4fsrsva8sbjncs.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2d08 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://4fsrsva8sbjncs.pages.dev/
Submission: On February 25 via api (February 25th 2024, 4:46:50 pm UTC) from US — Scanned from US

Summary HTTP 205 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 17 domains to perform 205 HTTP transactions. The main IP is 2606:4700:310c::ac42:2d08, located in United States and belongs to CLOUDFLARENET, US. The main domain is 4fsrsva8sbjncs.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2024. Valid for: 3 months.

This is the only time 4fsrsva8sbjncs.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:310... 2606:4700:310c::ac42:2d08	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	65.108.151.182 65.108.151.182	24940 (HETZNER-AS) (HETZNER-AS)
1	13.225.214.96 13.225.214.96	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
24	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:266... 2600:9000:266a:400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 2	13.59.115.51 13.59.115.51	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3037::ac43:d8f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
10	52.218.1.112 52.218.1.112	16509 (AMAZON-02) (AMAZON-02)
1 4	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
36	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
205	25

3 2606:4700:310c::ac42:2d08 (United States)

ASN13335 (CLOUDFLARENET, US)

4fsrsva8sbjncs.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 65.108.151.182 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.182.151.108.65.clients.your-server.de

bijhdg6t.ddnsgeek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-96.ewr50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266a:400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.59.115.51 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-115-51.us-east-2.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:d8f5 (United States)

ASN13335 (CLOUDFLARENET, US)

highburyads.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.218.1.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

da1ee1aabdadbe7abe5ded6e921889c7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	ddnsgeek.com bijhdg6t.ddnsgeek.com	2 MB
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 da1ee1aabdadbe7abe5ded6e921889c7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 161	2 MB
32	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 85	221 KB
10	amazonaws.com cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com	1 MB
6	highburyads.co.za highburyads.co.za	555 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 159	1 KB
4	sharethis.com 1 redirects platform-api.sharethis.com — Cisco Umbrella Rank: 4457 buttons-config.sharethis.com — Cisco Umbrella Rank: 5023 l.sharethis.com — Cisco Umbrella Rank: 4641	49 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	242 KB
3	pages.dev 4fsrsva8sbjncs.pages.dev	27 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1133	229 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 467	288 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 136	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 787	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 341	28 KB
205	17

	Domain	Requested by
70	bijhdg6t.ddnsgeek.com	4fsrsva8sbjncs.pages.dev bijhdg6t.ddnsgeek.com
36	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
26	securepubads.g.doubleclick.net	4fsrsva8sbjncs.pages.dev securepubads.g.doubleclick.net pagead2.googlesyndication.com
24	pagead2.googlesyndication.com	4fsrsva8sbjncs.pages.dev pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com	4fsrsva8sbjncs.pages.dev bijhdg6t.ddnsgeek.com
6	highburyads.co.za	4fsrsva8sbjncs.pages.dev highburyads.co.za
4	www.google.com	4fsrsva8sbjncs.pages.dev tpc.googlesyndication.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	4fsrsva8sbjncs.pages.dev www.googletagmanager.com
3	4fsrsva8sbjncs.pages.dev	4fsrsva8sbjncs.pages.dev static.cloudflareinsights.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	l.sharethis.com	1 redirects 4fsrsva8sbjncs.pages.dev
2	cdn.taboola.com	4fsrsva8sbjncs.pages.dev cdn.taboola.com
2	fonts.googleapis.com	4fsrsva8sbjncs.pages.dev
1	analytics.google.com	www.googletagmanager.com
1	da1ee1aabdadbe7abe5ded6e921889c7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	gum.criteo.com	cdn.taboola.com
1	www.googleadservices.com	www.googletagmanager.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	static.cloudflareinsights.com	4fsrsva8sbjncs.pages.dev
1	www.googletagservices.com	4fsrsva8sbjncs.pages.dev
1	platform-api.sharethis.com	4fsrsva8sbjncs.pages.dev
205	24

This site contains links to these domains. Also see Links.

Domain
bijhdg6t.ddnsgeek.com
www.joburgetc.com
www.capetownetc.com
www.africaninsider.com
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com
wordpress.org
highburyads.co.za

Subject Issuer	Validity	Valid
4fsrsva8sbjncs.pages.dev GTS CA 1P5	`2024-02-24` - `2024-05-24`	3 months	crt.sh
bijhdg6t.ddnsgeek.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
highburyads.co.za E1	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-31` - `2025-01-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://4fsrsva8sbjncs.pages.dev/
Frame ID: ADA6DC2C0DB10D093F8FA87930131B20
Requests: 126 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: 03E5D4A3BD52128F8302FA0F865BA882
Requests: 1 HTTP requests in this frame

Frame: https://da1ee1aabdadbe7abe5ded6e921889c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF14740272B2386767F8E640FB6940AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&lmt=1708879603&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708879602429&bpp=6&bdt=2232&idt=606&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1020626064270&frm=20&pv=2&ga_vid=850906360.1708879603&ga_sid=1708879603&ga_hid=557716079&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C31081316%2C31081317%2C95325069%2C95321958%2C95321868%2C95324154%2C95324160&oid=2&pvsid=2542686631176252&tmod=1633846061&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=665
Frame ID: 4422F4D79449D3487E527A52978765CA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRT-riPD0IJreuiJnME0332rqikx_RQpqxEySKZ3sR0WaPTn_FLcZUWa3kOAu_XA2g4toKCKcUhpCZYju71VMGeABQxxQ3kh_nWYIxL6CSJ2LYAIv5g20WfwKSRlqQ0BmNddU3POxVDZQZylPOp0HxdvUZaHMTsXSWV5ppaay6Q5D1240mbNrC8JfufsAaSgE87VniG5uJtyTvAjcJ0f6Cn6l9VryPz6WRiJxGCROLmpgkY7xRQnTYAhAeuzgAHzwkrk4zF776cM9xMw0s4katjovZvLf-QXQoxTjnDtO_5gI0NDcO0vaDSgjh04nJ0JUu20OkSWX70WP2rafdKmR8kcm4JQlQ&sai=AMfl-YQhcwuoPY93XJbelsprApl1c2HgzT_gcnwiaoJdD7uhdhigl_KUWHNbN3iYugsAKGo9cHUkJ4ASd4VWKHT-CMUhdbJf4GrsbfpnIdvfjYs1MV2gC2nCQF6w0XMdRX4YkrEjCKkYQhWAmYe0LTdL1t6V&sig=Cg0ArKJSzHb5r7XmoZh3EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D4073500801961C48B9BB884C545FDBB
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2lo6Xjo_BfT24icndSQgHYIlD2AtUJqSMXMSPI0m1voZ0Z12HgVOZbh7k6BC5pI4iySfvhGim0_6jRd5CcVjrUzjvLaWrqcWZf1HxrL8kqa9LJHnHwt0CGNEhXeX3jnJFUFVFSRSzYW4tu_jq0EWiYpASgwHWDThNhw84-s0JEOAEQ2HLYoa1fMKFlo4cOb7M9Qxpkk7jxSTwmae0-ON2hjTCBoKA6V0OFU9IbUfbFPC_aK6ONFWhmSq54hABMM7nNSjZerUyCkYZpR1Ay5SRXr35ARV97vDJ4fOHnYGSyZQ1ImH8IlGlqvCn_91HH4zGmamEPF3wyYeBJFG-y4MwMHgxjqDI&sai=AMfl-YQ5VCLwoaqKl1Vb8kaR3uq7g6NLPoPdy3mz9wNl8AirO3U4zISRRWYIWiTDfn8Wx6g1UfwpHyYTfYrHCovWXzM29MngW5n7_u3D8f-65nG-SQ4x6tONjQAtQC-3xUwCB9WuQtQ-Gv-znV3i7v08YkoW&sig=Cg0ArKJSzA9OYKPpYhOREAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6BD3282098A2DB3024456ADE12D3EB5C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvczqsp4eHfKZtXoZ6vMPQhaCtqsqWI-zZ7a1ijCS5YVH4uR395Qf0des_RQBcZi1yY4KScZaGy_dQrQT0GYO1aBuDJm7GpONl-FwOTaMDqxQdRlzjdQZ_BHsRxj5lh6MrQYvBH8CuNUiJSyxjMxEHr_917jB1dCwwH8gfrp1_rKMkR6s-vs3CCl6MWfAqfBZexZ3NmCyUKpSj8-i7v2mWUW81ZWbRLIyDzkFsMdZcbIRMU6jtTDejrHspcjK6ZEVLOt7sgn-QMiMF0x2SYuuocdkoZpB0E63h41abR9WOy4f5kjr9mZdVGY0TdM1n3aK8pEUXByxCbZqs4QQ5WhTCRC0Gy-pvsTt2xaOq5vw&sai=AMfl-YRs8f4UxYMo5R3_8iZ-K7pqetSoqn9PKNqYvptzTYjxvU4GJDZ-re-5hjJRrRoRhxh8CUC4bGI5NdSJ2K9LGb92gG0VTb0GzXi1l_rhFgmknYBle5Cl7_YKds9FHpoiZTj3NK7V6sbszj_wLrWDb6JE&sig=Cg0ArKJSzF-6o6y7UfnxEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F42B05BB9D62C0B503CC71BE62A8EEC9
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXkewRBgf83QAdo8QBVl62-amZMSOvIiu5ZQVh-f1GoJ_TjyCLbdP5S2Y78RCkOO-Y1vY4j25bssojLXK3b_gOKB5pT_EGJyYKjqC2lMygoOIsUXebwiVFMhTtgQGZd5WfvW4ubwtIyX7o8ITX86DWiSBqSxzm_0R_ODE5eCFAB54EKeobU4vYeutSILgqjjkzn4Sr4aV8-p-cztWbBpjdCj0al-40Dtv4w4g_GFjeT_oAeJTk5Xp10dj002hPWWDnsB79nJtiMg4YX2EXsC5oa7GqefTfHlg9HpqawrhgdzwPW1Bn9X_C-HYTJ1i7ZfRdpOtSDPMlzGPhvKjqNKY2goPuM-amzAiXVaK_7w&sai=AMfl-YTkUqPUiNi1QXfd9DiP6HKDWhxK-kZbNpYj50Zx2Ow_lXbimF85vAG7j6HFAgHPGDoTopgT6v9QbToPtw4mqUm7VWthWqunhD0Fv96rg_J-8J39qSG2dyXVlJiOsbtt8phELDPAkxuftookcmmr6n-F&sig=Cg0ArKJSzMcY28xdEgPREAE&uach_m=%5BUACH%5D&adurl=
Frame ID: CF327A5B4E80C8CE3FBEDC1601B6CE54
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssALP-t7sXEZs0UO1UFCZkFVQubSgeQXBAlf1iOdqAzz6HH2D0XudP-NlCfhlf8t44LpyqJC1tip2yVSlh46d1g2jWiYBtNovGI9E8tA4QWjUOjOVEFj-O40vcweJ79S8jEYBY_YbeQ68CB8arFY4JOLQGo2thcvraaqy6ZD6KGy5YfrM4yza5z7EBZpuzBJCdWjR38MP1yHLhiL6NPArsUpD88JlLI7QZs7rNV5avFIh2mF24F6viJwvUH__yBv6QyqfwRVoJYXI-iVBTlJylzvE8dkSvYSWx3bgdCT2V_iqZEtYDlNeIGHfprJFlhuI72sBX4LD9IdS0bKOI8FnmAyJ3BDGZ86A&sai=AMfl-YRMcLv8THGa5Nn68G31aZxMWE0Ze98dHnvPThbVnHlik4XytPGJqXssqyx3RgK8fB1eVorj9N879SN_ouLsD9rgF0DrptDMvPC6Ujzlmo7VrfDRooX4CV60B0e3Z9aTAMG8stcpyG_0VmQ4bfMdNX0u&sig=Cg0ArKJSzJra4knCBtZVEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: EA0EC55D81FFAC3355127BF0C8F6C92D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoOiBNJo8jUlVKhq-PdQeYuPPIMtSt_jmcF2nBmVwcFT6hTIR8Fn_bVN_lh6Lm0sqQFL3cDb7Rnn-zPHuL2Mz7xXwTm-BJUh5oqT5Yga_idS2RipNBcDVmCX4UOzsu3zbPeGdpjvgzBRXMiK0b966NB4HN_uOHcCo4y_ds4wGAfDoPFMlVyzTmXtO_P3CVo5nIPdM9OFGhRhh53vX-F1XuONG4J3945jIK2mud5aL0fFjxTDa6Ozs0mHc8tfeRFcf5-SCJYtBCBXQ-tBCpcHYoFeVKu_ZX_RIwcHHosBVDUx-3wJ2EFMcujIieoOrhJoulYACf8Nc6ghY4hXiTNO_kCUEAniOo4w&sai=AMfl-YSoB-d_WZ_5XUP3FUve7Ts9tB6OJNgTl9GukQE-vWN_JVF4XwRZLnfUfILQ1jH94hm6NaBSDlgWDmLokMR2s-lqdITgqkj2ytwVUAjvNa1w4bwLcCDTRnE_ClZvlsL4WQCFLCm8kh0ZdnloAVBgsXBV&sig=Cg0ArKJSzIMEgIB_NgIUEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: FDF5C83C017E9EEA58F9A9822A975E95
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLHVS0cKGaleaDmQQOl7K_Am7jiY40JVfxVUGtHWy0M9mFQmy68l0yv6qTlIDHoIUFs3G1dAyIGq-c7A6Dtk4gy5qJu2p9a90CChenxLEEuSBN1LsPD3r3huUsQ544XFK_RIOJiRA_aPSa57-XyF6JtrprstvSUI7RHpegzEg30oxO9Uinxv5AMYTMlwUUTMpbJ4BxYa56Si7bKUqR97clqjbtTeGAY8lsKc1hTdkErC7rcaPdMKAJwAXwtlJw8DD05EVu5mB9duIg0Ng7y6oKdhtWP13d77dJshil7KKHKs_9SMfjqNSOBJrkebqfXE9nfl7qnPy1gX3TsLfMYnRuSMP15Kyq&sai=AMfl-YTU4W4dHGV7UIebhxs-wNaGicDW1XYPmd74eRjkkN0W6oMmmjhovr7kJVL7TWQgQXbW4Ouz3-7eeRSU3t91aZi0LnwIw8BmtjoWvZ_s9ZRQniV-5bsVwQ8JgykYcdOJ3_iakt2_XEW-6kt1JXq_jtgo&sig=Cg0ArKJSzJ1EATtbQh98EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3624BF34FACF23D65A647243782E27D3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNilaU7edNtmA3F7NpSWKOiyub0ZNbcd-C2_Eylf54L6CmEfgcMVNZ3zJDy7SoTnmPyQRziAojw3UcbBA1BXDK9I5rZubjAgkYQpgWsWcjbOBP6waL-d_v0CyR3lGPhvIq72GidFkc8NruuZVctA8U7uY5ETxmFECrSNZ7PKJ0kQ9Fz4puDRMXyaeD1rMQrU4pVekkmr-UIs-TTe_Cu-7E00bvans13wzcBAcdR5k3FgTlrZ_PBtZpQs-jujYF4N5BCyDgSGAE0TPqEnP-XJFPfZ7THB82TV_IfaKbezUcBB9uBuYK-2KiNadZKroWLwBeRlu8ddSPAAcGTDtH1m5FrMx5N0fP&sai=AMfl-YTa41wVMCCEzKKQ_I8NSG44xI5TA8xwlKUgqJ6OxnF1Mi4BehDQhFfnqPYMlrtL73JG8tHJBCbu-LTyvCSQHkz5-ryVVCnOjyFVfLgsw-L4us6dtCVAamVR68zNeshWU8N-_Pw4AnL3eCt87LSdY7Gs&sig=Cg0ArKJSzKW-z0GjzJmTEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E0A953F293C49081D6D4C013C38FC7E1
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB8CBIlx9VaP4CpH_BXrzMv0CDukciDfmVyhybFe8l4F026lnSR7DUBatXcURvvCPamXFd9ffeqP10D4SkMuu9zEm92ghSWpHXuyCcCdP1OGTDTGD4uTg7h-8VvU5x5NsXpqyz4sqjI37FmQH4nLYEZcT3putsALFk5ikDK-BTrJbDqmAomhHeYJryy0vy0Otd5hBZMRr4xm5sRYPlNAzvLP9tI5CG8parDjBvER3rWI6POHWVzp49ZvD8PanOaLK2Iy37zrfZyE7EfDtHbb_5ZnisLXYK1UY4wvczK_PQ91ak4wEiJxoVPD9hXfHl65idQe78lO1huGDsscDftHXDmSUrBs8g&sai=AMfl-YRYdkhF8ngIzECULvD6riKTRQBEX7JK8pNSr6YWWpIzXHxEWB6iwGPonk31dYN14OhwtfMg0cRQ3vIkq93BIcTozxyOE0XOTks2MIprNhRawpSNPy85i_kht1HCL6Msy04P-Ws_4M6POn_dfp7upoD1&sig=Cg0ArKJSzBglAGI1i1rKEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 06A48B7921C6A8712BDFCCA122789565
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucEzVl24jbrGDy7EXtVEofv8rWoMd8XHZbisegfcuxWdxFh24MJL6eNBNdZeAGWge_gkl8wBjZ4UTC-UaJop24m-VWss0RLXOmyfJbk-3suWWYUnUuAV0RSNt2dznpH9W8tzWfmJK9TPOjiuP1mz7QPj9t7qNgmslAsLVkazDQc7micn_L269-6OGkfOUP9v4hrsJhJyoDHgDUZpAovu-wOFagGcrImB1Y0kqrfAr5XQy0WnFUpPlMUW6D2GLrt_Xyu25M-cxU3boMiWz44fnDaTGwesaOrGnC5bNnk34ztdCJ-GIyWEoNaGXNhw1m_75ezdMliAEdF1o0bV6EgJsWA5ap6aA3&sai=AMfl-YR8Ec9KeGkoblP-IMj7P9op7rB44azCnwhMxcBxRtEd4VPC08TPd80PO8hYEtpLkbURPvHljFQI7VOdPJ3lEHT2Eto82rrjZQVdu4A1JJ8XpXDRnev8LdMIgsXirie2-u5Cze0mE9rO_2XvvLExmw-w&sig=Cg0ArKJSzNy_uxdhj4OIEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C737F11703779D40B48BDB1E90ACD2AA
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-EGTN6YBKNXt8ClMSWrIXI8i05PwTMWj-xcku_VMYvoQc-fHz2Uq23CB2CxkIGRGtvbJk4WQyv03F4HHvlHg5mo4PtuLGHNm8pEOSNR_j5tJU3imD-tG3GVH4EYgnXtc7vWYu_QfuIzzJ1hYf2d4w-NqTIcwHvGh5OQD-tfkwLhN3To0NPiJuJTupmPX4b-qMndEpn852cOSrbT3u5coJSo2C_flXsKyTyzpl0JtrNL3Ai_5viW_qIifqr3nv5_CeayqyGIKI4atuH7D6YiCBvdjyqkn6GPY77C5Z-uRtrdYGgu40_CgQRKliAuAuztZzXPBF6JphyVb_h5k7Qw027rlNI4smOQ&sai=AMfl-YQvC62xLxqgcvGZf9r1oXfzwa1TsAUpzU-OVxBdPyZ9glWsuRHoAnWTowMi5d3H_XOwNMEQ70xeEnIlY4HPEqA5WsYB_z8RZqowW-15wi6oeGdbeTAU-8ULbUT62cwodXW9Hxlh1jmQWHOF64SyokAC&sig=Cg0ArKJSzIiG-8Q2XsolEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 1B8FB11D83F0599B3C4FBF51B1067635
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A17EE98D623B652C4DF07F13F4EC2075
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5B6A193E9E1539A9A1EB84B37AB7949
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Car News, Car Videos, Car Reviews, Car Road Tests, Car Industry News, Car Rumours, and much more | CAR Magazine

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

205
Requests

99 %
HTTPS

75 %
IPv6

17
Domains

24
Subdomains

25
IPs

3
Countries

6603 kB
Transfer

11768 kB
Size

10
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://bijhdg6t.ddnsgeek.com/

