4732704.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 3 KB
3 KB 9ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/6d91de00921c6d69a67840d6d4732704.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ddb08b34512b495a3c8c3c959427d7be53c613dc8847934140610711653b512

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 63446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2858
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

GET
H2 200 8dfda918a74bb3c2d5ba612817df9404.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/ Frame E316 14 KB
14 KB 10ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/media/8dfda918a74bb3c2d5ba612817df9404.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d03abd7bd30d669c964770a3c1c7980431df93f0063f934585e5d6ce18fa029

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9694617711423867284/DE_160x600_Neobroker-HTML-2/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 63446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14183
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 16:09:14 GMT
server: sffe
date: Tue, 02 Mar 2021 14:05:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 14:05:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.calgraf.com
URL: https://i.calgraf.com/photo/tehnologii/90/kak-perezagruzit-ajfon-7-dvumya-knopkami-chto-izmenilos-instrukciya.jpg

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.calgraf.com/	1970-01-19 16:33:49	Name: _ym_isad Value: 2
.calgraf.com/	1970-01-19 17:15:49	Name: __cfduid Value: d368798a9c0d7e71122b0f183ff2f09c01614757352
.calgraf.com/	1970-01-20 01:18:13	Name: euconsent-v2 Value: CPCeGtfPCeGtfAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.calgraf.com/	1970-01-20 01:18:13	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTc3ZjcwOWYtMDhjNS02MTVhLWIwYzItNDlmM2M4NWMyYWEzIiwiY3JlYXRlZCI6IjIwMjEtMDMtMDNUMDc6NDI6MzkuOTA0WiIsInVwZGF0ZWQiOiIyMDIxLTAzLTAzVDA3OjQyOjM5LjkwNFoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.calgraf.com/	1970-01-20 01:18:13	Name: _ym_d Value: 1614757360
.calgraf.com/	1970-01-20 01:18:13	Name: _ym_uid Value: 1614757360598147750

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 2) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 2) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 2) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 2) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8645340410058675(Line 1) Message: ALL_nl
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8645340410058675(Line 54) Message: zxcmp->start full check gdpr
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8645340410058675(Line 41) Message: zxcmp -> START GDPR
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8645340410058675(Line 41) Message: zxcmp-> onReady
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8645340410058675(Line 42) Message: zxcmp->start AgreeToAll
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 2) Message: zxnt native v.1.1
console-api	log	(Line 14) Message: v1.2 sfr zx ad 300\|600
console-api	log	(Line 17) Message: v2 sfr zxm ad 300\|600
console-api	log	(Line 14) Message: v1.2 sfr zx ad 300\|600
console-api	log	(Line 17) Message: v2 sfr zxm ad 300\|600
console-api	log	URL: https://bk.jampartizan.com/adx/1_zxm.html(Line 10) Message: err\|not Hh&Ww\|change default

