discord.com.ua Open in urlscan Pro
192.99.147.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://discord.clout.com.ua/
Effective URL:
https://discord.com.ua/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On October 14 via api (October 14th 2023, 8:48:25 pm UTC) from DE — Scanned from CA

Summary HTTP 170 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 26 domains to perform 170 HTTP transactions. The main IP is 192.99.147.139, located in Canada and belongs to OVH, FR. The main domain is discord.com.ua.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.

This is the only time discord.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	192.99.147.139 192.99.147.139	16276 (OVH) (OVH)
2	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
5	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
3	142.251.163.113 142.251.163.113	15169 (GOOGLE) (GOOGLE)
18	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
4 22	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
31	142.251.163.132 142.251.163.132	15169 (GOOGLE) (GOOGLE)
3 6	142.251.163.147 142.251.163.147	15169 (GOOGLE) (GOOGLE)
11	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
6	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
7	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
8	142.251.167.154 142.251.167.154	15169 (GOOGLE) (GOOGLE)
2	13.107.226.40 13.107.226.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2 6	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	192.184.69.252 192.184.69.252	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 11	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 4	104.112.20.199 104.112.20.199	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2 2	52.205.209.227 52.205.209.227	14618 (AMAZON-AES) (AMAZON-AES)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.213.189.173 18.213.189.173	14618 (AMAZON-AES) (AMAZON-AES)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
170	24

28 192.99.147.139 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: s6.uahosting.com.ua

discord.clout.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
discord.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.113 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.251.163.154 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.251.163.132 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.163.147 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.31.155 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.226.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.79.197.200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.153 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.69.252 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.115.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.112.20.199 (Ashburn, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-20-199.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.209.227 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-209-227.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.189.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	531 KB
33	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	222 KB
27	discord.com.ua discord.com.ua	389 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	204 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	607 B
8	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2045 nym1-ib.adnxs.com — Cisco Umbrella Rank: 1491	58 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	411 KB
6	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 75	21 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	7 KB
6	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1204	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	2 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 648	725 B
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4847	58 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	144 KB
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 8350	233 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5702	613 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2268	173 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1030	454 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 2092	673 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3681	1 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	540 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	463 B
1	clout.com.ua 1 redirects discord.clout.com.ua	463 B
170	26

	Domain	Requested by
31	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
27	discord.com.ua	discord.com.ua
22	googleads.g.doubleclick.net	4 redirects discord.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	discord.com.ua pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
11	www.gstatic.com	googleads.g.doubleclick.net
8	www.googleadservices.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
6	nym1-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
6	www.bing.com	2 redirects googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.google.com	3 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	discord.com.ua fonts.googleapis.com
4	sync.teads.tv	2 redirects
3	www.google-analytics.com	discord.com.ua www.googletagmanager.com www.google-analytics.com
2	rtb.mfadsrvr.com	2 redirects
2	pm.w55c.net	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	cdn.adnxs.com	googleads.g.doubleclick.net
2	adsdk.microsoft.com	googleads.g.doubleclick.net
2	www.googletagmanager.com	discord.com.ua
1	dsp.adkernel.com	googleads.g.doubleclick.net
1	fksnk.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	trace.mediago.io	1 redirects
1	t.adx.opera.com	1 redirects
1	a.rfihub.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	discord.clout.com.ua	1 redirects
170	31

This site contains links to these domains. Also see Links.

Domain
discordapp.com
itunes.apple.com
play.google.com
wp-puzzle.com

Subject Issuer	Validity	Valid
www.discord.clout.com.ua R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://discord.com.ua/
Frame ID: 8AD56C6DB196FE85CF3BEB1177C6ABEB
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 398C6BF97DB979A202381E69EB84278D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&adk=1812271804&adf=3025194257&lmt=1697341700&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C260x675_r&tp=site_kit&format=0x0&url=https%3A%2F%2Fdiscord.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316500040&bpp=14&bdt=964&idt=143&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3652207399414&frm=20&pv=2&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=166
Frame ID: 3DED491915C0DC86AA2D660E9F4F6CF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=280&adk=2012851121&adf=753444050&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1697341700&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x280&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316500054&bpp=3&bdt=978&idt=162&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w0ZMrPBi58&p=https%3A//discord.com.ua&dtd=167
Frame ID: 637A1DB8226005CE230AF8E033882A3C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0205774FAD9DBAF56316ED8A0B1D23FE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDA13BD73ED13EA2D544AC07BFBFFFD6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=280&adk=1421864282&adf=2366561231&pi=t.aa~a.2746192485~i.37~rp.4&daaos=1697310157268&w=725&fwrn=4&fwrnh=100&lmt=1697341701&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9019949464&tp=site_kit&ad_type=text_image&format=725x280&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2133&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JlrgtL19NP&p=https%3A//discord.com.ua&dtd=11
Frame ID: 330195FFB8BD88E5C5E316A43AAA7801
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Frame ID: F7566EB6D5875C190E2AB4C7B9494A3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18
Frame ID: 0E3E6503BA074049938D6BC92480419D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 5D33F67FCF0784E9C0371371816F1580
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 48086BA8AF794F8E80B82E2AE9FC0BB8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: D33823A8F0C4E35AC5BF81CA53191E9F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 2723C3CA6A1081D5DF702FF25100986A
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D32A3ECC29E4593BAA5C3F45651DDE8D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4C82DC57F90A44C7D863C55274EC220E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86CE4319EC3210B475343747F3889550
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B79F5A9DF9E0612364634D8AF9020C78
Requests: 2 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 978206AA84985DC07A0B6D8948347308
Requests: 13 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 306A7159591FF3374C4179C36A1C67DC
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: F6326BAA6712787F4F73A0CA752F20B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: A088BB8DEDC1B4E2D1F594C57FF2B4E6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: 759D28827C1C3907394BCC5D8552EE49
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: 9FF637C43B149FFE45EADA3CD22BEF27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: 3E0C24478957718762C1C2967AA4799F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A0B3DAC22AE33F65F5527A197498FBD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 560974046442FF24CFD21E01AC324ED6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord — скачать Дискорд для Windows, Android, iOS