Search URL Search Domain Scan URL

URL: https://www.joburgetc.com/news/
Title: News in Johannesburg

Search URL Search Domain Scan URL

URL: https://www.capetownetc.com/
Title: News in Cape Town

Search URL Search Domain Scan URL

URL: https://www.africaninsider.com/
Title: News in Africa

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/bakkies-for-sale/
Title: Bakkies For Sale

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/elite-cars/
Title: Elite Cars

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/news/industry-news/tesla-south-africa/
Title: Tesla

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-valuation-report/
Title: Car Valuation

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-insurance/
Title: Finance Calculator

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/news/industry-news/natis-online-booking/
Title: Natis Online Booking

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-dealer/
Title: Car Dealer

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/videos/dashcams/
Title: Dashcams

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-price-guide/
Title: Price Guide

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/magazine-issues/used-buy-compact-student-transport-under-r100-000/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/news/red-bull-shayimoto-spinning-competition-returns/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/magazine-issues/starter-classic-opel-manta-1971-1976/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/videos/performance-shootout-video/drag-race-honda-civic-type-r-vs-renault-megane-rs-trophy/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2020-mitsubishi-pajero-sport-2.4d-4x4-a/t-western-cape-mitsubishi/5294434/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2020-ford-ranger-raptor-2.0d-bi-turbo-4x4-a/t-p/u-d/c-western-cape-hermanus/5294433/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2018-mercedes-benz-cla200-amg-a/t-western-cape-mercedes-benz/5294432/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2022-fiat-500x-1.4t-sport-ddct-western-cape/5294427/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2019-ford-mustang-5.0-gt-a/t-western-cape-robertson/5294444/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2019-ford-ecosport-1.0-ecoboost-titanium-a/t-western-cape-robertson/5294442/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2020-mazda-cx-5-2.0-dynamic-a/t-western-cape-west/5294439/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2020-abarth-500-1.4t-spider-turismo-western-cape/5294438/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2020-ford-ford-ranger-2.0l-bit-d/c-wdtk-10at-4x4-western-cape-riversdal/5294436/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-for-sale/used-2020-mazda-cx-5-2.0-active-a/t-western-cape-west/5294435/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/news/all-of-the-car-magazine-top-12-best-buys-for-2024/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-toyota-land-cruiser-70-sw-2-8-gd-6-auto/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-volvo-ex30/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/living-with-it-toyota-hilux-raider-x-limited-edition/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-mercedes-benz-glc-220d-4matic-coupe/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-honda-elevate-1-5-elegance-cvt/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-gwm-tank-300-2-0t-9hat-4x4-super-luxury-hev/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/review-ford-territory-1-8-ecoboost/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-bmw-ix5-hydrogen-fcev/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-mercedes-benz-gle-450d-4matic-coupe/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/classic-drive-bmw-2002-tii/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/videos/performance-shootout-video/drag-race-bmw-m2-auto-vs-mercedes-amg-a45-s/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/videos/performance-shootout-video/track-test-mercedes-amg-gt63-se-cps-2024/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/videos/local-farmer-boasts-impressive-collection-of-ford-tractors/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/videos/performance-shootout-video/track-test-audi-rs6-performance-cps-2024/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-mclaren-750s/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-lamborghini-revuelto/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/living-with-it-ford-puma-1-0l-ecoboost-st-line-vignale-7at-introduction/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-chery-tiggo-7-pro-max-executive-awd/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-omoda-c5-gt/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-volvo-xc90-t8-awd-recharge-ultimate-dark/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/living-with-it-chery-tiggo-7-pro-max/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-armoured-chery-tiggo-8-pro-max-390t-executive/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-toyota-stallion/

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/car-reviews/driving-impressions/review-svi-b6-armoured-ford-ranger-wildtrak/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CARSouthAfrica

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CARmagazineSA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carmagazineSA/

Search URL Search Domain Scan URL

URL: https://twitter.com/CARmagSA

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/advertise-with-us/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/competition-rules-2/
Title: Competition Rules

Search URL Search Domain Scan URL

URL: https://bijhdg6t.ddnsgeek.com/privacy-policy/#cookies
Title: We use cookies

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://highburyads.co.za/www/delivery/ck.php?oaparams=2__bannerid=5984__zoneid=1599__cb=602f4ede3b__oadest=https%3A%2F%2Fwww.gwmtank.co.za%2F%3Futm_source%3Dcarmag%26utm_medium%3Ddisplay%26utm_campaign%3Dtank_launch%26utm_content%3D300X250

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://l.sharethis.com/pview?event=pview&hostname=4fsrsva8sbjncs.pages.dev&location=%2F&product=unknown&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&cms=unknown&publisher=6405f13eb20f5f00192a0d07&sop=true&version=st_sop.js&lang=en&description=Car%20Magazine%20has%20daily%20motoring%20news%20updates%20along%20with%20professional%20road%20tests%2C%20driving%20impressions%20and%20all%20the%20latest%20model%20updates%20and%20more!&ua=&ua_mobile=false&ua_full_version_list=&uuid=ea8884b7-0713-478f-a15f-e9e9a1f6cc1c HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=4fsrsva8sbjncs.pages.dev&location=%2F&product=unknown&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&cms=unknown&publisher=6405f13eb20f5f00192a0d07&sop=true&version=st_sop.js&lang=en&description=Car%20Magazine%20has%20daily%20motoring%20news%20updates%20along%20with%20professional%20road%20tests%2C%20driving%20impressions%20and%20all%20the%20latest%20model%20updates%20and%20more!&ua=&ua_mobile=false&ua_full_version_list=&uuid=ea8884b7-0713-478f-a15f-e9e9a1f6cc1c&samesite=None

Request Chain 117

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=9949020&cv=11&fst=1708879602593&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=0&pscdl=noapi&auid=1319330237.1708879603&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=8m7bZYySNcOhqMwPyNeR2Aw&sscte=1&crd=COy7sQI&pscrd=Ek5DaEFJZ09mcnJnWVFncUhyeDZ1V3Fma0VFaVlBb0pGYTNqZlRMbWpqQ3VDSlVONm9IOU43LUh2NmN2VjZiNDlVMVNVcHEtMGRiQ2VVTmcaWkNoRUlnT2ZycmdZUS1JX1A5cGFDb1BEcEFSSXVBTTBRU2xWSWtNc2dHTU44VzFxV3UwRld6SmdqVUFBMnA2QWdFb0FpeWc2ZC1nUmRab1QwZGgyVGVlRGU1QSITCIzTxc34xoQDFcMQigMdyGsEyzICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI HTTP 302
https://www.google.com/pagead/1p-conversion/981195317/?random=9949020&cv=11&fst=1708879602593&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=0&pscdl=noapi&auid=1319330237.1708879603&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=8m7bZYySNcOhqMwPyNeR2Aw&sscte=1&crd=COy7sQI&pscrd=Ek5DaEFJZ09mcnJnWVFncUhyeDZ1V3Fma0VFaVlBb0pGYTNqZlRMbWpqQ3VDSlVONm9IOU43LUh2NmN2VjZiNDlVMVNVcHEtMGRiQ2VVTmcaWkNoRUlnT2ZycmdZUS1JX1A5cGFDb1BEcEFSSXVBTTBRU2xWSWtNc2dHTU44VzFxV3UwRld6SmdqVUFBMnA2QWdFb0FpeWc2ZC1nUmRab1QwZGgyVGVlRGU1QSITCIzTxc34xoQDFcMQigMdyGsEyzICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&cid=CAQSKQAvHhf_E1mgjxcx__AzDGBUAHHOeHhrS2u9QaN2FgkS2pYj14MjjeWO&random=3851911467

205 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
4fsrsva8sbjncs.pages.dev/ 155 KB
26 KB 796ms
698ms Document
text/html 2606:4700:310c::ac42:2d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6988d947aa969a0dcb1b385eb19b0600842ae629452685e00b2f40c2180f66b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b16cf8e8cb8da3-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 25 Feb 2024 16:46:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.carmag.co.za/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfWRC%2BLmvY%2Bw3LuNUf5PgC9P3gsMdIOK6ij%2B0%2F6uw3WOp9ErG84wNOJVweFOIE9tEE8WA%2FQT2ozDqBtffhgrDItfCQZczoi2q%2BOJJh7r5%2BwDCWyP9wQGmgUa%2BJlyS1B%2BGMc%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/ 208 KB
208 KB 809ms
305ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/style.min.css?ver=480
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 346e82fb4cd0cda82f2e36d4f07e6c160b6d68fcfdf15a2c141994c42883b453

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2023 13:06:24 GMT
server: nginx/1.25.3
age: 1396
etag: W/"65030550-33e70"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BOGVkJ6O%2Fkyvsd8vwaPxRD9iaA%2FAIH%2B9Ulq1wggMyTlq54e8D5nradkm%2FJ%2BYGgjhwRYwg6x61nM01ohO1WhfI5%2FpQysxvjraXKUP%2FYb%2B6zdetLZuSdne6QjAKQozx9BEJaL9qfI9dBl2GAAJZL1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d0168e1796d-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 wp-emoji-release.min.js Show response
bijhdg6t.ddnsgeek.com/wp-includes/js/ 18 KB
19 KB 1268ms
806ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:41 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:27:14 GMT
server: nginx/1.25.3
age: 2173
etag: W/"637644c2-48b9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVJPWwEI0id5nIL22IgpjWb0%2FhsteynoT7sTX%2FWZShtD1V0ApBJddy7G9qmwfMeVbNEm8ZicLkTUHeBNQoXIzd1Hnj9PQEyHM0LGRKrJmGiTykmd5eGHQ%2Ft12dMlf5uCx8Yp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d027b5966b4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
bijhdg6t.ddnsgeek.com/wp-includes/css/dist/block-library/ 93 KB
93 KB 522ms
516ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:27:14 GMT
server: nginx/1.25.3
age: 1125
etag: W/"637644c2-172a9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OHBp8BS0YlkHogxx45XyejtPjR1cKTLRr0h2uKFmuwsODiWrNjngRuo7la%2BTZtWAnlr7F4E%2Bx82o3KdaBwaJmQQ9IwWRs2lQXCscNri2JZrh4boHhrzBLacZM9nU4vO9vQu%2BVoqeRaAI0fD6okr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d09e8d31c99-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 classic-themes.min.css
bijhdg6t.ddnsgeek.com/wp-includes/css/ 217 B
735 B 778ms
773ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:27:14 GMT
server: nginx/1.25.3
age: 2569
etag: W/"637644c2-d9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBbF8zahOW%2Fty3xPzE09N%2BXZSIjiOXV3J5aMKuorN5jRNXNJUI5KqDLGq9IQs84S4WbNmKI5VDfTOTzjjpbXJqQ8xVxxv%2B57vYCeCbvXBM7CD68BmBD9QuC8MqtsR1%2BS4eiafdkiPSLATKZMNE%2B6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d09da360bf5-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 cfs-advanced-search.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/cfs-advanced-search/dist/ 15 KB
15 KB 1095ms
635ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.css?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 754331b366115651426f17abcb56060a0ec7a305e5c78ec997a1ffb18fc04842

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:26:14 GMT
age: 222
cf-polished: origSize=15129
etag: W/"6375fe36-3b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilDSl8KctYrOoIDuYxugtml%2B3YlrqYM4SXAd8UQEJ%2BT6OBxzFx6nsh9dXSCALUko9jO5wQRvsGchNNWxGpDI%2Bhr1EmVBo6765BTX6ln8V4Q1q%2B3Qe6FspoOfw2xfzQUxWSqd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d0178700a57-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom-widgets.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/css/ 50 KB
51 KB 1095ms
636ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/css/custom-widgets.css?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 11:38:21 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"6554adad-c8cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk4MjaEfyiLJ4ES7OeGQfvxIzcuLfxFxXI5sfikN7GxVUcR2yFt8KKKRtDu05RWX0Jc%2BHgN79h2nb3LEYkfKYGe%2BCG80zQj4PuXiklmC9ynxC%2FxdMOtjvLET1FrWCr%2B4gclqzOTXUZ8ujMxZPZ0o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d0168c94172-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 swiper.min.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/css/ 13 KB
14 KB 1094ms
635ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/css/swiper.min.css?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:26 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"6375fe42-356e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEDY0npE36N2CImP4Ta09HWzz80DeqTKPPHrd2XFsB4F61TPeXS%2F7uE%2FGzHzYV9i1sLzdGofq9xEK4zndefxKU6IPbnXXOrn4BVyAnROPagMrzJutMsJppysZYU8vVa56NXW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d0169b38b46-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 cars-for-sale.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/css/ 94 KB
95 KB 1092ms
634ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/css/cars-for-sale.css?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 16 Nov 2023 08:30:48 GMT
age: 222
cf-polished: origSize=125033
etag: W/"6555d338-1e869"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGnlkaJKIjjCLM8i9Mc9GXzYaJG%2F4uI2sTit0Dt4w8zhcUrPsdddcXBinJO%2BFjDg0SW1gxa970YuCeT1D3cnVYg6fLZucg3yQr2DacW9XFIaMtxIx9Ld0q6qUJ460rnvHl2iYzxtko5kHDeUx2XN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d016a1f0e14-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 drivers-test.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/drivers-test/css/ 2 KB
2 KB 575ms
570ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/drivers-test/css/drivers-test.css?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 10:25:31 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"65291b1b-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gyIc%2FXqT%2Fjh1oNxooxXOqXyE7Bt4w6cDk1i6MM8AB5WDHJOmCFAS6XT6Oz4zCTXAVH%2FYYagmxJiqWrdbBa3VL605M4wLew3oFLVmZnceTAY8UjUeC1GYYi607z37GFGxc%2Bj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d09d9676560-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 mu-style.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/sharethis-share-buttons/css/ 0
537 B 460ms
455ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1668677260
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:27:40 GMT
age: 6170
cf-polished: origSize=26
etag: W/"6375fe8c-1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBDVMPd61qvwq7ZCBxUq9Sj1wcniMuBynIQv2FHW4OzPHVBMlyAEZ4w%2B%2BtnDU%2BGKPRIt8FIrtnLpZeiI%2BaAdvoL2YXJRWUHWo2AP%2BjZFCjwT8TwsPtz%2Fxm8sRx8t%2BG6NE50e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09ddd25c3f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 article-view-slick.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/ 1 KB
2 KB 504ms
500ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/article-view-slick.css?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
age: 1069
cf-polished: origSize=1776
etag: W/"6375fed0-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FQ81p6%2BnMGyx%2F3z6gGSE92NBgOyV2igtZy%2FM904r8v9KY1%2FxFsLI9Om6opCDulxfc14y0ryJuP295GQ6sce%2BqtkTWY0qXug7HS%2BF4y%2BUOFS9AFQTG74czQRYhaC10LcuoVqRf9KZkI%2BeoOVn3K7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09ef811cb3-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 article-view-slick-theme.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/ 2 KB
3 KB 558ms
554ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/article-view-slick-theme.css?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
age: 5491
cf-polished: origSize=3145
etag: W/"6375fed0-c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfy5XbdmREw1ZQPzN6Uy%2BtUsB8EAiR7Njn8LZkFIMytzUu59jk51dxi11O3PF9BJWUfFMs6xEXjtqum%2B3JUzmBCkIaqUVFKKIe0dnuDFKwpSLR3GNMJJaPHVn41wVFRf7dDX7wBkxMHjX3u46k8L"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09e9560ae1-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 magnific-gallery-styles.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/ 6 KB
6 KB 498ms
494ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/magnific-gallery-styles.css?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
age: 2174
cf-polished: origSize=7437
etag: W/"6375fed0-1d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9fMAwVohZjn2ccLB1KPXcXbj%2FHuxW3AeSBV%2BRJMhiJWe3W4RglTkGwCP5C6KnpMsRv9iKwaabtf9F2caE%2FBNTx4NW2LauJgpEHksweH3zOeOFScXtEmrWDMOR4dUOOABzeu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09e8066726-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 google-fonts.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/fonts/ 5 KB
6 KB 1090ms
633ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/fonts/google-fonts.css?ver=1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:49 GMT
age: 4538
cf-polished: origSize=6670
etag: W/"6375fed1-1a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHSpMawIZZAy%2Bfoa%2FUCuBsWtmX09LL%2BiCsrKlLEcTrJegRf558ICC5q1XBMMmD73bdXjPykYQluGfh7jXzdPnL7I612eL8rgx84UOUi7UWtqfOsdf0kqg%2FzMAX4dLsV7xt08DACXUA%2FkSN%2FsvD3w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d016c45b7d3-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/ 30 KB
31 KB 1041ms
584ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:31:48 GMT
age: 2569
cf-polished: origSize=37414
etag: W/"6375ff84-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUF60eXuKd32HV1bptLGC69xbofaFztS02PXLd%2Fjx2LoDJj4Q%2BRYA%2FOgCzHhDgJjU0ttT5v7GG4%2FsfQW%2FbJLFx3Oy0loFLwu9mKU8n%2Fp0%2FRUhpYuV7t4tWiwEqjdSIVR28Qj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d016e260b3f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 menufication.min.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/css/ 29 KB
29 KB 496ms
492ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/css/menufication.min.css?ver=6.1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
server: nginx/1.25.3
age: 2174
etag: W/"6375fe7a-723c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXZjH4Obclz2dVQloquq2SEG8RdNw0QsmvQ%2FLVY0F8cgqh5nanUp114oR3Ye8eR5lOBdjqHCnrF6FvuShvteDEiCQTdFxFer76FB5WfBHAbqh%2FWSUROwdHn4VSITedYnfsjs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d09ee48b99a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
bijhdg6t.ddnsgeek.com/wp-includes/js/jquery/ 88 KB
88 KB 1196ms
806ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:41 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:27:14 GMT
server: nginx/1.25.3
age: 6367
etag: W/"637644c2-15e54"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6x7w19xtvZM1p3CD7U%2FoGcTnt74e5ZZkPiYyYyGYc2YjzwA36aLKuraiwfPOMe3dVMJQ4hItT2%2B4sOnKpHJWdxrNLW2PHClS0smuMrvH5Y8ljnAaUwJ3Z3oAHeJWLGHo65RS7Pnd%2FJCB6zqECUW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d028abc0b73-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
bijhdg6t.ddnsgeek.com/wp-includes/js/jquery/ 11 KB
11 KB 1192ms
804ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:41 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:27:14 GMT
server: nginx/1.25.3
age: 2570
etag: W/"637644c2-2bd8"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtjruXe7iQfkA5SOqkqQo%2Fp%2BK4O57u64bJio%2FFoVV6qK237LBkjNFrq0fjggL1PKPv3DE%2Bz4QLwuWrDlJ%2FyMZq3bu6ho4j9oDTXpFT1fru8aX%2F9UprMVX1SbhAUXvRcUn6ED"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d027e3e1ed6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.menufication.min.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/js/ 13 KB
13 KB 1192ms
804ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/js/jquery.menufication.min.js?ver=6.1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:41 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
server: nginx/1.25.3
age: 2752
etag: W/"6375fe7a-3265"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5y4ZLDF9rVFSSLJA%2Bgck75QxRhqDiJhZ3PikW7%2FDbu8VJlrqEDfDDTnMfwAJrdi26kO4sLMTvutmE9s6jadOdEFm6%2BnyZ45xx3VVfbhHt5zkOV0U10Q5d3jjh%2Fbse4eROKUOnzBjmQZ3HM3VZmq5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d027b325c47-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 menufication-setup.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/js/ 2 KB
3 KB 1020ms
636ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/js/menufication-setup.js?ver=6.1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:40 GMT
cf-cache-status: REVALIDATED
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
cf-polished: origSize=3588
etag: W/"6375fe7a-e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AZlV%2BuuI4JMOeCJaaJPoVf901Lb7vTm6l0rBiBC2oG2cN14S3hPC0u64GtJrVp1wff0ucj53tgFmtKJhy%2FrNoduWZmnkpFiOpRgaT77Trkq4LJl7HFrsEEZv5rG5t3qEyAt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d017ef41c7b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 216ms
68ms Script
text/javascript 13.225.214.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-96.ewr50.r.cloudfront.net