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4bb27adf5884c8535e8ef6501ae3ddd.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
bk.jampartizan.com
calgraf.com
cdn.zx-adnet.com
cm.g.doubleclick.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.calgraf.com
ja.calgraf.com
mc.yandex.ru
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.mfadsrvr.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
storage.googleapis.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ymetrica1.com
i.calgraf.com
104.21.62.125
142.250.186.162
142.250.186.34
151.101.1.195
151.101.65.195
159.253.128.188
193.0.160.128
2001:4de0:ac19::1:b:3a
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2010
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a02:6b8::1:119
3.121.49.210
34.96.105.8
52.57.167.187
80.239.201.87
88.212.201.204
01e34eead9950588e54653bb711be9fa27c50e318abb05468e5cf81f77b479d3
034505917d60cab9136d00a754735a35c4b937f060e1eec84440eea06fc1076a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1032e0e7c930a900d3b39f11996b8cc5b46e7c26dd5f2e36cba2d9d85ff9a6ac
11cb6f57e40ba6b25c3610aed3bb4035a3f2af6ec2bdf0cffdfde88b2d70e76d
13b3e95a734995857dd7444ac3a04d1259c0d040997f75fd89eca876904ee7cc
13f64a5b20ea80815ca18aa0c46b17b537d776b9fe270f04f5d49c64f0e8d571
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1332c8a7080f0812b912170b5c08e793b1d42be98384796aa857ba53dd11ce
1d30f2e559513e5ae255d673b7a608b332e9c2f7e6431447adc6cbf18141f359
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1e8d05fb972452a2a9feb095b03aff42cea062c16207598d10914dadcf8e9969
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1f475d7624722e9bda46deffdff888631a5cbbf5889c762c33bafd6f9c523ff4
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
2212a2f496056204479696662ea12d431fba72ea86641ba79d0392aca7245c93
24826297ebac3e88094d08b364ac45c118d3c13a00dbb28ca8615d1343f5ba16
2a3c4d80e5225b1b6263e82e1544411f6d7a1c3a1c0f649956e06d50558787e7
2a618212c24ddcb2fdf27655bc9bb7b0a95d22aedcdded05781fd6b81ce6d10a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bd620648dd52d968fc4dbf4efc9bb43f663454e8f39e60a4a46bc06b0d15e1e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0
309905f79ad92f7dd075d672d0849cc92698de7c3a6df28df2bfca9574e30f8f
32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3
36cabc986091bcbd968af2321f30dcb7470f5471f6fce0d59f06bf8707dc7241
3a89da8fa415e2585e52405662af47220c3c028ae20e2ee0f6b3a585cf54ef10
3b5dec30f1f967a9f550b714a24faf99c48b85b73cc84ec766fdd857f5217b6a
3cf7652b0eb51b5ef21ee96200765b076c6bc7bacbe32910b8f2652d24aaba28
40888936f3dc9567204785d9d55fdaf5506d753e25ed5e45f7bd199501a0b1db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a486f6038525ea495c131010ac4c9e46688b7affa076a5e4781d9531362ffe3
4cd0886fcea03fce0f7361cb35c9695a917dfdfe8efe96e3fdf102eca42d987b
4d03abd7bd30d669c964770a3c1c7980431df93f0063f934585e5d6ce18fa029
51f3063572dcfb3434f0b9f0d497539af83b284d359b07ec6154ca0d8241df25
52d05f7615dfca96508eb1e972a7adff8d824373fe995457d91e09f66a875e8c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56290d816b4f060dc3a3e9229ec416ae1a61e33e159c3e475bf1dd84fa18f5ba
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e6a591d04fe3bdbb88ba00ab1c62ec8af93b0ee7689773f0c275e876060d1e1
66bf2afe19384e53d6950a8992c5337f38bf1c5f571e8500512faa752b0b288c
6ddb08b34512b495a3c8c3c959427d7be53c613dc8847934140610711653b512
6ecfb6909bbbbb09106c3425b678554c6c97638912e1614dd63d5068c71dfe18
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
71c810be19813ca31c2a569499d53488fae7a881eab49dc549729d6ebe38332b
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7bf0903602b5ed2592fd655af6b3bb6e261678e873475044870b368c19621603
8042871d35d08da41f4ce75fe2ec41ffc5db58d19aa5e55a166995692b1098b0
808e722fe5fcbdc2da2f1ac9f2d391c927ee5d0997035844d2cdfab6f5a735fe
85165a77b3a88021b1870dfd3bdbb712b289b115c170cc8d349d6539cc63ae10
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89972e22a1bd4b068b13807f3aba840d00f600c0e7e695fd6f27c4ef5b071b34
89b0d90f08b1ba7421ab0e08d356d85410f09be56222e2d8b4afb56a6c41525d
96cc3e09a5b130cc9db6c90c672aca161eb3bd53b0fee244d6501769301e2b2b
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
9a326a6f3223ab7db402b6d5347a4add149a2090c68e93ad57f2f7e2ba29e39f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb53a0963244f658a0e80d34c91994946f846dcc918064203816333cde02212
9bd881277f90107cb5258893136c3a850574d0148cb9139f8d0028154a4ed2a3
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9fc88aa9652f3c7afad6e9ba13ea48aabd330636bfaf4fc6b1e55b6150f2a6c7
a191e069c62574919b7ec461b596bcabddf71f74bd0c972347b6a42538946e3c
a40b54b8f164ba3f406f9640049ea3627df25048633227b23eda64883d6412d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7f105b1932fa89c252036645789a38eb5c0a4136c8564213ef37cd958d78d72
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
b0a9edfc40fb6d7dd1263df171b41ee819e6d02bba2f381faab32edd037e41ec
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c7d4c43f68c47e19be7184c316c903223b984fc57c4634fada219f486663cefb
c89a0132796ff9f9ca931fea3ffa37ae567cecb0e8f0e55dd2651024a222c1c1
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d2b146acaa9212cdb2339350edfc14ec9ad13762ecb524d72006869e867c1a18
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db990ca3a7886913ea06647684d1ef7331c8cb519555e603ddcf57a3a506ee5a
e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
eb1935db427a1db3256101570bb5e50e6c9c5f4257a44d8e01f01b47eae2dafe
ebff2a22ff528ad22804905a1660de78dbbc7b7c33706ea7bd3e0c31afd7de1b
ecd766a690e0d4d93a1fd5713d744b6ce51963d67b62def74fe37f3747a14a30
ee48c70479dd48e6046830d53bc5a03b172cb2139a5cb3872a2f763b49b197f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5192a828050605b052fec591f8b0015cb1b594a546a3a2df4c9648eb4a1dc
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f3853d77655c566ed7d3844312794388f177b8c673612ac279042e780568e755
fa8e92f8d4b449449d6f762886726f2c20fd49e313e5573c89ddbf90f9d45aa2
fb67766d29c26765f81fa9d950a302fa9811e81d98ad14e83fa3f450d6faeb1d
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

ja.calgraf.com Open in urlscan Pro 104.21.62.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

96 %HTTPS

60 %IPv6

20 Domains

29 Subdomains

27 IPs

5 Countries

1708 kBTransfer

4732 kBSize

6 Cookies

34 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

ja.calgraf.com Open in urlscan Pro
104.21.62.125 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

96 %
HTTPS

60 %
IPv6

20
Domains

29
Subdomains

27
IPs

5
Countries

1708 kB
Transfer

4732 kB
Size

6
Cookies

204 HTTP transactions
6 data transactions