Software

Resource Hash

cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:41:22 GMT
content-encoding: gzip
via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: EWR50-C1
age: 328
etag: W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: _X1QLFWvj2GJgTGX_S0Mz0mwtC1rzqM7swwUk8MDFh3j7GZGOZYOUg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
28 KB 417ms
139ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36077736057577c6f650ad9755ef7229c2e92953a0c3bf08354ec4bee666593b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28693
x-xss-protection: 0
server: cafe
etag: 325 / 19778 / 31081366 / config-hash: 2958856145408218626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 410ms
132ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdf423862ae4d50f3be32aa0bef4d6be12e487a62a3c03156ed9bcb0db877bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28695
x-xss-protection: 0
server: cafe
etag: 681 / 19778 / 31081367 / config-hash: 2958856145408218626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 466ms
195ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

633b22b8aee84d2ee62e05e9ee7c466aa4dcddcf28e8cbda2806741cbd7d1b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70796
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 374ms
104ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981195317

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e237a4d79b3e1ad1c38d98676c9d1e3dccb2f45a07bac29c489b0e01b2b2e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76577
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
744 B 217ms
80ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&family=Roboto&display=swap

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 16:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 16:46:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Feb 2024 16:46:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 215ms
79ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Feb 2024 16:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Feb 2024 15:15:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Feb 2024 16:46:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 413ms
142ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

922a968d4fc08ebf4ba8b0a88107003a4584cff5b2da51a173ab6eecbbd38a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
Origin: https://4fsrsva8sbjncs.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50965
x-xss-protection: 0
server: cafe
etag: 1661898258949357998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 carmag-logo.svg
4fsrsva8sbjncs.pages.dev/wp-content/uploads/logos/ 2 KB
1 KB 546ms
537ms Image
image/svg+xml 2606:4700:310c::ac42:2d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4fsrsva8sbjncs.pages.dev/wp-content/uploads/logos/carmag-logo.svg
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Dec 2022 14:12:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638a07da-7e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSYRrm9goX3vv3Ghyo2q5v9QMiIVWDg5jwiPhuAez5xOnKfgxS9jvT1PCtft1QrB4%2BK5kaIDFsX8b%2FnqsT6U2lvWsRTZOlyPvkWMnOaG%2BqE0F%2BNmxTyn0DpRbgKGOHCdVHV82R3a7yd6eslYx1ju"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 85b16d07cd5c8da3-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 F-3-1-832x499.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 15 KB
16 KB 469ms
468ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/F-3-1-832x499.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 47bf0a2b4d0782d2a4010f1e7807fe04a37d83861ad5db413ed40ed146118f2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:41 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:42:13 GMT
server: nginx/1.25.3
age: 4751
etag: "65c5f375-3c7e"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npB4UG%2F%2BEeNs8n%2FDEtS8p%2BXzsl3VnKSx%2BhgexrRldE7SNP9IVOldu1wEEE%2F8xcakuY%2F06wialmxBTOvV2BJ9aaQ08Q6oOXL0jjpJKd6MTTWm2AnXlj54BN3tRiAzVdFHvPVW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d05af616691-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15486

GET
H2 200 image001-407x230.gif
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 50 KB
51 KB 432ms
431ms Image
image/gif 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/image001-407x230.gif
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: b18f861031b94c9ff00f14fbecf2e0400d7bf906cde51811c5a25399514110c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:41 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Feb 2024 12:01:55 GMT
server: nginx/1.25.3
age: 3949
etag: "65d88933-c907"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hf78R2D2%2BFa4zWqMIt3K%2BziCBr25GRum1O%2B4t2s0ZZ9eLRkXpoRKXOkT0DGjBs6y3NH1lZc1kpt%2BoRehEnm5MwSNgKNq8bdGmAzg6K3SRmCO4pisdhgXF9iS%2Fs6vF8u9wzgSeLLGubGNbjQeBCA0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d05af6806c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 51463

GET
H2 200 OM-2-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 13 KB
14 KB 307ms
275ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/OM-2-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: f3900a9cf8e802c21922354d0b65e41892a76e453cffe011e066da01f984b217

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:35:50 GMT
server: nginx/1.25.3
age: 5322
etag: "65c5f1f6-3558"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSl2PQPP59i14q1mmX%2B7jW2eaOhN621QjMR9Mo00bw5Z8CfxyLCp%2FBPn7Vtw7iOs%2BF2tvoSaJ%2BgL%2FhENaiSL144HJff4z3ZYnXQo96qj6%2BHOI%2FNB4T7H%2FrM7zfXPa5och5CR5KBF2qCYbljeS%2FSo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d08bbe766c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13656

GET
H2 200 IMG-20240223-WA0019-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 23 KB
24 KB 320ms
289ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/IMG-20240223-WA0019-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: ebde77d3228f016a7a6b22e4de440122043f78a20c65faa464f420c8a4896577

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Feb 2024 15:16:17 GMT
server: nginx/1.25.3
age: 4229
etag: "65d8b6c1-5bf6"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9nmWyEs%2BaONKlnXetz%2BRNDxCul3uqJfr5dLtY1zTDKqVqSkDNcAxbjXFLEOb5sJ8jBvVbMbq35ms53aF6X0Za%2F3MxN0pgn5VZBM8ao32nulwaYN%2FjJgAvb0lbBVGlJNAe56"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d08bf5c06c6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 23542

GET
H2 200 carmag-locate-dealer.png
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 304ms
274ms Image
image/png 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/images/carmag-locate-dealer.png
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
server: nginx/1.25.3
age: 1259
etag: "6375fed2-54c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRy3yH%2FC3qEhDwQRJWU5uplhmvLzi%2FaqHIB3RXkxg1%2BOxHf2WEQwOxOw6WUuowgCejEuFzlDUyydL%2FV27eRArbsnW75sfj7RAW4fl7aqX6e%2FPy6z7dSbUEGqFNAjKCmvWcpR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d08bbf90e31-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H2 200 carmag-car-compare.png
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 479ms
471ms Image
image/png 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/images/carmag-car-compare.png
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
server: nginx/1.25.3
age: 1069
etag: "6375fed2-54c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAGm%2BOFqZnKWom6q8APOFIb2itIx0c1%2FIuNu6jw338wxBWOy1OsUZ6DJOeLoutkToU8hQpxdASHfi0%2FK0rvkahIWNVq6jEK6xFkysjRh74OEACOhJdrUdXuagR8suj57GNDf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09db630eaa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H2 200 habari-footer-logo-2.png
bijhdg6t.ddnsgeek.com/wp-content/uploads/2023/07/ 3 KB
4 KB 465ms
457ms Image
image/png 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2023/07/habari-footer-logo-2.png
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 11:26:38 GMT
server: nginx/1.25.3
age: 1125
etag: "64b5256e-d26"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2L0Ls%2FK0l%2BdmGDO0BcrlSLTTAQNS4C9qDxPyFMN29DDSatH8Lnt6VZikqSa3llNDQ2FGrlWRbiu2wdF5DVEvODlsze8G2wc23Q58XDYo7JT2wYgRzg%2BAfM0EltGIeLgyioN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09cde76567-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3366

GET
H2 200 carmag-search.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/carmag-search/assets/css/ 2 KB
2 KB 308ms
279ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/carmag-search/assets/css/carmag-search.css?ver=1.2
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: d6c6f0dedaa5f80bc141cdf9f6ba2b085ecd8781e6fa2e163ad33ed51c4b565a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
age: 1110
cf-polished: origSize=3095
etag: W/"6375fef6-c17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IIVUkLKCXXco8AlBcMhKFMXYyrPw4F60ycXGus4uSxkuEzeYMoxO1BYVie0GpouxZFu1hK52p5jVp4SOLULVmtJ9OCW97U5s5sPso3cPUYxKy4eHODsTPCPZ0QcJK0g8AT%2FhizdVZL2C%2B%2BLaYng"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d08b99306de-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 cfs-advanced-search.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/cfs-advanced-search/dist/ 28 KB
29 KB 370ms
344ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.js?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: be7c6371a7b8dfeb8a17e1bb98c927704006820d15d0edce30a73c981e37e7cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Jan 2023 13:37:12 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"63c00d08-6ffc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWhtTn6%2BUEZ%2Bvj6VqxfxQC167hz23ar21Ap421akBvYsKA%2B12s%2FV%2FHW9xtVUgLnQ%2Fi0iOcNXf%2BspGlMH1gXjTGTF%2FtObLGnNjhADAB7X947cE5%2BbaAhEdpjEmxnGDZEODy913mkinuAkW1GNWsfH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d08b98406de-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom-widgets.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/ 2 KB
2 KB 298ms
272ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/custom-widgets.js?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: b2de46d9704458f0858900c93e07bf7303a8fc7f8bf7da8dcf2a6a2dd204fba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Mon, 21 Nov 2022 10:59:37 GMT
age: 70
cf-polished: origSize=4035
etag: W/"637b5a19-fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYDKz0kACcB2LHlmUZ1dL1B4wHIe4mj1eVCNjfXewC%2BTRdwOa8aV0Z4fw4HYgW5jPh%2F4%2FZ9W6usXzsX0sPlj04AMLIv83LaEA2h0LFJi7ME2K8MhQ46dDDWhjEvdcB8NbBrq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d08ba320b04-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 swiper.min.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/ 137 KB
137 KB 302ms
278ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
server: nginx/1.25.3
age: 2174
etag: W/"6375fe43-22208"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpMCwvk0y0rluIzbc16spUARvdCY14CF28787DXm4GUCobKNL3C%2FCGR9R3NXezEv%2BUF1pgVXH8hbzJPfTvmHrvA4FQuY2vDsX9PtBqnpVM%2FP%2FHhb%2F5hNKqBl2WPydeNFncKn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d08b9c666ed-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 dynamic-data.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/ 3 KB
4 KB 289ms
273ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/dynamic-data.js?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 99d9387ebd62c332b2a58fcc4d29bce19afdc6c094578b84aad4836fd456db05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
age: 70
cf-polished: origSize=4911
etag: W/"6375fe43-132f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdHYSj0gbHHXmbkEB%2Bh2jxROnx%2B4Xu7nj7mARWlVJXkZ%2B86VLZdCbcLJfaT7P%2Bews4S%2BCFVevQIKWncI1YVGCyUNch4LmTqYoKKj5B6%2F%2FML2R8vbJmurY%2B5YNh0Li%2BtOzJ8C0PNXDK4qeM6qxB8e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d08bbe65c3f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 cars-for-sale.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/js/ 29 KB
29 KB 470ms
455ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/js/cars-for-sale.js?ver=6.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 689decbe8f44f628332275cabd0dd59651ee409ad9e88b1906e7b13327cfc9a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 09 Nov 2023 13:43:15 GMT
age: 2569
cf-polished: origSize=52367
etag: W/"654ce1f3-cc8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMR6PtLl0%2FAD%2BSHAtnzPTaMBfGnZbfN1UepWyBztXo5ee7Al1ukZtsxcKtfUodzTM1WmPx2496e1g9rhBDpzT5u60RyUwFFN0xY%2FFghaOpPnh3Tskg5toPvOiLqGi%2FHsPUFHmOKMykSYeZdZcpo1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09ca7b1ead-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 dynamic-carlisting-data.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/js/ 21 KB
22 KB 474ms
459ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/js/dynamic-carlisting-data.js?ver=6.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 09 Nov 2023 13:06:44 GMT
age: 5925
cf-polished: origSize=51453
etag: W/"654cd964-c8fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8mr7B257n3uMvWpEfOOcDDI%2BLBKVBSk2vPutzVTOMeYjgQFJIPF1kmSK%2F1n2z%2B%2BWuG%2BG0FfiVfh8AMszdJXj4dtGa2PD7IaiV8nnTQVOM51sPClFOThw%2Bwj0YwY1zNr73tk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09de4d1cb6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 purl.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/js/ 5 KB
5 KB 475ms
461ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/display-cars-for-sale/js/purl.js?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:26:32 GMT
age: 2174
cf-polished: origSize=8830
etag: W/"6375fe48-227e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qjvsgf9sScU3dcn65eW2pMdzp%2BFqmdfzUlQ1A%2FuUrSERwS1EholjPFQwE2HKSpvjoyYUfFrVdQwmKVT2iIzM1dlNVq2LiORZWyY9ruUYDzk9%2FMw%2BtAQlguI7TMumrtAtcFsI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09c8ddb8af-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 wallpaper-custom.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/wallpaper-ads/js/ 1 KB
2 KB 543ms
529ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/wallpaper-ads/js/wallpaper-custom.js?ver=300
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:27:50 GMT
age: 2174
cf-polished: origSize=2089
etag: W/"6375fe96-829"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6yuQjWhtYs6Kxdn8pa7TR%2FAJmHFrR%2BxKpq%2FIlIlEHuzDhvd0BfsobMayUBpuL4PQgA1mxMjWOC0TIZytlqz6uv3nh06gKEIUIRClOwOfCA6qLgZ9KQbXkm%2FvkZjmrd%2BiNfmMB6uK7d%2FlAnvmR8l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09d8a566cc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.js Show response
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/js/ 4 KB
4 KB 492ms
478ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/js/custom.js?ver=306
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 14 Dec 2023 14:04:29 GMT
age: 5901
cf-polished: origSize=9718
etag: W/"657b0b6d-25f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2F1ejXFaMTrAE2cvd6OSiGmPQtaPr%2F7rl2X48AqZwHZF4tn7FYKf2AxjCWZpCqES1Kw4HlNtuOIe40G28aV1Mrr6jw53rr0KQIS0w4j55zddKevUaAl30D7SP744h%2BzR%2BRbSJV5bhWgPToQLmrBf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09dd42661a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 article-view-slick.min.js Show response
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/js/ 42 KB
42 KB 483ms
472ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/js/article-view-slick.min.js?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 09:28:53 GMT
server: nginx/1.25.3
age: 2174
etag: W/"6375fed5-a76f"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMk81WPlo9Q8dTu%2B4fny7ZmxNyAviEoySmEM%2Fx3smOljJ6GfpcKCtvqDTr4%2FCguZWt3gXe4nPmt63y1AzlqKWFLpEGFcyDag2YXn9KDV7b4pq%2But81efpiG9Mw4uZAJekPup"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d09d9f6670b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 magnific-gallery.js Show response
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/js/ 28 KB
28 KB 488ms
477ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/js/magnific-gallery.js?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:54 GMT
age: 2174
cf-polished: origSize=43593
etag: W/"6375fed6-aa49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVNBLT6eEtaxdsixTt37Y9E2sbVm19%2BHR2OBV6seK5DHa1BqmELa5VMyuFerBTPj%2B4ZmKWBfhwcTJOZ4F5QLcE%2FhTgSKPFQWYBzOxeBN8qWzZ0jwVoeGuwiKCk5lo9Qk0Hnj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09d86b6720-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.min.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/boxzilla/assets/js/ 15 KB
16 KB 536ms
526ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.25
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: b5188605ee360b008948eb598557da3ab7bbf506d3e942d6b27b2f60a1538f4a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 13:19:44 GMT
server: nginx/1.25.3
age: 2174
etag: W/"63bd65f0-3c97"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0I2y1WVlxujmpXQnt9%2BdLC16wonAkeXFbjSnGJcu9BEHRY%2FFvT5FGapZ%2BcalDBeFYHJb9Jbz7qMwqgcO7Use0B4frc%2BJTGB3e%2FIuRwwgiimmOq1bShXQNNcXuVxpLD8EjycADJdUWKMPL96GaaF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 85b16d09dc2266f0-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 carmag-search.js Show response
bijhdg6t.ddnsgeek.com/wp-content/plugins/carmag-search/assets/js/ 184 B
744 B 464ms
454ms Script
application/javascript 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/carmag-search/assets/js/carmag-search.js?ver=1.0.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
age: 1676
cf-polished: origSize=960
etag: W/"6375fef6-3c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ9dGL6H8%2B8qpPz76qLZpYu5sJHg15mr6sCToeIsjp%2BMVG%2FlcOXLVMKqLuBWIYTAHq%2B3gA5C%2BuMHHYvnFpvxEyj5W4qukoPsF3nopZjuVSabyOC14lc6QBxqgNUQhde%2FaHSaHSj37G5d25BWMAVd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d09ce5bb770-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 344ms
76ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
Origin: https://4fsrsva8sbjncs.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85b16d097badd9c9-MIA

GET
H2 200 6405f13eb20f5f00192a0d07.js Show response
buttons-config.sharethis.com/js/ 1 KB
907 B 341ms
66ms Script
text/javascript 2600:9000:266a:400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6405f13eb20f5f00192a0d07.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266a:400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:45:56 GMT
content-encoding: gzip
via: 1.1 dd732310abc7e8c5386f303cd2f712d8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:04:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 47
x-amz-server-side-encryption: AES256
etag: W/"46b6253cf9264f25509139f0d50e8fa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: AEIB07w2T1vFC8a6_WHgQi9GMiBu4MrnMeFcqTCZIRsoP9fhGZXhQQ==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/highburymedia/ 352 KB
52 KB 309ms
35ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e318599272c58591fbc7052710cf8216e4ce62e41f8e412532cf2acf5b84c23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: e9QUdD8H2u0j6zp.HZk5tNeK78oEd7jW
content-encoding: gzip
via: 1.1 varnish
date: Sun, 25 Feb 2024 16:46:42 GMT
x-amz-request-id: CAWNY6SF6GKRYEGJ
age: 18198
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 52757
x-amz-id-2: HRcpPKHN1Kz/Iq65fVCXNSgb1k8R8rta8FXAvlYjYaOXRLqber/f9DxRmX9T/uSmfBMcJSx5Vkg=
x-served-by: cache-mia-kmia1760057-MIA
last-modified: Sun, 25 Feb 2024 11:12:41 GMT
server: AmazonS3
x-timer: S1708879602.159787,VS0,VE1
etag: "ccd442a316629694c831b7085fc66bf4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=4fsrsva8sbjncs.pages.dev&location=%2F&product=unknown&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&ha...
https://l.sharethis.com/sc?event=pview&hostname=4fsrsva8sbjncs.pages.dev&location=%2F&product=unknown&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_s...

161 B
691 B

74ms
73ms

XHR
text/plain

13.59.115.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=4fsrsva8sbjncs.pages.dev&location=%2F&product=unknown&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&cms=unknown&publisher=6405f13eb20f5f00192a0d07&sop=true&version=st_sop.js&lang=en&description=Car%20Magazine%20has%20daily%20motoring%20news%20updates%20along%20with%20professional%20road%20tests%2C%20driving%20impressions%20and%20all%20the%20latest%20model%20updates%20and%20more!&ua=&ua_mobile=false&ua_full_version_list=&uuid=ea8884b7-0713-478f-a15f-e9e9a1f6cc1c&samesite=None

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

HTTP/1.1

Server

13.59.115.51 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-115-51.us-east-2.compute.amazonaws.com

Software

Resource Hash

1a8ac1c3dc256dab1109943cd3c522e8123fc63a7fd1afd7fe375c5d9329c8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://4fsrsva8sbjncs.pages.dev
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHoAAmXbbvIAAAAIGPMXAw==
Access-Control-Allow-Headers: *
Content-Length: 161
X-Robots-Tag: noindex, nofollow

Redirect headers

Date: Sun, 25 Feb 2024 16:46:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://4fsrsva8sbjncs.pages.dev
Location: /sc?event=pview&hostname=4fsrsva8sbjncs.pages.dev&location=%2F&product=unknown&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&cms=unknown&publisher=6405f13eb20f5f00192a0d07&sop=true&version=st_sop.js&lang=en&description=Car%20Magazine%20has%20daily%20motoring%20news%20updates%20along%20with%20professional%20road%20tests%2C%20driving%20impressions%20and%20all%20the%20latest%20model%20updates%20and%20more!&ua=&ua_mobile=false&ua_full_version_list=&uuid=ea8884b7-0713-478f-a15f-e9e9a1f6cc1c&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHoAAmXbbvIAAAAIGPMXAw==
Access-Control-Allow-Headers: *
Content-Length: 853
X-Robots-Tag: noindex, nofollow

GET
H2 200 asyncjs.php Show response
highburyads.co.za/www/delivery/ 10 KB
4 KB 572ms
307ms Script
text/javascript 2606:4700:3037::ac43:d8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://highburyads.co.za/www/delivery/asyncjs.php
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b76b1121c120579bcd499deac81b092a3df306df94383d5f7d450e6eb3e31720

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL55ATmQCAzucXDfLPgke6liwVX9bsvQwEWprXwnkA596fIFc%2FJQet%2FxzSMHOch%2FAQL74xJ7deIjfyfChiA0zpR6GS8p45aISxSeVCyurPM%2FqWF%2F6YAwM46YJH5PvlLyaCFsFYzQfmYEqQuzjjWdsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Sun, 25 Feb 2024 17:46:42 GMT
cf-ray: 85b16d097eee8dd0-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 322ms
64ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4fsrsva8sbjncs.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:50:33 GMT
x-content-type-options: nosniff
age: 291369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:50:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 329ms
81ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4fsrsva8sbjncs.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:33:45 GMT
x-content-type-options: nosniff
age: 292377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:33:45 GMT

GET
H2 200 fontawesome-webfont.woff2
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/ 75 KB
76 KB 784ms
432ms Font
application/octet-stream 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Origin: https://4fsrsva8sbjncs.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:31:49 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "6375ff85-12d68"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luO7S8cOrWOy4LzfvlKPNGvDIk6LjnbQliks%2B%2FdbjF0V18fBUeE5TnJDVMg7tFJhKzmPS%2FnkjWYzMfTb95JCpAQIZgTC3h73D1SG5MLlK2ja%2FyxfXUg%2FH6%2FMy%2B3dkGHaxOw1"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0b0a120bf1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 384ms
136ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4fsrsva8sbjncs.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:27:04 GMT
x-content-type-options: nosniff
age: 292778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:27:04 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://4fsrsva8sbjncs.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK 2ad5523b-cb64-4b16-9960-a6c3f7d75603.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/64454/ 84 KB
85 KB 622ms
162ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/64454/2ad5523b-cb64-4b16-9960-a6c3f7d75603.jpg
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 79f3800a2728987b35c0e0c0f747b19119906da0639e1aa4db308ec4f24c57d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:43 GMT
x-amz-version-id: i_LD6zvBWBpvLKxIZocFteQOOLphjBaS
Last-Modified: Mon, 12 Feb 2024 14:19:00 GMT
Server: AmazonS3
x-amz-request-id: VG59H39KKRNVBGA2
ETag: "d88f296c6b4e6b7b41d1abb8dda8acc7"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 86454
x-amz-id-2: 6QxT1K4oppO0kExdUFp2T6HXBFXpM354C9O5nXFRmAFkiXVu79JrPvwSbcfKrnTpLQwrl+MZNuE=

GET
H/1.1 200
OK a84cd3d4-fd21-4ca8-9ae7-fa1630b95431.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/91305/ 80 KB
81 KB 598ms
165ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/91305/a84cd3d4-fd21-4ca8-9ae7-fa1630b95431.jpg
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fbaa759576cbef8c7483bf50bd8c900d290829f157c61fcd0aacb822bfa74b2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:43 GMT
x-amz-version-id: 850cVSOQra.k8ABj60DEd36TZYdtpF74
Last-Modified: Tue, 20 Feb 2024 08:10:41 GMT
Server: AmazonS3
x-amz-request-id: VG56YY8J3TTNVM39
ETag: "69932229b37bc413083a57ff0413f8a1"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 82211
x-amz-id-2: 3tXPlPkm4Jgpm7JdPhrGtnj6qUvEh+LSSiN3pM78tb3nnoeaiaIKKjdwGx5TGIwEanBL+n45rqk=

GET
H/1.1 200
OK d457c369-0eb0-4608-bade-4bba599fbd0c.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/111592/ 121 KB
121 KB 592ms
160ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/111592/d457c369-0eb0-4608-bade-4bba599fbd0c.jpg
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a0997a061ec1e602545d689b3ce1f62fb723e88d24632f8c595942d9374b692

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:43 GMT
x-amz-version-id: esxZ.C_aolBmRLIqBX1so5CWD8mqaJb5
Last-Modified: Mon, 12 Feb 2024 10:54:42 GMT
Server: AmazonS3
x-amz-request-id: VG5ER41CET3Q2256
ETag: "ed270818862be5012de9408db1716c5e"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 123538
x-amz-id-2: tZj1xF93VjdQDU09oklhmTw1CMyVvvU3Whp7wfNvq/e2ku2Mqv76RaY+fkEdtZ2ReeXuzq+UBd0=

GET
H2 200 F-3-1-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 5 KB
5 KB 397ms
393ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/F-3-1-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 09d7baa487073aa42f527453bbfde6250b939cdbb6b5fad182e99400ed5e8733

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:42:14 GMT
server: nginx/1.25.3
age: 1110
etag: "65c5f376-1380"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqQ6qsX547SFxMyYljsPOPw%2Bj%2Bpl0KvViaR3%2Fd8D2f5wKdyupq8YqW%2BUjlUhHTYKmdTG%2F48Uqe%2FwtXxVpdVaKKdczggjfaL2SxEl1t2Yf9AqK8Gwzu10mHbaJk2ZzoT8bcUe2Hw%2BRuSEYOIbdaYM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09d8630baa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4992

GET
H2 200 image001-407x230.gif
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 50 KB
51 KB 416ms
413ms Image
image/gif 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/image001-407x230.gif
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: b18f861031b94c9ff00f14fbecf2e0400d7bf906cde51811c5a25399514110c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Feb 2024 12:01:55 GMT
server: nginx/1.25.3
age: 3950
etag: "65d88933-c907"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMMV%2B%2BluGYbnc5PRlodwWtX2Naz2tcXfkpaf0ENODXmv5aBhWz8USpokrSo5HKRiT%2FfGutpT7e4R7gjOIVGFZuSPMIVbZErAaABXcbIDZW59iXwySIqvGYtZ9xijqaQg0Xs%2F89SbTJ7Xx3cSQ4T1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09e97c6560-AMS
alt-svc: h3=":443"; ma=86400
content-length: 51463

GET
H2 200 OM-2-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 13 KB
14 KB 375ms
372ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/OM-2-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: f3900a9cf8e802c21922354d0b65e41892a76e453cffe011e066da01f984b217

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:35:50 GMT
server: nginx/1.25.3
age: 4037
etag: "65c5f1f6-3558"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gjhh6i5CzhoVOBux8LrZSTZWov3u4TGmC6jfupmLeiJUabnlPZ%2Fp%2FmncBoEJluhXiOuamP2ptffpn%2BdfpbtPhG%2FwXEZj9TkJtjF4JUGFIIQZfY1hLXVECTcA%2BBEOdIev7N4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09df24b785-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13656

GET
H2 200 IMG-20240223-WA0019-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 23 KB
24 KB 381ms
378ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/IMG-20240223-WA0019-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: ebde77d3228f016a7a6b22e4de440122043f78a20c65faa464f420c8a4896577

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Feb 2024 15:16:17 GMT
server: nginx/1.25.3
age: 4229
etag: "65d8b6c1-5bf6"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSHivKn1RkufKesWPwlo5f%2F0U23YNTDd2BbvGd93KgIWFTgxs1Pe0F3KLWVfT2jHQUbR%2FC6JbRA6o0ZxrWbtnSIzg7xW67lTWd2ke4V8Ht5xUBsnBQQOWqB%2FKxrs9oLY%2Bwad"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09df6006bc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 23542

GET
H2 200 Top-12-overall-winners-jpg.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2023/11/ 159 KB
160 KB 483ms
481ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2023/11/Top-12-overall-winners-jpg.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Nov 2023 13:03:01 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "654a3585-27d12"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9ahVJfYNS9WW318qh%2Bh77UGQpadt1vglGDv78ZPTE2xUGWrMsTxTrLqvex%2FW2Rq72%2FxewJ%2FslLrkpw9TYqN307kQRuBFoiDfR%2BtHS8Oyp8EzuTxtWbw71%2Bk%2FGE0S7AWQSE29%2BuYiZRdon%2F0sB4l"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09db086630-AMS
alt-svc: h3=":443"; ma=86400
content-length: 163090

GET
H2 200 H-4-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 24 KB
24 KB 462ms
459ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/H-4-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: d9760db589fed586cad01525701a161142d79d956f1d95b4dcd45d4c6deb0213

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Feb 2024 07:30:43 GMT
server: nginx/1.25.3
age: 1124
etag: "65d849a3-5ed0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjHv%2Bi5pe3%2F1lE8jyhFk20D4rtkzqUKDaxLZZ0k5kXwpMNH53VkmaeJXf7iP%2B9jZBUEG%2FJPI7ognVcJpHWFAIJYDkQQ1ElRy6pfsM2XmWQsutEemrkgP5U2aPxNasryJIMm3zh5nripGmh29bhRX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09ecc10e3b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 24272

GET
H2 200 G-3-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 25 KB
26 KB 400ms
398ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/G-3-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: d9abd6b6b0d2f88bb13de122ac0dd4393a20ae993ee599f51f2f813f91dd9ecf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 12:29:02 GMT
server: nginx/1.25.3
age: 1259
etag: "65cb608e-6474"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIl5UjhXcAC5Kyb4EkM3Tp4awSofPwnFv0oZCs6jA3PeQMmnciGjqyUc%2BMdlPgfqXkJBMCiR0WgtP9kyFaGBYoyL7398kVph17UATRFaf8wPB8xLJd1JzwtiSFXddZWNAKwe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09de9f5c3c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 25716

GET
H2 200 FT-1-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 19 KB
20 KB 424ms
422ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/FT-1-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 6c52751efd619db1681e554661844a72c122852a5d7368904f3a1c2bc522a856

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Jan 2024 11:46:43 GMT
server: nginx/1.25.3
age: 1698
etag: "65a7be23-4bf0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tEBge0wtGsvzPj0qNFJUmskVp44ncuQ5M80jjVIoC5TD7QXthLmmNhl3yga47Bhpyhcsip0YBaVHQzeQ6h7MUeK63492H9tC4VWAEMSJRej%2FuYge5%2BJQIDe4b47PxZjQHur"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09e88766b8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19440

GET
H2 200 IMG-20240223-WA0019-832x499.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 65 KB
65 KB 448ms
447ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/IMG-20240223-WA0019-832x499.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: f4b663f87b8f4f901c57f9c46ffcc762c3967dbf044b5f578962974a12f907ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Feb 2024 15:16:15 GMT
server: nginx/1.25.3
age: 1796
etag: "65d8b6bf-10362"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkkTutZ9x4zo6r8P3k8%2FFpMQM0AtLhWVTGyKIKAT6HEiwWQ%2BBZzXyiuLQ0s4PRs6QjsZDXMLgpz5A%2BnasqjJ3U1shvUB5dk26JNieMo8X1vh5XNvLugxKPtUxJIKjLfDtJFvvNZIXma1tDkIvTz%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09edfe664e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 66402

GET
H2 200 m2-v-a45s-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 22 KB
22 KB 421ms
419ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/m2-v-a45s-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 955557392bff5292e4a9c98930771e59fdd68fa3f3bb7efc3d0c33ab86922e83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 10:28:55 GMT
server: nginx/1.25.3
age: 466
etag: "65c35b67-5606"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsiEm40dH%2FPE4gNumfz3hbXKrKA7vjfyD2kOGiQF6fneemNdlPjXDnshv8%2FmGyUE8xaYMCgCEihpJEb%2FgwJOA1iPq%2FM1NGrQUs3fhkDRqTQEruv5ct1b4TOdfZuR8uPZi7dBxIlQq4MMBsDquinf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09eed00a64-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22022

GET
H2 200 vlcsnap-2024-01-30-13h52m43s252-copy-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 19 KB
20 KB 438ms
437ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/vlcsnap-2024-01-30-13h52m43s252-copy-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 9846580b770b14a54a817699545ca147ec6f8ef3ea1d4852dbd00859395fdb22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 17:01:06 GMT
server: nginx/1.25.3
age: 1108
etag: "65b92b52-4c9a"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cg9KSZiRbubL2HlkbmWRREkZxUbrexYeWCbDdhwGbQ29qx3ZqM2KZ3HXh9Mkh1xTYqplsYBaQO%2BmsjtLAB0YXqvK9z%2B5j74%2FC7%2ByBHOCxFemqdCl3rm7qovM7%2FywXq6RwGSH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09ed950eb3-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19610

GET
H2 200 image00006-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 12 KB
13 KB 466ms
465ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/image00006-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 0e5e6044f16c2085aec594d0130f04eff221d7e195d70269c0db0b687d3f05ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Jan 2024 10:07:02 GMT
server: nginx/1.25.3
age: 1796
etag: "65b38446-312e"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbaTbw17QPWjpXrnn4dHK%2Fm3dLSgH6H%2FMK%2FSrDWgcrN1YzK7Tr8kkd4XBBjbNNXR%2Bpzu7f49dIghww%2F6BMdxcSQXxCGSlxbkf8P9ywhhTTxYVyXCO4eSQfKquotXiL3jhK47"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09ebfb0a71-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12590

GET
H2 200 2024-01-26_16-33-46-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 17 KB
18 KB 469ms
468ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/2024-01-26_16-33-46-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 5ba5130a109bd73dd7f7d5c9cefaa2a94e3f869a434d58033acd65b19e7a3f52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Jan 2024 14:34:07 GMT
server: nginx/1.25.3
age: 1698
etag: "65b3c2df-4578"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8MzGbC4BzTp4fGLi%2FMi7jhvctKlysv0AQj1OetpaAzC1pKd86qrqUT2Ml3cuChwdeHByu5FFAytR8Mn7bkT%2F1jRES6s56MUUe8MfBRbGTKRiiP1L21WTyICYIyV6rJNxU%2BjPpq%2Bf3STlPpFfCfs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d09eb65775a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17784

GET
H2 200 impl.20240225-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 857 KB
177 KB 33ms
32ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240225-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b4675cc05460d01cd525616eee93696802fc0ae6cad4b471b1c6a4cb315da32b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: A3QZUdf5_cLAyBf1CL5jdKtfWFa89JWc
content-encoding: br
via: 1.1 varnish
date: Sun, 25 Feb 2024 16:46:42 GMT
x-amz-request-id: H5113NBZ3533GCEX
age: 23886
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 180869
x-amz-id-2: MoutTEDADdK3Bx1lVirstO2+HU1QwkvybJpAkeaxyuu/CcKrMtv3sxz0uDRsT6yEepkJpiA2s84=
x-served-by: cache-mia-kmia1760057-MIA
last-modified: Sun, 25 Feb 2024 10:00:50 GMT
server: AmazonS3-br
x-timer: S1708879602.267182,VS0,VE0
etag: "0bf489ee8697776f884e26a75d0420ce"
vary: Accept-Encoding
content-type: application/javascript
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 95

GET
H2 200 mu-style.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/sharethis-share-buttons/css/ 0
531 B 280ms
271ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1668677260
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:27:40 GMT
age: 2174
cf-polished: origSize=26
etag: W/"6375fe8c-1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iajlLJ7Mv8WCMYwNhKaOLBIDxUBgJMzifQX3wRmOgaHZ%2BfqN9X7NMMwlABol3ZoW3urINnZTEFQlly9neW4rbxdng7n1qu5b43iSN302IQLJnzaJHtKk%2FRvPaJI%2Fi8HfWMSR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d0baffeb8bb-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
135 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 11:01:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20691
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 24 Feb 2025 11:01:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 69 B
83 B 254ms
126ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=4fsrsva8sbjncs.pages.dev

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07f30c3dd218d85dc7359d7156181ad6e07f4d395f5607964bc9b09e4bd195cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 menufication.min.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/css/ 29 KB
29 KB 289ms
288ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/menufication/css/menufication.min.css?ver=6.1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
server: nginx/1.25.3
age: 2174
etag: W/"6375fe7a-723c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMtyDqgK8LrvqjWWwx3Ge3OQOaBbKzrHzJ509sXY6X%2FXtk7EIv4wQZMiPFMbllxhjLiXOS9ob75cpurtyWh9T5uwS7PeFLf6PldHpipk%2F2CUm6S3v984Y7Oz5FTIO2pf%2FvDCdBSaMewJhqVzF6h3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d0c1ab71b0b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 magnific-gallery-styles.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/ 6 KB
6 KB 284ms
283ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/magnific-gallery-styles.css?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
age: 247
cf-polished: origSize=7437
etag: W/"6375fed0-1d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee5s3PdXSjvnBpWrDGtwLBkKzwK2QDsqdOw3PBg53STD9CDxJF5RBY0RBrkFzT%2FFSO6hWkTcDK%2BDepuNZCLw%2BrjWFQ2bDxJACgin1%2BvHAOqebeQnG4zIVmODoqT8YEoenR7adKj5TQUdPvULqnpw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d0c0d2e65fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 article-view-slick.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/ 1 KB
2 KB 285ms
284ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/article-view-slick.css?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
age: 1069
cf-polished: origSize=1776
etag: W/"6375fed0-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3btpwZoGc4aE9zTcoOUGXPOKhxyXRiyIX0H3zqDp7WOXE7gTkFzOCwLQFyCooaXV08eDIjda0x4UmHsyctYLY646A%2Bq%2F%2FCTvo0%2BwxASEjjs5MUQDUDW264yrMh67KE3v09kI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d0c18bc6576-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 408 KB
138 KB 285ms
156ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc05cc2f388f7062ed8ed407e1639edac1d4a61b7fda4ded5f070806d6edb4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141539
x-xss-protection: 0
server: cafe
etag: 17133019126956123302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 03E5 9 KB
5 KB 443ms
63ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 20:07:50 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 20:07:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 style.min.css
bijhdg6t.ddnsgeek.com/wp-includes/css/dist/block-library/ 93 KB
93 KB 285ms
284ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:27:14 GMT
server: nginx/1.25.3
age: 2174
etag: W/"637644c2-172a9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wu6%2Bfk2jAzcF53Pyvush%2FO9hS1LDMmxzif%2B9ambs7se3i8H1abR3V134Yy5I7GW8MgqVRDsXZafMp5YJrnttxc%2FPohtEN9rzOAf90t08tGm12beaVy17OmYIvdeUvSZqdXPU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d0cafd4b8a3-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 article-view-slick-theme.css
bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/ 2 KB
3 KB 290ms
289ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/themes/CarMag_Revamp/css/article-view-slick-theme.css?ver=1.0
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
cf-bgj: minify
server: nginx/1.25.3
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
age: 1069
cf-polished: origSize=3145
etag: W/"6375fed0-c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXjOIWEgKnKBX996PI250fGZsqinse2WjDkUIOF3CnnD4PmIjEAnWR%2BFmJSvdHukR7csd9SXgFGJSD49xHdrMgPpuBziDA04t7M1n9IJHsv2v%2FsGrH7gzIgCR8adypWQLqRrZn6KPiDuQiihiqH%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 85b16d0cba326576-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 drivers-test.css
bijhdg6t.ddnsgeek.com/wp-content/plugins/drivers-test/css/ 2 KB
2 KB 337ms
336ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/drivers-test/css/drivers-test.css?ver=25-02-2024-1708879357
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 10:25:31 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"65291b1b-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkNI5JhUy0HhQpiM%2FJ2LsrohcIFmI%2FGq%2BQmEDMp%2FFJntyfnqGbJvcjpFdOCpkePF9wLZYDwdUYpHyhAGdqVA%2BXFMSeAtDd7k1sVx%2BNCQ7j%2BfjN0MwpU%2BAHXqbyOvl%2BCqgrW4p0LGOjWW0TppCmG2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d0cd8e4b737-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/ 2 KB
2 KB 328ms
90ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=1708879602552&cv=11&fst=1708879602552&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&npa=0&pscdl=noapi&auid=1319330237.1708879603&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981195317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3642c48a373414df2c8e71161ae53fa1ac2fc1e4cece557536303a5de5429016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/981195317/ 3 KB
2 KB 319ms
88ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/981195317/?random=1708879602593&cv=11&fst=1708879602593&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=0&pscdl=noapi&auid=1319330237.1708879603&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981195317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

df4f523e085bbd225ad7ab8cdb934f831a233b7e944cff4054595dca95466cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1672
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
98 KB 114ms
109ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b046ae5980378b40d9cce08cedafd9908e21be45040716fbb83eb5325339e2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Feb 2024 16:46:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 274ms
63ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Feb 2024 15:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3300
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 25 Feb 2024 17:51:42 GMT

GET
H2 200 asyncspc.php Show response
highburyads.co.za/www/delivery/ 848 B
1 KB 175ms
173ms XHR
application/json 2606:4700:3037::ac43:d8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://highburyads.co.za/www/delivery/asyncspc.php?zones=1599&prefix=revive-0-&loc=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F
Requested by: Host: highburyads.co.za
URL: https://highburyads.co.za/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ed80ac326bd455d834fd1e96f6e777fc99f52bf63019ba199d4d2fff76e5bb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTXIESOPYUNbc9ilzSTsZo4vwGmSVWMVs%2FeTWbNK4LJVHQSk02k6r6XmAhRCOwD3rZ4EGA17q6mIOl52qVLiPkyzHhenkKmSLnQwJfQG52qUl31xKVuwUwYdEz6QE8ldq6sDAYAHRexGcCNgzkid5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://4fsrsva8sbjncs.pages.dev
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 85b16d0cab108dd0-MIA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 217ms
57ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240225-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 397301
expires: 60

GET
H/1.1 200
OK 04ff2213-4ae7-4c52-bdef-bf25a3a6eebe.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/148367/ 106 KB
107 KB 287ms
156ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/148367/04ff2213-4ae7-4c52-bdef-bf25a3a6eebe.jpg
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59cc766891e2cb26d5b604d47f3400537d9a0be8b9e34551ae4cedf54ea5cda2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:43 GMT
x-amz-version-id: yvBClKoWAc01vMKU0zWxwjO.pSB2.EJF
Last-Modified: Tue, 06 Feb 2024 09:29:08 GMT
Server: AmazonS3
x-amz-request-id: VG5B3ZGKD0RXASQD
ETag: "63b52503e87a2a7c9bc94efd4e924ef5"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 109010
x-amz-id-2: XmLVzLMIJDAjNKtZtt3vmL7P8tPZLvgyS3KBy0MBpnNMcs5IUiYjvlNLyD2OcW/v4FvjCmA8/uA=

GET
H/1.1 200
OK 8bb93720-378f-4493-92f4-9e3db5d76f1c.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/152498/ 84 KB
85 KB 405ms
152ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/152498/8bb93720-378f-4493-92f4-9e3db5d76f1c.jpg
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4556405d23e6b4b0a113075d78af61425678e06f649cce3884c5cb78e50680e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:44 GMT
x-amz-version-id: zLhuaX_AO8zEHahfEJAmtAAk5UKhilDE
Last-Modified: Sun, 18 Feb 2024 12:49:30 GMT
Server: AmazonS3
x-amz-request-id: 5QRPCH570PN7ZW8S
ETag: "4bf5de974ee61b0d0ad887cbcb3f376a"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 86199
x-amz-id-2: pN7L8pfLwe8qpHiNKtjoI766k1QF6Lks8TUxZjKV76RYxFqO2LQhc50h2dUviEssNe2widCFCZg=

GET
H/1.1 200
OK 50b1833a-8c5c-4e26-83f6-7601752b2361.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/425742/ 140 KB
140 KB 501ms
163ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/425742/50b1833a-8c5c-4e26-83f6-7601752b2361.jpg
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b99840f6613aa4861f835b7e0f54e5e5b5275007930b332588a3b9d5d3150cc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:44 GMT
x-amz-version-id: 5Bo6kgTBZvOERpFJTCpbOe4ERVdtHWU9
Last-Modified: Wed, 24 Jan 2024 14:09:39 GMT
Server: AmazonS3
x-amz-request-id: 5QRV0QR0G6SDKHY7
ETag: "417b32e774cadddba89d8e1c87b5271e"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 143368
x-amz-id-2: W0HJLtCFAm/pjXMEm6njrRGIAfYiNPD6WB1oESgwKqd3fcbGyu3OJxDqOpuVEUVDOG9Gie80ue4=

GET
H/1.1 200
OK 6230708d-83b2-4f56-8630-ccfac960a78a.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/456865/ 116 KB
116 KB 280ms
157ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/456865/6230708d-83b2-4f56-8630-ccfac960a78a.jpg
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: da7b0efb169d77242560c1b24d12f46be69d8d5af713f2a688acfdf587b3bfbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:43 GMT
x-amz-version-id: 8G.xCAzsjZa.FxEbH1kFxKkUlCzVb1Nu
Last-Modified: Mon, 31 Jul 2023 15:03:49 GMT
Server: AmazonS3
x-amz-request-id: VG578NS0A73DDV29
ETag: "5b38544e92ee2dd37f5a70b8b17883e1"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 118506
x-amz-id-2: hnSTu4MIFlG1X0agwW59rXpqdd4m12r7esMu6xOalfcPucyR5EmskuPWh3jhoztXseqQrQW5aQo=

GET
H/1.1 200
OK 5befb33f-87ff-4b45-bd8b-41e68e965fee.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/114796/ 89 KB
90 KB 372ms
162ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/114796/5befb33f-87ff-4b45-bd8b-41e68e965fee.jpg
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7843fbc4734d1f297e17d79b9a2e9ada9591099dbc0bac92522efba8cb1734b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:44 GMT
x-amz-version-id: jO16kZePSXg3f65NTcUS.pJ8yhnEx2ee
Last-Modified: Thu, 22 Feb 2024 07:22:08 GMT
Server: AmazonS3
x-amz-request-id: 5QRZPABTJ7Z36MGP
ETag: "c386184c27f89ce8049938f7ac40358c"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 91375
x-amz-id-2: F3jRnGXSVfzrsuMQXYb5CRhOnJF0BlIYN1Dy4pDHoX1x6DTbdB/libW2PWGV56tSWFtO4GeN18w=

GET
H/1.1 200
OK 70842287-2658-457b-bded-4d8aba59e125.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/121884/ 163 KB
163 KB 269ms
180ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/121884/70842287-2658-457b-bded-4d8aba59e125.jpg
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 678a9b7a6637da03fabdbd18c24c9501104ba33933800a493da284bd4f709a4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:44 GMT
x-amz-version-id: Qsby0T8g69xbHBKNZuqKXUzZsap7KmAx
Last-Modified: Wed, 21 Feb 2024 09:34:13 GMT
Server: AmazonS3
x-amz-request-id: 5QRG66CJR632YSHV
ETag: "3c5921019b1b6f1908de5e46d1f4a379"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 166587
x-amz-id-2: QJtGjX646G7cNjmGtTAzeOgyg/BXzIyOOd+XRtJyjUz6vVfz82gpI0oN7b+TplWAbxzXZnIu3bQ=

GET
H/1.1 200
OK 6423f6af-6cd6-422a-9490-b3118ebfd981.jpg
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/142603/ 116 KB
117 KB 154ms
153ms Image
application/octet-stream 52.218.1.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com/142603/6423f6af-6cd6-422a-9490-b3118ebfd981.jpg
Requested by: Host: bijhdg6t.ddnsgeek.com
URL: https://bijhdg6t.ddnsgeek.com/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.1.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b06bc85a313ce37209c26c58349b9d9928a8ad9292dd0ec0ecc27cfcdbc836a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 16:46:44 GMT
x-amz-version-id: JVjoRgSqyOeEjdqHduxN6nZnKONmSZrN
Last-Modified: Thu, 08 Feb 2024 07:30:59 GMT
Server: AmazonS3
x-amz-request-id: 5QRK8B3QGT7216E8
ETag: "bcd1b310012650ed0e606d4c107595a8"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 119059
x-amz-id-2: UbUr29fX5qHZ3kUSCJ5pj2CDe4NMXw8pN1qb2xCnYLxjLf3yshP1puCOU8wYB08v4NKzeY0J73Y=

GET
H2 200 B-5-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 15 KB
16 KB 288ms
285ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/B-5-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 43cb4c554f75f58b0979ea45d3de6909310b139991fd6a74011d8b142bdc9dbd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 15:18:56 GMT
server: nginx/1.25.3
age: 1697
etag: "65ce2b60-3ddc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXY9Rz91f67BbALZPERiD%2FXhyIziFfu8UmmSWc7PpYjxlQpB8rBoWuJLNbkhOp2oirRhytEZW5jEwAIR7Olbt5gWN%2BuHo3gPPqi7Jg6EErLZf5DKAPPVBWOOULALD%2B3%2B0QdV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0e4af3671c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15836

GET
H2 200 GLE_1-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 31 KB
32 KB 373ms
370ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/GLE_1-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 9b4b81997b95903472041f68532043cd47aeda235c948633cc6b350f5827eac7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
cf-cache-status: MISS
last-modified: Tue, 13 Feb 2024 12:04:56 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "65cb5ae8-7c7c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3aUCojNEiWGwYGnMMIHl3wBf%2BBoogL6Nc9r8OBSh%2Bc23%2FTVtRU%2FS1VEae1jk1izeglCQHyjxn70gcWsF%2B9o5S8hPQVxs4Pcg2Pq8UNWQx%2Bw9Dfl1REX%2BGH2a%2Bj9%2FShOcTF%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0e4cc00bcd-AMS
alt-svc: h3=":443"; ma=86400
content-length: 31868

GET
H2 200 2002-edit-3-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 27 KB
28 KB 321ms
318ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/2002-edit-3-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 0e66260a1d3beb02ead6c3238214c8c763a5d8b83d502281bb35b2aca71b83c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 13:08:49 GMT
server: nginx/1.25.3
age: 1697
etag: "65b7a361-6d9c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Fd6wmM6sJW2dAcVhUTj1Pv3utdANZCW%2FeVut8SvsQjxUZ1E9xZGpvqPUgJO1eSps2kO%2FcSxLLdn8ji9%2B1rotn4LkgedYQRCpqWuQ386S2otSWb7AKNX2aCvYgHI19%2BWteystGZjXRf1KQx%2F%2B1Ls"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0e492f66db-AMS
alt-svc: h3=":443"; ma=86400
content-length: 28060

GET
H2 200 2024_Toyota_Land_Cruiser_70_Series-83-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 19 KB
19 KB 293ms
290ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/2024_Toyota_Land_Cruiser_70_Series-83-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: d8ec835a46274ef3badbd66259ec0137e2d6871dae5710d7116ac76b8bf64b4b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Feb 2024 21:08:21 GMT
server: nginx/1.25.3
age: 303
etag: "65c542c5-4a92"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGJCOG5T%2Bb0Ox38V60ypgvnllVfS0gqgb5IhIOJi6iGl1YRGofYPeor6cru7lrjDQiBO9prvTUrZaBowK1%2B1H5uL80hN62d%2BXqGll47wK9nzqkeuBGkvwVUyZcDTgUVr94rryx1jqmqnJEscs2%2FS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0e4e3e6567-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19090

GET
H2 200 EX30-edit-3-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 11 KB
12 KB 303ms
301ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/EX30-edit-3-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: fec8bfa2050bc9e098b25d4b76e4f7a67b368aad0ec4425a87cecef634ff3431

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:42 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 12:19:36 GMT
server: nginx/1.25.3
age: 1697
etag: "65b797d8-2d12"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58eZ9K5GqpyPC9TtyIsXzS2p2K%2FcKPBo5cSMy8AjGoodOc6KsGXa1mu2rqojXjlqkEN7W11gynZ%2FbI39dVqBnruXt3E8lqEAOdu1cAgf9XytCFLdctYmQsHtVimGjYwJ1U8r"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0e58761afa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11538

GET
H2 200 202401008car-1-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/ 13 KB
13 KB 352ms
350ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/01/202401008car-1-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 856f13dd7733916b6cb380524ca923843e389e561a68bf715202ebb25a71280c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jan 2024 11:50:27 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "65b79103-3252"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9ogyLp%2BLesQEtv7N3me9XCF%2BRKsjrJCHzFVyrhN5jlAKWos%2FI4c9fnB9ZDZ%2BhfzEYdZTxJYsBLGUEV6tDEgAzYUWizipVyY3Q%2BTv2SHsefJNeFRVlOI4BimKAb8RWJOtNlm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0e5f960a63-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12882

GET
H2 200 MB-1-407x230.webp
bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/ 23 KB
23 KB 350ms
348ms Image
image/webp 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bijhdg6t.ddnsgeek.com/wp-content/uploads/2024/02/MB-1-407x230.webp
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: bff4b01ded0f85647f746b9cbbee7029df523ca22542e02240e4501d73c32275

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Feb 2024 12:12:30 GMT
server: nginx/1.25.3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "65bb8aae-5b78"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYzKletp6sOpsuVI51OB7G%2F1GiqxnM3%2Fb%2FQ4MlPiHnZI8jmrmj8WWG%2F18F%2FdqcaI6JW8vl6nHKheVd6gLuM1KAXnV3Qh2h6HFHt6XRM0YnkiqX4BCU%2B%2FNf1g6lqSCb5WQ7ymogjyuRFTBoo%2FrmFU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 85b16d0e4e0f6572-AMS
alt-svc: h3=":443"; ma=86400
content-length: 23416

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 900 KB
50 KB 223ms
212ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2542686631176252&correlator=2454125224657287&eid=31079956%2C31081367&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fifs&iu_parts=21714487182%2CCAR-L%2CCAR-R%2CCarMag-BB-01%2CCarMag-BB-02%2CCarMag-BB-03%2CCAR-01%2CCAR-02%2CCarMag-LB-03%2CCarMag-LB-04%2CCAR-05%2CCAR-1%2CCAR-2%2CCAR-3%2CCAR-4%2CCAR-5%2CCAR-6%2CCAR-7%2CCAR-8%2CCAR-18%2CCAR-19%2CCAR-20%2CCAR-9%2CCAR-10%2CCAR-11&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4%2C0%2F5%2C0%2F6%2C0%2F7%2C0%2F8%2C0%2F9%2C0%2F10%2C0%2F11%2C0%2F12%2C0%2F13%2C0%2F14%2C0%2F15%2C0%2F16%2C0%2F17%2C0%2F18%2C0%2F19%2C0%2F20%2C0%2F21%2C0%2F22%2C0%2F23%2C0%2F24&prev_iu_szs=174x696%2C174x696%2C970x250%2C970x250%2C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x600%2C150x125%2C150x125%2C150x125&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708879602852&lmt=1708879602&adxs=0%2C1426%2C315%2C226%2C226%2C436%2C226%2C226%2C-9%2C436%2C1074%2C1074%2C1074%2C1074%2C1074%2C1074%2C-9%2C-9%2C-9%2C-9%2C1074%2C-9%2C-9%2C-9&adys=190%2C190%2C1690%2C3169%2C4954%2C99%2C1048%2C2718%2C-9%2C1110%2C454%2C469%2C2023%2C2038%2C3484%2C3499%2C-9%2C-9%2C-9%2C-9%2C3514%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C0%7C4%7C-1%7C0%7C0%7C0%7C5%7C6%7C7%7C8%7C-1%7C-1%7C-1%7C-1%7C9%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&vis=1&psz=174x-1%7C174x-1%7C1148x0%7C1148x0%7C1148x0%7C1600x90%7C1148x0%7C1148x0%7C0x-1%7C728x-1%7C300x275%7C300x275%7C300x262%7C300x262%7C300x259%7C300x259%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x259%7C0x-1%7C0x-1%7C0x-1&msz=174x-1%7C174x-1%7C970x0%7C1148x0%7C1148x0%7C1600x0%7C1148x0%7C1148x0%7C0x-1%7C728x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C0x-1%7C0x-1%7C0x-1&fws=512%2C512%2C4%2C4%2C4%2C0%2C4%2C4%2C2%2C512%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C4%2C2%2C2%2C2&ohw=0%2C0%2C1180%2C1180%2C1180%2C0%2C1180%2C1180%2C0%2C0%2C1180%2C1180%2C1180%2C1180%2C1180%2C1180%2C0%2C0%2C0%2C0%2C1180%2C0%2C0%2C0&ga_vid=850906360.1708879603&ga_sid=1708879603&ga_hid=557716079&ga_fc=false&dlt=1708879600198&idt=2579&adks=979567663%2C2185212989%2C2421375807%2C366054724%2C911572581%2C2558534381%2C3687027337%2C2772303345%2C1855939391%2C25877906%2C435244622%2C302933537%2C1587516836%2C723022383%2C3666453265%2C3235191153%2C639406632%2C1818096782%2C1904407829%2C1930634536%2C3509730642%2C3577480103%2C1807841720%2C2870509506&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23b1d4d3be86f620aca2503865edba505e42a7e85230adbfaec154f8f5d9860c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50728
x-xss-protection: 0
google-lineitem-id: 6586230202,6586230202,6321070224,6297789056,-2,6390706295,-2,-2,-2,6354972702,6422878691,6354972702,6486430782,-2,6435240681,-2,-2,-2,6297789056,6350839098,6415522742,6241814058,6263368300,6291960613
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138465443823,138465443826,138443522781,138432270036,-2,138458894188,-2,-2,-2,138460834189,138459272692,138460274507,138461245113,-2,138458334422,-2,-2,-2,138432270039,138440657972,138454376975,138425332821,138428053595,138432176590
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://4fsrsva8sbjncs.pages.dev
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
da1ee1aabdadbe7abe5ded6e921889c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF14 6 KB
3 KB 272ms
81ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://da1ee1aabdadbe7abe5ded6e921889c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 16:46:43 GMT
expires: Mon, 24 Feb 2025 16:46:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 classic-themes.min.css
bijhdg6t.ddnsgeek.com/wp-includes/css/ 217 B
728 B 276ms
274ms Stylesheet
text/css 65.108.151.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bijhdg6t.ddnsgeek.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.151.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.151.108.65.clients.your-server.de
Software: nginx/1.25.3 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:27:14 GMT
server: nginx/1.25.3
age: 5492
etag: W/"637644c2-d9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Fjrf0HnoYvZYAJhxHQedjvgtSrwUaHt1oeyoE4Kct%2FeH4DHbISBDhnEN6G2Jx7%2FSjlHGRNENqGabnpiBRisQrUDPh0pJ0Kuo1Fc67709IRUFVj7Nu04MLvyIl4yZOeibVP1RcfX1nDzHghd1A6Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 85b16d0f18bb0ba4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 4b95f88e1d60d0a67afca5e428fed781.jpg
highburyads.co.za/www/images/ 274 KB
275 KB 71ms
70ms Image
image/jpeg 2606:4700:3037::ac43:d8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/images/4b95f88e1d60d0a67afca5e428fed781.jpg
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b692cdc8f3b0f780d255af1e6a54a34c142045f69dcab8ddd31e2df36873b3a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 302735
alt-svc: h3=":443"; ma=86400
content-length: 280540
last-modified: Thu, 15 Feb 2024 06:57:13 GMT
server: cloudflare
etag: "65cdb5c9-447dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccujG0dUIx80dXK9lkiHoAaDiEKniwUBy1KbpwcE0oX2k4rGcSa%2BfS4widzMSG5Ffbi0iwVjy%2FqZqmwZE8WzHvbIeqDLu2MMAlDov2wPrGzgQYlafbOafyIMtEdPfAICFFkMRggdTsNWAuSYLLYzUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 85b16d0edd5a7bf9-MIA
expires: Thu, 29 Feb 2024 04:41:08 GMT

GET
H3 200 lg.php
highburyads.co.za/www/delivery/ 43 B
657 B 319ms
318ms Image
image/gif 2606:4700:3037::ac43:d8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/delivery/lg.php?bannerid=5984&campaignid=3926&zoneid=1599&loc=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&cb=602f4ede3b
Requested by: Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPo5fcoxi1uyD6x%2B4B7QYBlFTJdP1gPsqNQfDAQcDMkmNnDPT3N1p4nUyRFsAdjj%2FQ%2BTMlghlfNgnWFygGjLnm%2FjurCriAbjlUqOYWwRBXAel68xNHlc8TAFD5pSgw7pxgkTlum67SBtEu0hG%2B5K5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 85b16d0edd5b7bf9-MIA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4422 603 B
345 B 154ms
153ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&lmt=1708879603&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708879602429&bpp=6&bdt=2232&idt=606&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1020626064270&frm=20&pv=2&ga_vid=850906360.1708879603&ga_sid=1708879603&ga_hid=557716079&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C31081316%2C31081317%2C95325069%2C95321958%2C95321868%2C95324154%2C95324160&oid=2&pvsid=2542686631176252&tmod=1633846061&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=665

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 16:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 126ms
126ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=slidein&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
214 B 82ms
76ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=557716079&t=pageview&_s=1&dl=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&ul=en-us&de=UTF-8&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1935116192&gjid=1271783803&cid=850906360.1708879603&tid=UA-11411975-1&_gid=98738513.1708879603&_r=1&gtm=457e42l0za220&gcd=13l3l3l3l1&dma=0&jsscut=1&z=352530378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://4fsrsva8sbjncs.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/981195317/ 42 B
456 B 421ms
79ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981195317/?random=1708879602552&cv=11&fst=1708876800000&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_b132HuxiS_yP__INxleNsSDN6wah3w&random=2585985674&rmt_tld=0&ipr=y

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/981195317/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=9949020&cv=11&fst=1708879602593&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200...
https://www.google.com/pagead/1p-conversion/981195317/?random=9949020&cv=11&fst=1708879602593&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4f...

42 B
109 B

228ms
84ms

Image
image/gif

2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/981195317/?random=9949020&cv=11&fst=1708879602593&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=0&pscdl=noapi&auid=1319330237.1708879603&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=8m7bZYySNcOhqMwPyNeR2Aw&sscte=1&crd=COy7sQI&pscrd=Ek5DaEFJZ09mcnJnWVFncUhyeDZ1V3Fma0VFaVlBb0pGYTNqZlRMbWpqQ3VDSlVONm9IOU43LUh2NmN2VjZiNDlVMVNVcHEtMGRiQ2VVTmcaWkNoRUlnT2ZycmdZUS1JX1A5cGFDb1BEcEFSSXVBTTBRU2xWSWtNc2dHTU44VzFxV3UwRld6SmdqVUFBMnA2QWdFb0FpeWc2ZC1nUmRab1QwZGgyVGVlRGU1QSITCIzTxc34xoQDFcMQigMdyGsEyzICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&cid=CAQSKQAvHhf_E1mgjxcx__AzDGBUAHHOeHhrS2u9QaN2FgkS2pYj14MjjeWO&random=3851911467

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/981195317/?random=9949020&cv=11&fst=1708879602593&bg=ffffff&guid=ON&async=1&gtm=45be42l0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=0&pscdl=noapi&auid=1319330237.1708879603&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=8m7bZYySNcOhqMwPyNeR2Aw&sscte=1&crd=COy7sQI&pscrd=Ek5DaEFJZ09mcnJnWVFncUhyeDZ1V3Fma0VFaVlBb0pGYTNqZlRMbWpqQ3VDSlVONm9IOU43LUh2NmN2VjZiNDlVMVNVcHEtMGRiQ2VVTmcaWkNoRUlnT2ZycmdZUS1JX1A5cGFDb1BEcEFSSXVBTTBRU2xWSWtNc2dHTU44VzFxV3UwRld6SmdqVUFBMnA2QWdFb0FpeWc2ZC1nUmRab1QwZGgyVGVlRGU1QSITCIzTxc34xoQDFcMQigMdyGsEyzICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&cid=CAQSKQAvHhf_E1mgjxcx__AzDGBUAHHOeHhrS2u9QaN2FgkS2pYj14MjjeWO&random=3851911467
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
261 B 232ms
77ms Ping
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KYLBT1M2BJ&gtm=45je42l0v9100290862za220&_p=1708879601840&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=850906360.1708879603&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708879603&sct=1&seg=0&dl=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&en=page_view&_fv=1&_ss=1&tfd=4022
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://4fsrsva8sbjncs.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 218ms
65ms Ping
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KYLBT1M2BJ&cid=850906360.1708879603&gtm=45je42l0v9100290862za220&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://4fsrsva8sbjncs.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
150 B 162ms
66ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11411975-1&cid=850906360.1708879603&jid=1935116192&gjid=1271783803&_gid=98738513.1708879603&_u=YAhAAUAAAAAAACAAI~&z=613895224

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://4fsrsva8sbjncs.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D407 0
0 140ms
132ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRT-riPD0IJreuiJnME0332rqikx_RQpqxEySKZ3sR0WaPTn_FLcZUWa3kOAu_XA2g4toKCKcUhpCZYju71VMGeABQxxQ3kh_nWYIxL6CSJ2LYAIv5g20WfwKSRlqQ0BmNddU3POxVDZQZylPOp0HxdvUZaHMTsXSWV5ppaay6Q5D1240mbNrC8JfufsAaSgE87VniG5uJtyTvAjcJ0f6Cn6l9VryPz6WRiJxGCROLmpgkY7xRQnTYAhAeuzgAHzwkrk4zF776cM9xMw0s4katjovZvLf-QXQoxTjnDtO_5gI0NDcO0vaDSgjh04nJ0JUu20OkSWX70WP2rafdKmR8kcm4JQlQ&sai=AMfl-YQhcwuoPY93XJbelsprApl1c2HgzT_gcnwiaoJdD7uhdhigl_KUWHNbN3iYugsAKGo9cHUkJ4ASd4VWKHT-CMUhdbJf4GrsbfpnIdvfjYs1MV2gC2nCQF6w0XMdRX4YkrEjCKkYQhWAmYe0LTdL1t6V&sig=Cg0ArKJSzHb5r7XmoZh3EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame D407 23 KB
9 KB 243ms
57ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame D407 3 KB
1 KB 253ms
68ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D407 204 KB
61 KB 101ms
94ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 11927160380484782762
tpc.googlesyndication.com/simgad/ Frame D407 218 KB
218 KB 351ms
167ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11927160380484782762

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68dcf2eac646a11f0aba14942ee77115adf710ed0158aeca8b4a6b8d68b21b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Sat, 22 Feb 2025 17:24:38 GMT
date: Fri, 23 Feb 2024 17:24:38 GMT
x-content-type-options: nosniff
age: 170525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 222879
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:10:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6BD3 0
0 137ms
130ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2lo6Xjo_BfT24icndSQgHYIlD2AtUJqSMXMSPI0m1voZ0Z12HgVOZbh7k6BC5pI4iySfvhGim0_6jRd5CcVjrUzjvLaWrqcWZf1HxrL8kqa9LJHnHwt0CGNEhXeX3jnJFUFVFSRSzYW4tu_jq0EWiYpASgwHWDThNhw84-s0JEOAEQ2HLYoa1fMKFlo4cOb7M9Qxpkk7jxSTwmae0-ON2hjTCBoKA6V0OFU9IbUfbFPC_aK6ONFWhmSq54hABMM7nNSjZerUyCkYZpR1Ay5SRXr35ARV97vDJ4fOHnYGSyZQ1ImH8IlGlqvCn_91HH4zGmamEPF3wyYeBJFG-y4MwMHgxjqDI&sai=AMfl-YQ5VCLwoaqKl1Vb8kaR3uq7g6NLPoPdy3mz9wNl8AirO3U4zISRRWYIWiTDfn8Wx6g1UfwpHyYTfYrHCovWXzM29MngW5n7_u3D8f-65nG-SQ4x6tONjQAtQC-3xUwCB9WuQtQ-Gv-znV3i7v08YkoW&sig=Cg0ArKJSzA9OYKPpYhOREAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 6BD3 23 KB
9 KB 235ms
69ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 6BD3 3 KB
1 KB 244ms
78ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6BD3 204 KB
61 KB 94ms
89ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 13887692853067894889
tpc.googlesyndication.com/simgad/ Frame 6BD3 218 KB
218 KB 291ms
126ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13887692853067894889

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68dcf2eac646a11f0aba14942ee77115adf710ed0158aeca8b4a6b8d68b21b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Sat, 22 Feb 2025 17:24:37 GMT
date: Fri, 23 Feb 2024 17:24:37 GMT
x-content-type-options: nosniff
age: 170526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 222879
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:10:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F42B 0
0 135ms
134ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvczqsp4eHfKZtXoZ6vMPQhaCtqsqWI-zZ7a1ijCS5YVH4uR395Qf0des_RQBcZi1yY4KScZaGy_dQrQT0GYO1aBuDJm7GpONl-FwOTaMDqxQdRlzjdQZ_BHsRxj5lh6MrQYvBH8CuNUiJSyxjMxEHr_917jB1dCwwH8gfrp1_rKMkR6s-vs3CCl6MWfAqfBZexZ3NmCyUKpSj8-i7v2mWUW81ZWbRLIyDzkFsMdZcbIRMU6jtTDejrHspcjK6ZEVLOt7sgn-QMiMF0x2SYuuocdkoZpB0E63h41abR9WOy4f5kjr9mZdVGY0TdM1n3aK8pEUXByxCbZqs4QQ5WhTCRC0Gy-pvsTt2xaOq5vw&sai=AMfl-YRs8f4UxYMo5R3_8iZ-K7pqetSoqn9PKNqYvptzTYjxvU4GJDZ-re-5hjJRrRoRhxh8CUC4bGI5NdSJ2K9LGb92gG0VTb0GzXi1l_rhFgmknYBle5Cl7_YKds9FHpoiZTj3NK7V6sbszj_wLrWDb6JE&sig=Cg0ArKJSzF-6o6y7UfnxEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame F42B 23 KB
9 KB 330ms
317ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame F42B 3 KB
1 KB 331ms
317ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F42B 204 KB
61 KB 89ms
88ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 531659410034180312
tpc.googlesyndication.com/simgad/ Frame F42B 132 KB
132 KB 331ms
318ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/531659410034180312

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d822d3319f7bd525baf94f1d9cf2fa798e92c2484a7e63a462ee17b2419470be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 22:16:58 GMT
date: Thu, 22 Feb 2024 22:16:58 GMT
x-content-type-options: nosniff
age: 239385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134945
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 13:52:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CF32 0
0 137ms
135ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXkewRBgf83QAdo8QBVl62-amZMSOvIiu5ZQVh-f1GoJ_TjyCLbdP5S2Y78RCkOO-Y1vY4j25bssojLXK3b_gOKB5pT_EGJyYKjqC2lMygoOIsUXebwiVFMhTtgQGZd5WfvW4ubwtIyX7o8ITX86DWiSBqSxzm_0R_ODE5eCFAB54EKeobU4vYeutSILgqjjkzn4Sr4aV8-p-cztWbBpjdCj0al-40Dtv4w4g_GFjeT_oAeJTk5Xp10dj002hPWWDnsB79nJtiMg4YX2EXsC5oa7GqefTfHlg9HpqawrhgdzwPW1Bn9X_C-HYTJ1i7ZfRdpOtSDPMlzGPhvKjqNKY2goPuM-amzAiXVaK_7w&sai=AMfl-YTkUqPUiNi1QXfd9DiP6HKDWhxK-kZbNpYj50Zx2Ow_lXbimF85vAG7j6HFAgHPGDoTopgT6v9QbToPtw4mqUm7VWthWqunhD0Fv96rg_J-8J39qSG2dyXVlJiOsbtt8phELDPAkxuftookcmmr6n-F&sig=Cg0ArKJSzMcY28xdEgPREAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame CF32 23 KB
9 KB 429ms
416ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame CF32 3 KB
1 KB 431ms
418ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CF32 204 KB
61 KB 117ms
116ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 15739013120013567856
tpc.googlesyndication.com/simgad/ Frame CF32 66 KB
66 KB 357ms
344ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15739013120013567856

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54df24aa535b60d463c5b216203bab8570170ac4380c7d2a67b54d55c0491ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Sun, 23 Feb 2025 14:44:13 GMT
date: Sat, 24 Feb 2024 14:44:13 GMT
x-content-type-options: nosniff
age: 93750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67527
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:47:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA0E 0
0 147ms
135ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssALP-t7sXEZs0UO1UFCZkFVQubSgeQXBAlf1iOdqAzz6HH2D0XudP-NlCfhlf8t44LpyqJC1tip2yVSlh46d1g2jWiYBtNovGI9E8tA4QWjUOjOVEFj-O40vcweJ79S8jEYBY_YbeQ68CB8arFY4JOLQGo2thcvraaqy6ZD6KGy5YfrM4yza5z7EBZpuzBJCdWjR38MP1yHLhiL6NPArsUpD88JlLI7QZs7rNV5avFIh2mF24F6viJwvUH__yBv6QyqfwRVoJYXI-iVBTlJylzvE8dkSvYSWx3bgdCT2V_iqZEtYDlNeIGHfprJFlhuI72sBX4LD9IdS0bKOI8FnmAyJ3BDGZ86A&sai=AMfl-YRMcLv8THGa5Nn68G31aZxMWE0Ze98dHnvPThbVnHlik4XytPGJqXssqyx3RgK8fB1eVorj9N879SN_ouLsD9rgF0DrptDMvPC6Ujzlmo7VrfDRooX4CV60B0e3Z9aTAMG8stcpyG_0VmQ4bfMdNX0u&sig=Cg0ArKJSzJra4knCBtZVEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame EA0E 23 KB
9 KB 434ms
422ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame EA0E 3 KB
1 KB 436ms
424ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EA0E 204 KB
61 KB 90ms
80ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 1475470855697675847
tpc.googlesyndication.com/simgad/ Frame EA0E 31 KB
31 KB 357ms
345ms Image
image/gif 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1475470855697675847

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a563a42417b2bc1412e49c2a1a9869e2bff6627fd8837f4b94c76467d73c3455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 13:17:53 GMT
date: Thu, 22 Feb 2024 13:17:53 GMT
x-content-type-options: nosniff
age: 271730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31985
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 09:37:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDF5 0
0 151ms
141ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoOiBNJo8jUlVKhq-PdQeYuPPIMtSt_jmcF2nBmVwcFT6hTIR8Fn_bVN_lh6Lm0sqQFL3cDb7Rnn-zPHuL2Mz7xXwTm-BJUh5oqT5Yga_idS2RipNBcDVmCX4UOzsu3zbPeGdpjvgzBRXMiK0b966NB4HN_uOHcCo4y_ds4wGAfDoPFMlVyzTmXtO_P3CVo5nIPdM9OFGhRhh53vX-F1XuONG4J3945jIK2mud5aL0fFjxTDa6Ozs0mHc8tfeRFcf5-SCJYtBCBXQ-tBCpcHYoFeVKu_ZX_RIwcHHosBVDUx-3wJ2EFMcujIieoOrhJoulYACf8Nc6ghY4hXiTNO_kCUEAniOo4w&sai=AMfl-YSoB-d_WZ_5XUP3FUve7Ts9tB6OJNgTl9GukQE-vWN_JVF4XwRZLnfUfILQ1jH94hm6NaBSDlgWDmLokMR2s-lqdITgqkj2ytwVUAjvNa1w4bwLcCDTRnE_ClZvlsL4WQCFLCm8kh0ZdnloAVBgsXBV&sig=Cg0ArKJSzIMEgIB_NgIUEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame FDF5 23 KB
9 KB 436ms
424ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame FDF5 3 KB
1 KB 438ms
426ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FDF5 204 KB
61 KB 85ms
76ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 8872470324239745223
tpc.googlesyndication.com/simgad/ Frame FDF5 34 KB
34 KB 363ms
351ms Image
image/gif 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8872470324239745223

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

652ad1c8c8dcfd369d32d195b3fb3bf28d7288335a27b40378bb89e1512dbafc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 11:14:41 GMT
date: Thu, 22 Feb 2024 11:14:41 GMT
x-content-type-options: nosniff
age: 279122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34675
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 08:03:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3624 0
0 137ms
131ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLHVS0cKGaleaDmQQOl7K_Am7jiY40JVfxVUGtHWy0M9mFQmy68l0yv6qTlIDHoIUFs3G1dAyIGq-c7A6Dtk4gy5qJu2p9a90CChenxLEEuSBN1LsPD3r3huUsQ544XFK_RIOJiRA_aPSa57-XyF6JtrprstvSUI7RHpegzEg30oxO9Uinxv5AMYTMlwUUTMpbJ4BxYa56Si7bKUqR97clqjbtTeGAY8lsKc1hTdkErC7rcaPdMKAJwAXwtlJw8DD05EVu5mB9duIg0Ng7y6oKdhtWP13d77dJshil7KKHKs_9SMfjqNSOBJrkebqfXE9nfl7qnPy1gX3TsLfMYnRuSMP15Kyq&sai=AMfl-YTU4W4dHGV7UIebhxs-wNaGicDW1XYPmd74eRjkkN0W6oMmmjhovr7kJVL7TWQgQXbW4Ouz3-7eeRSU3t91aZi0LnwIw8BmtjoWvZ_s9ZRQniV-5bsVwQ8JgykYcdOJ3_iakt2_XEW-6kt1JXq_jtgo&sig=Cg0ArKJSzJ1EATtbQh98EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 3624 23 KB
9 KB 438ms
426ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3624 3 KB
1 KB 439ms
427ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3624 204 KB
61 KB 103ms
99ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 17277744457260746324
tpc.googlesyndication.com/simgad/ Frame 3624 73 KB
73 KB 365ms
353ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17277744457260746324

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c98a22191c17676d86fcd537f2f190f23842fe9a4a1c136d918f4cacf5645d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 11:14:43 GMT
date: Thu, 22 Feb 2024 11:14:43 GMT
x-content-type-options: nosniff
age: 279120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74707
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 09:18:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E0A9 0
0 132ms
130ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNilaU7edNtmA3F7NpSWKOiyub0ZNbcd-C2_Eylf54L6CmEfgcMVNZ3zJDy7SoTnmPyQRziAojw3UcbBA1BXDK9I5rZubjAgkYQpgWsWcjbOBP6waL-d_v0CyR3lGPhvIq72GidFkc8NruuZVctA8U7uY5ETxmFECrSNZ7PKJ0kQ9Fz4puDRMXyaeD1rMQrU4pVekkmr-UIs-TTe_Cu-7E00bvans13wzcBAcdR5k3FgTlrZ_PBtZpQs-jujYF4N5BCyDgSGAE0TPqEnP-XJFPfZ7THB82TV_IfaKbezUcBB9uBuYK-2KiNadZKroWLwBeRlu8ddSPAAcGTDtH1m5FrMx5N0fP&sai=AMfl-YTa41wVMCCEzKKQ_I8NSG44xI5TA8xwlKUgqJ6OxnF1Mi4BehDQhFfnqPYMlrtL73JG8tHJBCbu-LTyvCSQHkz5-ryVVCnOjyFVfLgsw-L4us6dtCVAamVR68zNeshWU8N-_Pw4AnL3eCt87LSdY7Gs&sig=Cg0ArKJSzKW-z0GjzJmTEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame E0A9 23 KB
9 KB 441ms
430ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame E0A9 3 KB
1 KB 442ms
431ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E0A9 204 KB
61 KB 90ms
88ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 6255319321559841807
tpc.googlesyndication.com/simgad/ Frame E0A9 46 KB
46 KB 368ms
357ms Image
image/gif 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6255319321559841807

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4553908b5e1a0fcb359c6c12913e1af593e65935191c9bd79839911ac319ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 11:14:41 GMT
date: Thu, 22 Feb 2024 11:14:41 GMT
x-content-type-options: nosniff
age: 279122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47405
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 08:03:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06A4 0
0 154ms
147ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB8CBIlx9VaP4CpH_BXrzMv0CDukciDfmVyhybFe8l4F026lnSR7DUBatXcURvvCPamXFd9ffeqP10D4SkMuu9zEm92ghSWpHXuyCcCdP1OGTDTGD4uTg7h-8VvU5x5NsXpqyz4sqjI37FmQH4nLYEZcT3putsALFk5ikDK-BTrJbDqmAomhHeYJryy0vy0Otd5hBZMRr4xm5sRYPlNAzvLP9tI5CG8parDjBvER3rWI6POHWVzp49ZvD8PanOaLK2Iy37zrfZyE7EfDtHbb_5ZnisLXYK1UY4wvczK_PQ91ak4wEiJxoVPD9hXfHl65idQe78lO1huGDsscDftHXDmSUrBs8g&sai=AMfl-YRYdkhF8ngIzECULvD6riKTRQBEX7JK8pNSr6YWWpIzXHxEWB6iwGPonk31dYN14OhwtfMg0cRQ3vIkq93BIcTozxyOE0XOTks2MIprNhRawpSNPy85i_kht1HCL6Msy04P-Ws_4M6POn_dfp7upoD1&sig=Cg0ArKJSzBglAGI1i1rKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 06A4 23 KB
9 KB 116ms
103ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 06A4 3 KB
1 KB 135ms
123ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 06A4 204 KB
61 KB 93ms
87ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 11939036127571401534
tpc.googlesyndication.com/simgad/ Frame 06A4 67 KB
67 KB 322ms
309ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11939036127571401534

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4038e073467defeb6afcd56c5ac9b421c81a804cb7b29614db2707ebc6ae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 11:18:06 GMT
date: Thu, 22 Feb 2024 11:18:06 GMT
x-content-type-options: nosniff
age: 278917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68577
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 06:40:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C737 0
0 133ms
131ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucEzVl24jbrGDy7EXtVEofv8rWoMd8XHZbisegfcuxWdxFh24MJL6eNBNdZeAGWge_gkl8wBjZ4UTC-UaJop24m-VWss0RLXOmyfJbk-3suWWYUnUuAV0RSNt2dznpH9W8tzWfmJK9TPOjiuP1mz7QPj9t7qNgmslAsLVkazDQc7micn_L269-6OGkfOUP9v4hrsJhJyoDHgDUZpAovu-wOFagGcrImB1Y0kqrfAr5XQy0WnFUpPlMUW6D2GLrt_Xyu25M-cxU3boMiWz44fnDaTGwesaOrGnC5bNnk34ztdCJ-GIyWEoNaGXNhw1m_75ezdMliAEdF1o0bV6EgJsWA5ap6aA3&sai=AMfl-YR8Ec9KeGkoblP-IMj7P9op7rB44azCnwhMxcBxRtEd4VPC08TPd80PO8hYEtpLkbURPvHljFQI7VOdPJ3lEHT2Eto82rrjZQVdu4A1JJ8XpXDRnev8LdMIgsXirie2-u5Cze0mE9rO_2XvvLExmw-w&sig=Cg0ArKJSzNy_uxdhj4OIEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame C737 23 KB
9 KB 397ms
387ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame C737 3 KB
1 KB 398ms
388ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C737 204 KB
61 KB 83ms
81ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 12822668447034850970
tpc.googlesyndication.com/simgad/ Frame C737 48 KB
48 KB 328ms
319ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12822668447034850970

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a17de3b13d5d3be33b3575c29a488f9ea23acf764ea8826fd2f98f1821535b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 09:46:03 GMT
date: Thu, 22 Feb 2024 09:46:03 GMT
x-content-type-options: nosniff
age: 284440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49374
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 09:50:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B8F 0
0 146ms
138ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-EGTN6YBKNXt8ClMSWrIXI8i05PwTMWj-xcku_VMYvoQc-fHz2Uq23CB2CxkIGRGtvbJk4WQyv03F4HHvlHg5mo4PtuLGHNm8pEOSNR_j5tJU3imD-tG3GVH4EYgnXtc7vWYu_QfuIzzJ1hYf2d4w-NqTIcwHvGh5OQD-tfkwLhN3To0NPiJuJTupmPX4b-qMndEpn852cOSrbT3u5coJSo2C_flXsKyTyzpl0JtrNL3Ai_5viW_qIifqr3nv5_CeayqyGIKI4atuH7D6YiCBvdjyqkn6GPY77C5Z-uRtrdYGgu40_CgQRKliAuAuztZzXPBF6JphyVb_h5k7Qw027rlNI4smOQ&sai=AMfl-YQvC62xLxqgcvGZf9r1oXfzwa1TsAUpzU-OVxBdPyZ9glWsuRHoAnWTowMi5d3H_XOwNMEQ70xeEnIlY4HPEqA5WsYB_z8RZqowW-15wi6oeGdbeTAU-8ULbUT62cwodXW9Hxlh1jmQWHOF64SyokAC&sig=Cg0ArKJSzIiG-8Q2XsolEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 1B8F 23 KB
9 KB 377ms
365ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 07:31:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1B8F 3 KB
1 KB 373ms
366ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:18:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1B8F 204 KB
61 KB 92ms
88ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 17:25:45 GMT

GET
H2 200 1773781326349927885
tpc.googlesyndication.com/simgad/ Frame 1B8F 173 KB
173 KB 305ms
299ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1773781326349927885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647f9f85c5c0cbe0e6cc412225e043fc7abe5227cd1f148e39cb4ae560fb148a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Sat, 22 Feb 2025 19:29:58 GMT
date: Fri, 23 Feb 2024 19:29:58 GMT
x-content-type-options: nosniff
age: 163005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176962
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:43:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D407 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c2ae18373414436866c98e8418f97003ad48ee26ab78494d47ec21f9dbaf088

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6BD3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68b65e273815f76cdd81a6b2c4e068191e02215edf4f3591a48aea66521353cc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F42B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 300e65213c6cb3090aa11f41c61e6d2c9018764b41488867b163b4a9babf928f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CF32 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7ff87e2733a22b55e023486b4e7aad1d8a1e982ff6a017df413f5f52843f44b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EA0E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b300f8294dd5f9ccc0d6c20487d51a61bff0f073952e56d70aee5471b25f39c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FDF5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186ddce3d073a8ac666beef57d663c020c071b24bf25ccee0b11c420cac4ec21

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3624 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b08090a0e699ea5e618cbf1bafc961e9c00947d949311b548b7365cb0646ae4a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E0A9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 127e532b085446d640fbd55d73c6d796f906114293d05b65921a6f1ee3d333ce

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 06A4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3868dc0650d64333d27cd53cbe48f0ce5cf093060c14f8b3cd04eca3359276d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C737 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d76de013cade24544de58b0ef1552bd74878c8da849671dc44ddb3d04cfc0f79

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1B8F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96b729df5e56c036cf32d233f53adbc784962c24794cb12702869c38a4d4883d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 100ms
98ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11411975-1&cid=850906360.1708879603&jid=1935116192&_u=YAhAAUAAAAAAACAAI~&z=845225402

Requested by

Host: 4fsrsva8sbjncs.pages.dev
URL: https://4fsrsva8sbjncs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA0E 0
0 129ms
129ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2lT1ra4bs1NCK_m9oeeojhU_217coJujAsscDVztAICR3Qk3vTdMwU0pZYnaavz0XmlZfWv_IM5WiN_ckNvr2O2YuyVXGMCky_G6pl1h6XTCfEv7LPdmf53NvHhR4NMnPFqNgPoMtpe65fFiwTd2MFwAU6foqYKoAHvO-Ai7GVd9BlxMIyhuvvz1TY6D49qW9owzUDvLhHKO0x7jA5cr73KTuomPOCfBXy_dfsqOBbENW3BGRGxbxyMITSwFFvRx80rCVUNwPYprklB-NyauUn0mTHRi_XkUJO4YVJ_n0C4-7yBIXAbKnhPvMUCqSpNX1QH6WVF9wL7Eyf93GVMHKHkpJsUPK5n2I&sai=AMfl-YTjsOso4zDXjuWglj1-cWvbw95uwuFWyA2yh_UsEIkalNYnR_o0xvFePHXuiDuEyZolQO2G_h5XjduHwzS9X2W44XfTmZRoEwKfOEBSq5vVQk6WLELVKr86TSkWewfPlHRbG7mqSolPIQiMJYf-odjh&sig=Cg0ArKJSzLKWtjvWgEHXEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CF32 0
0 130ms
129ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg7_uYTfSY1UbRmRNrQvSW2gKYLzWvXeU3QqI7nQyLPX2gbgS8oyz8KNQUmaS_n5LMHKCSR-C9QhKWtt-is5pwLi-0HHWYUKI8_R9WdnPQZCyUq-VlOFrcoYDMudF6s7G679SJoCJbFMhZYkr-UdtIi6-6gEBNClECzVHBt80r3RzWF7w9IDKVeN6pwPlgjjQtfu5yndIAZW4RYqiKNuKzEFQZ94eQyIVGkzI8tl9cC-BouAOebRsBGWCV-G8O3WgnXkTSw2GUx6SeiuXFPG8qNNXu-A2RD-LJ0dqtlAS237LZYemw-FYGNKYAJGAz12gZ6EWya_e_4IDwqz6pO4tc0IQ_vd4ae_sJueYieQjp&sai=AMfl-YQQ-AQ5smt0X6NRvzWoJuIrmhx02h1mOmY9jy2KZat2FLLx0Y_Rb3Pe_b0UGj_vUHAg7eaUZmMMDnVQt4DYD87hUzutVo3RKaki1t_Re4Ymt8WAc3z2hsGS6uDb-oYoAy8c5iRN2gZH8fG3rynBCh5Z&sig=Cg0ArKJSzGUH4MRk-uR0EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6BD3 0
0 130ms
129ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrNQGIQmP70RoHl2AUc9FAPnACTyOwbd0SPg-N6hdF-hJx_ujTFkN9Jn8IVeYgZfYUqVCMjrjgRIZ0hlbjG_T-EAwbH-9cw1T1rY57R_Q0GOppIMq3QjTKfZC0T9Q8X0VnZmAI6UCxcVSL33bsjo4kpR75rJaiU0lP9ubTRFga3BOsVIw5-JVjaCuV7hQm47xvRoOHqutMYv2UR57rgeD83bqg2ZMfrthCgosD6I9myTWfY5S4qz1iL6f12Sa88Cx4ObC8tEMylE3lL0TK0M4OxZJDigWQNYG_U344LYSWeQuTcaq9sJ57xpKZyX5jgvViW08TMYpvuoaM9RTcciDIR7dn_83HlOE&sai=AMfl-YQflBCClIb-jpmF5ol8lHKWg7Y56Ab2mpmxGZugI6F5zaFgC9Cpa-WUGXQNHjA-EJ_jXdwFYdkrm1lhlQywzeKhtSy_puXi-_-AFu_6oDsTtVZfS5bgq1IlLz9Da8G3AZRsrzqjdUay2VsoAZiPsKmO&sig=Cg0ArKJSzPfDqe_KCvo5EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06A4 0
0 130ms
129ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszYEaILFrDw3uZR7cbxKqItp_L-pM-cdU8JWWrXFCdkqls3Q17TvFr7OS0krES8Ol7gIqTDOPNZznjPuPLIcrJVGEyzhO_Mpk7zJXKdtZ3hG_UBUe0bKR08sLuB6_VnFkkCiPDcN-DTi054nRyQSkQavJ4CKzgqObwksSHozMrA3EEUo_8ULBZ2i5JagEkK3-AY-CSxIp5cDl6RXi_hc7oOopWxzJr9uw0z5vETVkLnybNlT7zOsDz3fWYmQfy-qF10VWVfMGcPVvxvvsmi5cG2HrQYDjnEEcoiQmfxwMAHbg1BnqYPRRleOzOqFoKWu-R26RAxthUf-yHcdC20kjimwKPOHndbC8&sai=AMfl-YQP_kDCMtajreReK78RwD8nGBxtO-MQxLUHahNMbz61KtPFSDUSMPukkEnzCqYdBrlG0gBYdlw_x1t2KWvmFG3NwUD83Yt7BfIF-6yjjzjOMVCQ37ew9DRS1J89bg77MHZncbaxBQU-iqcG_M5ln5Yo&sig=Cg0ArKJSzLUSU4VPqX9IEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F42B 0
0 131ms
130ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8ZLNRooB6fCUbo7gpxEwce9eWp3ytzp3Dfyqy7BZH9pAQJTXntWxifelqn26ExNdvKeOA0BSg9KnFP01sk1311ehR3fY7fQBoa7j9BDlM-37r3TRXo1f99QVLyPjIeHF1R6RRdAXHJLNw-811KHPlNAYTP8TJpRIkKS_OqLjnUegDANSHLQ0_F8SPgL8rIHs-4bjA67DyvfUxRyZedlN9AnGBn5fAwRs-arWup_rHIVa680hwxv9wcGmO_lDuXjSAqPSDtTTaygTsi3dtSYztQ5BdSmwWe-uo9-O4joKgRbir4Bg1tOPSGwzmxV2LGM_oISNnBXl8Us-WZXAeYI3UQNs3lwvlIVlCPSB2IfYy&sai=AMfl-YTqKQ7LqxuagR-aPLL6UTAmiZBFgq_ZrNor8949edYHNgm3odqkOskS7KLuPDGu84bXsfVhUVAp5p4O2BpbMj1qNMHzbfe1hFDtqr9aU_T3af2-vM_r1_gQk6NGvYrOXi_NbcJky0QKLOrhmyOeFHhT&sig=Cg0ArKJSzJgmQ8pSrC9oEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDF5 0
0 130ms
130ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTUlmBqj-vUT2uRTZ_IXWhAtjfM2dkpZ0awlO1hrm6agSkyDXb_0kNa6RsLf6FlNjmmdgZYMbBk8w4q4y_EUsOQ8WUV7d0-ZCuJfoBEGgnk88nm3N-5lxuwpuSyWBrNrAVEFxp3g1kB0cf8JS8w4jHtVJX3iH37yUI8k0vvhBukqp29Uei-CDjO9WnDlL2IjZ3WXbsshNCUFNtOOqfaRnqFx9fJL_7LOzkWSfaqRgSlTwd_U0ttFMzphNKA_7qqFQFtH0XwjbsI-4KRV_gLKA_PJxG0Gq2eESlqxDE9AfsivFTho93I44T2guVah4P9YpFQ98kXEZ0MtGXStDqoCjhZJGBR98v4aO6&sai=AMfl-YQg3oVlXbxlKYk9iflziVBAq0nk-waPXZAgrzghjjFOJQts-kuuyt4adL8nMHT5f7t-_T4rxhwhrZA9QLH0au6gGzTcvW2u8o2zHVTsWY4xuFxLPloPJuMUPM0N5CY5rYbVTXFkBAXzd0Ej4UytchwM&sig=Cg0ArKJSzM2uzEb8s3JvEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3624 0
0 131ms
130ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY1B5H7hb_7Z5YV1A7PhmZeI6U3Kc3MgYUfHc5OrzOhNTG2hHOP70tqclAgEDkojbeCaG3J4qRHMI72TwF02rAXLTu5gylOTy7mGFS4caI2SALCYDIBfhEHP-9h1WiUE-0-4BbhwB8AGLV3t_5ZZBNDQvD6j178mvktnRBgwWQRgGNJqY52rC43tK8rS1RiIf7mp4LMP8CV0FcB-uNOWZ3ioUDPc0AsvK533P2NGKcB5y99qXcZwxKajxBMGCjwr1jhwL_9tdT0Df-XsXX2cPsqJE67xapRmpVYozTF35wkqRCTvmqx2MzmsobYWt0MUPzP5dkmcJVds04AHyOlFFq7zv93bsiDGU&sai=AMfl-YQb85_2N3q_OXQjXgLR7Q7BFhxX0jsb1wcd_ydAJnrxhk30GDm65Qg8GWxnO3Jewu69Lp-AGnKF-uXGycuvSSMTHjxJV_ThI0dgg4OAS48wWGLUzMT_iMp2_uq1fSxrUWthjde_tF7YktRY2IGKc0Rx&sig=Cg0ArKJSzLeeYKVypsWGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E0A9 0
0 130ms
130ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ0gGZX_wlN015a-vKeVLP804Ug6TaXb7W9SOmLD7RWvqsXFEOUmXtytqXW-OFXWJHQYVPEZSm6031Y3j7afy0k8Lqx_VRMrq6aIts25fhoiFwv36mwlsG_c9JSZ7_EInbZHGKOqo_MrAA1ST_uVdYdUC35Yu8hORCPgCelBBVhTmByX3nx3odDM8UQjwYpXFeNT3i_k5Sc7Kg20w8XwykUMPun_Kz6w5s2Nh5Di7iUooZkSEigqCF8q57fwK7YxQDvSRc3MR03-494I_1FjljPDgVy5wEIQJbDawNtZ2LKeaPQJFVc5MCcSpvMsDG_cycH0ryE6QJl5raZYmd9Zt8hBOK4YnSHL8&sai=AMfl-YQbwWvGTNCHbI0R3BFTGi3xUWb6GuNeHuPb6d1eDHJ5pQquislrxm9zOCOtJLIfqcqWWAmvKtn64fimaePQd0fO_QyrUKvBx-5yvOgYaATvHvqPbWOPSljy0JdhfHq12eNAmE4OVoqSsyk6iymESYYf&sig=Cg0ArKJSzB8XCNSnPLU9EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B8F 0
0 132ms
131ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusz7aA8Kti_OdbMU5BoabV1FGmVF-sEvs7ZTP-46PbRF6YttEnL2rL7BfI2p_R2knfNux5jVE0BAobUHY_KHLFV5sYrFMI_ec2pKSoWqFBxcrGR8LLo8KFOnlT52x0AD18mDrFiZdcv94UxvwwthzbUqFClSp4EQ_5nDzC2y48s2OyqoUqp56TJYQGRBgw2lB2T6xGXT2QjubfOtKedNHLJxJNFOe6-kQ0iwlbbsbXmnne6WqUT3iCmOWlq2M4hVl1vE78ptAs0O-DXbjWVG58p89dP4gEfSot-xGKadvYQQGA5npggnsvwIwKih1mbwqG28ZAPRe15ENNvAXD2N3lvEX5xGaziBMd&sai=AMfl-YSwHOXWLSRMqpE5E-S2wbrheAeR1pEpq8NybJtecQ-FH6JBWOnSbDyvsu3RRAyXYZRn3DdsCqL_J-HOWd3A8BYeb58esH2X_riQuNZmE356Wl9yhJtZF-WuG2KVVVgFvHkcRl98wB96_lVsDmXWTklc&sig=Cg0ArKJSzPZQF8WNRNJeEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D407 0
0 131ms
130ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx81spQwYQHJNG0d2z11-zwpGJq3yenIdasMOUiYc0glAnLNcC-xuEHL73D_wwWfNpA6CuiXBgAsgdF-_5UBy5aOiHml9DlCXPvzT871P0Cm__fOVOyihO5x6FTaLPakUoPuzShxcc1goftOkq3LybxkLPWqtmf3CQFfAIJ6CAJDSrQByO8ALOTOthHDu4Lf5c_uGyAhL7AJAdYeX_DjepI-i9hZq-Rphybz2E4jvk4CpwC4r_-F-1VUhfpu68YImNnkt8_QwD79PUgsNiC2u9tO9Cgod2qci_weDIknYHGrOs0za9fbqMe857dFuZ40n--d9DbAZuGp6lHX2RkWnv_SQaDat_hi4&sai=AMfl-YRK33XzA8dbelbkV6diUVgvNZSukQksy1UILPUv6E2goARxtKnOqR1y4Aji3mPnTiB-7r6m6w164wQ_2pYX19OLE9pszYIOWErcqqJ1j6rxXvw8mgs9JOfmbuz0mYWP9bGZbh-IMl1y7518VqslrQOs&sig=Cg0ArKJSzHb7KzsnpSGHEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C737 0
0 131ms
128ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2T5QYXjroKauKsDTRTKRA_8F-r8G14BUlk8UHIjHxwuxwg_h64gDM9mLqJ1zNp8Ia8h3uxPs2wgUH_uaejybpDj2usMh1wr22KpqU-EopocU-NtMWpQ9K4sZTgDXGrTG7QrnXLdrOU-Rdlglc37K_AQo560-ODZznlyp5rDmUzU7CiqWesWIzIJIQLRXmPHoHTGwwBdm81R0qc0WwblgEPnVt9WBKVzqPXnFk6Z4PaWP7eOth_bKASNdjCzwfdDZVJxf_8jUqJ1Trh6oViYDBNGLbuI-zT6vGJm4BoQDA80GALOlQU1bZwON_TLOEl3KyXEuNJjJ5Uw95nx-uNtx9S0NaszCz2-o&sai=AMfl-YRRnXSOD2pgPU15ryl9XRT0H7u-DzgNJP1CwXdkkHU5b4LrzAWhKrcwalJ4tK7RVmN2wL0PZlxb5UmPyVuB-vnPKcfwoqKoc6syDZXU7-UffOee3YEkrPId8QFZ2xwT6eTOtrtFjZc7aRHKjIYZQcAT&sig=Cg0ArKJSzNOVni00cGxzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 152ms
150ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71ea29ef1cbe88c0cf934c8718895d9a455171ee5a8d8d882ebb1a457cd65d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12328
x-xss-protection: 0

POST
H3 200 rum Show response
4fsrsva8sbjncs.pages.dev/cdn-cgi/ 0
109 B 46ms
45ms XHR
text/plain 2606:4700:310c::ac42:2d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://4fsrsva8sbjncs.pages.dev/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2d08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 85b16d193abc8dd2-MIA
x-frame-options: DENY

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 119ms
118ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js?cb=31081367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 16:46:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A17E 13 KB
5 KB 66ms
64ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 254019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 18:13:05 GMT
expires: Fri, 21 Feb 2025 18:13:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5B6 829 B
561 B 86ms
84ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

72edc401cecf137ef2862c8069ef95c86a239e75f0637e8de91cf23343815136

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n3D1a5XPzAZTmEHQwHtAxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4fsrsva8sbjncs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-n3D1a5XPzAZTmEHQwHtAxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 16:46:44 GMT
expires: Sun, 25 Feb 2024 16:46:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame A17E 39 KB
15 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 20:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 20:07:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5B6 0
0 126ms
125ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402220101&jk=2542686631176252&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A17E 0
10 B 63ms
63ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OMhHew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA0E 42 B
64 B 131ms
130ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4CA2w-zxEeZTgOaqd050ggCK1pOIAcwshsIpxwb4mkpx-j9IMAZ8GXm6Fy8BTEXcoXZ-mmn_sfCt6NKsbVxEPhwEI7gGvFBn9Dr8uId2SPa-X_TH6btVI1GBIUfnUNCNU2Es0qjBplaVVpbO4cNvlkKn6FSFZmVU&sig=Cg0ArKJSzDAMN-p2wq4GEAE&id=lidar2&mcvt=1000&p=99,436,189,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2558534381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=481240400&rst=1708879603688&rpt=577&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDF5 42 B
64 B 140ms
140ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb9DYweGF7zLX3Qyp0CjWMf-u5hv5ICRw41tTAtQ_vjE_cJMedaFEMAoKb9tJm7nuA-t07xkO49mnMSGCXaZlu7clFv1AjBCz8tb5X4vZhudEWQWgWMrRs00O782pxGluTwQjgYcgLBoTqSqGeGG8Ia1jD8oOGdCI&sig=Cg0ArKJSzEKBKM0lm9ufEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=25877906&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=481240400&rst=1708879603720&rpt=701&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BD3 42 B
64 B 138ms
138ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP_9TfddUE4NKYpKMjI3dlMqNAu2dJQItnSqf7AEHBbw10qqYsxzsdS191xMjGHr8oupGyjSmNPoVw2Db0FH3Ga2zmQSUuD1munQxY898YzQtsOidv3LwFG9hFWBbiUkQ36FJEpWnJVprb-aPWIzJaEl1Ef06qNk0&sig=Cg0ArKJSzCV5FOPgXb6dEAE&id=lidar2&mcvt=1005&p=190,1426,886,1600&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240222&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2185212989&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=481240400&rst=1708879603632&rpt=693&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4b95f88e1d60d0a67afca5e428fed781.jpg
highburyads.co.za/www/images/ 274 KB
275 KB 44ms
42ms Image
image/jpeg 2606:4700:3037::ac43:d8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/images/4b95f88e1d60d0a67afca5e428fed781.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b692cdc8f3b0f780d255af1e6a54a34c142045f69dcab8ddd31e2df36873b3a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 16:46:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 302737
alt-svc: h3=":443"; ma=86400
content-length: 280540
last-modified: Thu, 15 Feb 2024 06:57:13 GMT
server: cloudflare
etag: "65cdb5c9-447dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70ARfxR%2BZoCvLJEumj1mVUgtFAOBGSsCEhKJmtpaE4di%2BJ%2B4HIgpOSANZ9IsOqYXmrA83lCEYuxm%2BAPzHAkWwWhFWfwCWvaCUJYna4%2FAuC1uW6Ex%2FcYp%2BgpSAwpyViRkikW6WBuJ3%2B5MYGZJKFTI3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 85b16d1eb9557bf9-MIA
expires: Thu, 29 Feb 2024 04:41:08 GMT

GET
H3 200 lg.php
highburyads.co.za/www/delivery/ 43 B
664 B 177ms
175ms Image
image/gif 2606:4700:3037::ac43:d8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/delivery/lg.php?bannerid=5984&campaignid=3926&zoneid=1599&loc=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&cb=602f4ede3b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51WkMBmUnmnrvk%2FdyxDKYu%2BLynwH%2Fa0apchEd6CPZzZZ7%2FuIQyhMsbfKOW%2B%2FLSmc2v4sfmbr18DUsVSL7ek5WNkZAO6DHmzBv5bWq2HnaZ%2FjjKAAXonR5KTD5EDBJ1%2B%2BrzEUPXfSeRdB9Rsnd0v05Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 85b16d1eb9577bf9-MIA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E0A9 42 B
64 B 131ms
130ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT8dPg9_8W4t5t90I_iB8Y1XxgMlpfck48Qtd-N9X8k-C8KodYr_GfHsmlPmMlYM12IkPpUA4pbo86OCWTuj4bzB6mbS6OlwjDBYiE-x_yWJoYArC9QmOZmuNiYLtgtJ72VEKwdtdoEKyg-bdkDS92ComAZ5ukP7g&sig=Cg0ArKJSzHgvA59LlslyEAE&id=lidar2&mcvt=1001&p=719,1074,969,1374&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240222&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=302933537&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=481240400&rst=1708879603759&rpt=728&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3624 42 B
64 B 131ms
130ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspqOn8cTBWkljajCVJJ3ruFiWBl8WHGoNdQWE-nvvWi6oSlNFG3zdhufDQlBzsbv-1t-1W0w_xf4PJWB3xxjyIdN6IEsbDlfMXkXXWytzLRnLKMbH_MPF6wQELilBK7f8MyHlv5A3972BLmwMrU2pksAG5Fv2n3iU&sig=Cg0ArKJSzInTlkkzBgFDEAE&id=lidar2&mcvt=1007&p=454,1074,704,1374&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20240222&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=435244622&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=481240400&rst=1708879603739&rpt=715&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D407 42 B
64 B 132ms
132ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK0WrmdoCNe6LMR_Mw4GcUx7tVLFrYbrLoK82KOulexfXgm_-bZRnx5Wib9BCNGA17F0lvgF6EuVvvMLeXWYu1ES5JBLl8cFxf7TVmw4O-dCc333xt58mf29_VDcq2ABSUhHQqZzvQouogAzx3QiMKhKCrUgOpbys&sig=Cg0ArKJSzA3mExMtHgNUEAE&id=lidar2&mcvt=1010&p=190,0,886,174&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20240222&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=979567663&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=481240400&rst=1708879603611&rpt=930&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 16:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 129ms
129ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402220101&jk=2542686631176252&bg=!-fql-rXNAAZ3BdUuVwU7ADQBe5WfOIHnSHpHMNgZJH8G6k0yGLzgAF0PNP2LC2Cq53WW81_d7mEe0dZuLxwwrATdgQC6AgAAAGNSAAAABWgBB5kDFOTD7KZsQLswQayxguCfqG8iZ5owFuYZYV-6Ws5_JriH7O5HSQ6hk3hVFH9VZ6AnNvLfD3J9mk2wD9qMuiwvBOykwx3Kk5L7x_7P3redigu7g0lCbE6ied_O4AUaLiatrKF9rkzJOkdXGbCViTxGeVE-SDwQwyRvZVO3MzVFzKkcs5kEGHREOUpzk0x-dbeXL2r-f4j909tBRXs53tk_e85qFtpRoX4rXnn0RFFPF7mON8fc37W21KuK9lCMyC-U-vwJRyLwUq_BhD3ZXxYqX0KSWwlvZFEXkvQ9yw__WsfdxQgZ79UCe-aT64E1JSfLnOElUWuTjsYg0xJYmNUFwh8E8PGIAMDpzuTUUIQXetQEIiPoGSW_sj-ahdd81VPFoXkB8YzY10P7DcE0eJnmSBJ03OLEJUj-MWgKEEbG5ri-qyQfFCYtrfFLekFs5MzL4JcUGCwHTsN8i0TPoUhfGa1QDpQu66y7QpjDJIa_QQLf3SaQdBEZovMQwOWQ5qxhr-x9ekMgseqG8WQtA1fojfd_9GW54IIcx9oCq9VfBd2BaD7KbQZlvurQIishkfcq9UQ01atMz3EUzGYe4XPgfwHrsh3YO6kWXvdyu1XdJ7Dqd5GyU_VAOe1gkaiTuSeUz3a8rYXNxXUU-8PKX6fXRsC4SX_8MDUoS0-VraWEVj3tJ8RSM_7TgabjBxLnwc5NWeATUXujeoqRv9Ac8iR72Knqhy7JoTfXneu1xoM8S3h8kF4gmXOj4RCej2aqi6DIUs6vZodvTIAhGPa7C1c2AoagPr1-8sfWQ9n_tzQUPkzvjoVli8gaR2xE_bDnptAIRuU_ZAZM2VWIOfuhYQwpbxDSvzefGapv4xG8E9a_IL8S3itMgawo5X2SfjCGG_pTChTnCYAxlp1RviEg1zb0aUiDOySdO9TtTwjFGvsIoXVQHE14lwGvM7C-bzZ95u2jowEVNtT1FQTRNwsF6BDY4UZxNZRlSXrCJvpISrzCfj4NCybpU5nFBBRnJU4FFgnDP8YeOFCJv2iSysvIcDunLMcdQkJh
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4fsrsva8sbjncs.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
4fsrsva8sbjncs.pages.dev/	1969-12-31 23:59:59	Name: PHPSESSID Value: salgvtpffmr0hv1bqbgllomnf6
.sharethis.com/	1970-01-21 03:28:22	Name: __stid Value: ZHoAAmXbbvIAAAAIGPMXAw==
.sharethis.com/	1970-01-21 03:28:22	Name: __stidv Value: 2
.4fsrsva8sbjncs.pages.dev/	1970-01-20 20:50:55	Name: _gcl_au Value: 1.1.1319330237.1708879603
.4fsrsva8sbjncs.pages.dev/	1970-01-20 18:42:46	Name: _gid Value: GA1.3.98738513.1708879603
.4fsrsva8sbjncs.pages.dev/	1970-01-20 18:41:19	Name: _gat_gtag_UA_11411975_1 Value: 1
.doubleclick.net/	1970-01-21 04:17:19	Name: IDE Value: AHWqTUnJY4AAMsaT_TETAbdN80xbU11Wk0YQS3Cl7g5Nnwg2hrAVNvpDgKc8aEcz
.4fsrsva8sbjncs.pages.dev/	1970-01-21 04:17:19	Name: _ga_KYLBT1M2BJ Value: GS1.1.1708879603.1.0.1708879603.60.0.0
.4fsrsva8sbjncs.pages.dev/	1970-01-21 04:17:19	Name: _ga Value: GA1.1.850906360.1708879603
4fsrsva8sbjncs.pages.dev/	1970-01-20 18:41:23	Name: boxzilla_box_999587186 Value: true

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&lmt=1708879603&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F4fsrsva8sbjncs.pages.dev%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708879602429&bpp=6&bdt=2232&idt=606&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1020626064270&frm=20&pv=2&ga_vid=850906360.1708879603&ga_sid=1708879603&ga_hid=557716079&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C31081316%2C31081317%2C95325069%2C95321958%2C95321868%2C95324154%2C95324160&oid=2&pvsid=2542686631176252&tmod=1633846061&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=665 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4fsrsva8sbjncs.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4fsrsva8sbjncs.pages.dev
analytics.google.com
bijhdg6t.ddnsgeek.com
buttons-config.sharethis.com
cdn.taboola.com
cms-prod-vehiclestockimages.s3.eu-west-1.amazonaws.com
da1ee1aabdadbe7abe5ded6e921889c7.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
highburyads.co.za
l.sharethis.com
pagead2.googlesyndication.com
platform-api.sharethis.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
13.225.214.96
13.59.115.51
142.250.65.194
151.101.65.44
2600:9000:266a:400:c:abe:f440:93a1
2606:4700:3037::ac43:d8f5
2606:4700:310c::ac42:2d08
2606:4700::6810:3965
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2002
2620:100:a001::c
52.218.1.112
65.108.151.182
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
07f30c3dd218d85dc7359d7156181ad6e07f4d395f5607964bc9b09e4bd195cc
09d7baa487073aa42f527453bbfde6250b939cdbb6b5fad182e99400ed5e8733
0c2ae18373414436866c98e8418f97003ad48ee26ab78494d47ec21f9dbaf088
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e5e6044f16c2085aec594d0130f04eff221d7e195d70269c0db0b687d3f05ea
0e66260a1d3beb02ead6c3238214c8c763a5d8b83d502281bb35b2aca71b83c1
127e532b085446d640fbd55d73c6d796f906114293d05b65921a6f1ee3d333ce
186ddce3d073a8ac666beef57d663c020c071b24bf25ccee0b11c420cac4ec21
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a8ac1c3dc256dab1109943cd3c522e8123fc63a7fd1afd7fe375c5d9329c8e8
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1e237a4d79b3e1ad1c38d98676c9d1e3dccb2f45a07bac29c489b0e01b2b2e4a
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
23b1d4d3be86f620aca2503865edba505e42a7e85230adbfaec154f8f5d9860c
2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2
2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074
300e65213c6cb3090aa11f41c61e6d2c9018764b41488867b163b4a9babf928f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c
346e82fb4cd0cda82f2e36d4f07e6c160b6d68fcfdf15a2c141994c42883b453
36077736057577c6f650ad9755ef7229c2e92953a0c3bf08354ec4bee666593b
3642c48a373414df2c8e71161ae53fa1ac2fc1e4cece557536303a5de5429016
3b300f8294dd5f9ccc0d6c20487d51a61bff0f073952e56d70aee5471b25f39c
3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a
3e4038e073467defeb6afcd56c5ac9b421c81a804cb7b29614db2707ebc6ae1e
40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a
4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f
42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290
432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9
43cb4c554f75f58b0979ea45d3de6909310b139991fd6a74011d8b142bdc9dbd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47bf0a2b4d0782d2a4010f1e7807fe04a37d83861ad5db413ed40ed146118f2c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54df24aa535b60d463c5b216203bab8570170ac4380c7d2a67b54d55c0491ef0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59cc766891e2cb26d5b604d47f3400537d9a0be8b9e34551ae4cedf54ea5cda2
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1
5ba5130a109bd73dd7f7d5c9cefaa2a94e3f869a434d58033acd65b19e7a3f52
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633b22b8aee84d2ee62e05e9ee7c466aa4dcddcf28e8cbda2806741cbd7d1b60
647f9f85c5c0cbe0e6cc412225e043fc7abe5227cd1f148e39cb4ae560fb148a
652ad1c8c8dcfd369d32d195b3fb3bf28d7288335a27b40378bb89e1512dbafc
65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f
678a9b7a6637da03fabdbd18c24c9501104ba33933800a493da284bd4f709a4f
689decbe8f44f628332275cabd0dd59651ee409ad9e88b1906e7b13327cfc9a3
68b65e273815f76cdd81a6b2c4e068191e02215edf4f3591a48aea66521353cc
68dcf2eac646a11f0aba14942ee77115adf710ed0158aeca8b4a6b8d68b21b2d
68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a
6988d947aa969a0dcb1b385eb19b0600842ae629452685e00b2f40c2180f66b3
6c52751efd619db1681e554661844a72c122852a5d7368904f3a1c2bc522a856
6ed80ac326bd455d834fd1e96f6e777fc99f52bf63019ba199d4d2fff76e5bb1
70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48
716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0
71ea29ef1cbe88c0cf934c8718895d9a455171ee5a8d8d882ebb1a457cd65d43
72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99
72edc401cecf137ef2862c8069ef95c86a239e75f0637e8de91cf23343815136
754331b366115651426f17abcb56060a0ec7a305e5c78ec997a1ffb18fc04842
754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e
77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4
7843fbc4734d1f297e17d79b9a2e9ada9591099dbc0bac92522efba8cb1734b7
79f3800a2728987b35c0e0c0f747b19119906da0639e1aa4db308ec4f24c57d9
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
856f13dd7733916b6cb380524ca923843e389e561a68bf715202ebb25a71280c
8a0997a061ec1e602545d689b3ce1f62fb723e88d24632f8c595942d9374b692
8b06bc85a313ce37209c26c58349b9d9928a8ad9292dd0ec0ecc27cfcdbc836a
922a968d4fc08ebf4ba8b0a88107003a4584cff5b2da51a173ab6eecbbd38a6b
955557392bff5292e4a9c98930771e59fdd68fa3f3bb7efc3d0c33ab86922e83
96b729df5e56c036cf32d233f53adbc784962c24794cb12702869c38a4d4883d
9846580b770b14a54a817699545ca147ec6f8ef3ea1d4852dbd00859395fdb22
99d9387ebd62c332b2a58fcc4d29bce19afdc6c094578b84aad4836fd456db05
9b4b81997b95903472041f68532043cd47aeda235c948633cc6b350f5827eac7
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9e318599272c58591fbc7052710cf8216e4ce62e41f8e412532cf2acf5b84c23
a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be
a17de3b13d5d3be33b3575c29a488f9ea23acf764ea8826fd2f98f1821535b22
a563a42417b2bc1412e49c2a1a9869e2bff6627fd8837f4b94c76467d73c3455
b046ae5980378b40d9cce08cedafd9908e21be45040716fbb83eb5325339e2ad
b08090a0e699ea5e618cbf1bafc961e9c00947d949311b548b7365cb0646ae4a
b18f861031b94c9ff00f14fbecf2e0400d7bf906cde51811c5a25399514110c5
b2de46d9704458f0858900c93e07bf7303a8fc7f8bf7da8dcf2a6a2dd204fba8
b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e
b4675cc05460d01cd525616eee93696802fc0ae6cad4b471b1c6a4cb315da32b
b5188605ee360b008948eb598557da3ab7bbf506d3e942d6b27b2f60a1538f4a
b692cdc8f3b0f780d255af1e6a54a34c142045f69dcab8ddd31e2df36873b3a2
b76b1121c120579bcd499deac81b092a3df306df94383d5f7d450e6eb3e31720
b99840f6613aa4861f835b7e0f54e5e5b5275007930b332588a3b9d5d3150cc9
bc05cc2f388f7062ed8ed407e1639edac1d4a61b7fda4ded5f070806d6edb4f0
be7c6371a7b8dfeb8a17e1bb98c927704006820d15d0edce30a73c981e37e7cc
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
bff4b01ded0f85647f746b9cbbee7029df523ca22542e02240e4501d73c32275
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4553908b5e1a0fcb359c6c12913e1af593e65935191c9bd79839911ac319ef9
c98a22191c17676d86fcd537f2f190f23842fe9a4a1c136d918f4cacf5645d1f
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdf423862ae4d50f3be32aa0bef4d6be12e487a62a3c03156ed9bcb0db877bbd
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
d3868dc0650d64333d27cd53cbe48f0ce5cf093060c14f8b3cd04eca3359276d
d6c6f0dedaa5f80bc141cdf9f6ba2b085ecd8781e6fa2e163ad33ed51c4b565a
d76de013cade24544de58b0ef1552bd74878c8da849671dc44ddb3d04cfc0f79
d7ff87e2733a22b55e023486b4e7aad1d8a1e982ff6a017df413f5f52843f44b
d822d3319f7bd525baf94f1d9cf2fa798e92c2484a7e63a462ee17b2419470be
d8ec835a46274ef3badbd66259ec0137e2d6871dae5710d7116ac76b8bf64b4b
d9760db589fed586cad01525701a161142d79d956f1d95b4dcd45d4c6deb0213
d9abd6b6b0d2f88bb13de122ac0dd4393a20ae993ee599f51f2f813f91dd9ecf
da7b0efb169d77242560c1b24d12f46be69d8d5af713f2a688acfdf587b3bfbf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d
df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a
df4f523e085bbd225ad7ab8cdb934f831a233b7e944cff4054595dca95466cb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4556405d23e6b4b0a113075d78af61425678e06f649cce3884c5cb78e50680e
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
ebde77d3228f016a7a6b22e4de440122043f78a20c65faa464f420c8a4896577
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3900a9cf8e802c21922354d0b65e41892a76e453cffe011e066da01f984b217
f4b663f87b8f4f901c57f9c46ffcc762c3967dbf044b5f578962974a12f907ee
f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8
fbaa759576cbef8c7483bf50bd8c900d290829f157c61fcd0aacb822bfa74b2e
fec8bfa2050bc9e098b25d4b76e4f7a67b368aad0ec4425a87cecef634ff3431

4fsrsva8sbjncs.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2d08 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

99 %HTTPS

75 %IPv6

17 Domains

24 Subdomains

25 IPs

3 Countries

6603 kBTransfer

11768 kBSize

10 Cookies

65 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

4fsrsva8sbjncs.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2d08 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

99 %
HTTPS

75 %
IPv6

17
Domains

24
Subdomains

25
IPs

3
Countries

6603 kB
Transfer

11768 kB
Size

10
Cookies

205 HTTP transactions
12 data transactions