Page URL History Show full URLs

http://discord.clout.com.ua/ HTTP 301
https://discord.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

170
Requests

91 %
HTTPS

0 %
IPv6

26
Domains

31
Subdomains

24
IPs

3
Countries

2071 kB
Transfer

5514 kB
Size

30
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://discordapp.com/api/download?platform=win
Title: Cкачать Discord на Windows с официального сайта

Search URL Search Domain Scan URL

URL: https://discordapp.com/api/download?platform=osx
Title: Cкачать Discord на MAC OSX с официального сайта

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/discord-chat-for-games/id985746746
Title: Cкачать Discord на IOS с официального сайта

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.discord
Title: Cкачать Discord на ANDROID с официального сайта

Search URL Search Domain Scan URL

URL: https://discordapp.com/api/download?platform=linux&format=deb
Title: Cкачать Discord на LINUX DEB с официального сайта

Search URL Search Domain Scan URL

URL: https://discordapp.com/api/download?platform=linux&format=tar.gz
Title: Cкачать Discord на LINUX (tar.gz) с официального сайта

Search URL Search Domain Scan URL

URL: https://wp-puzzle.com/
Title: WP Puzzle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://discord.clout.com.ua/ HTTP 301
https://discord.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://googleads.g.doubleclick.net/pagead/adview?ai=CwTEUlP4qZYuoD4_4xtYPsZ-cwAm9pczIc_KU4OSEEtCz-vqNDhABILLK_GRg_aCZgegDoAHBtdGpKsgBAagDAcgDywSqBMsBT9AYh8S2Vewxit_CgUf482qG9ffTfIOEB3ljpV8z8DlMFntQapfz4n54jChKUtDTzasoRHWWOpsLqI-L64zhRp8tW3ltNqjQUkB_PXCE7_ph7N345ZRLM0MGIiIwcgLj7HbKX1eYuINz6xb96qQipGG71qSCTAwkw7zuTxHeUbWCuInfKmWyXzVV5jioYXttCfJVEt9dnA8_7aFN13Z5TXOGfAYhMOYU1xiUWlPFO4h9f_sCmzexBznzLY2XEmA9Y_AknZ9r3PMRIjvABLDXoP3HBIgF1f3T5UySBQQIBBgBkgUECAUYBIAHq67diAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDbtAnSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJlgJodHRwczovL2ZpbmQua3JhdXRvLnRpcHMvc2xwP3V0bV9zb3VyY2U9Z2RuJnBpZD03XzQ5NTcmdGVybXM9YmVzdCtrbGF2aXlvK2FsdGVybmF0aXZlLGFsdGVybmF0aXZlcyt0bytrbGF2aXlvLGtsYXZpeW8rYWx0ZXJuYXRpdmUsYWN0aXZlY2FtcGFpZ24rY29tcGV0aXRvcnMmc2VnbWVudD1jMnNrcmF1dG90aXBzMDImc3ViaWQ9MTg0MzYzMzg5Ml8yMDYxNDI4Mjk2NV8yMDYxNDI4Mjk2NSZub25yZXZzdWJpZD0yOTI4NTA4MTEyMDU4NTQ1MjAwX19fXzEwMDI0NTFfXzE1Njc2MDU1MDMyMIAKAcgLAdoMEQoLEICH_OO0sqWuwgESAgED2BMNiBQD0BUBgBcBshccChoIABIUcHViLTI5NTQ5NzQyMzU0NTE1MDEYAA&sigh=9dgSYFfhVww&uach_m=[UACH]&ase=2&cid=CAQSSwDICaaNZJsCdAWyeISwplPU0IPm3hPYOSZSKRHwJNBG7ZBK4_uM8XJu0TUdzDg_z6PghTDqFbbDhdnDQU1_m35P2PnafcpMWfwMLBgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaddac8a26c4bee0000000000000000%22,%222%22:%220x551c68b73497e9f60000000000000000%22,%223%22:%220x75d774c1dce29d810000000000000000%22,%224%22:%220x25f0005f975def200000000000000000%22,%225%22:%220x5fc3a22df8c19e400000000000000000%22},%22debug_key%22:%227762998134441355550%22,%22debug_reporting%22:true,%22destination%22:%22https://krauto.tips%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211361606337%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224357111896199818753%22}&andc=true

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f4011f00-01c4-489c-8a2b-d69d0a67111c&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=274825ad-6cc4-48e6-ac65-740bb7368abf&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2811-0%29%3F%26RG%3Df5cf5615e8cc44d8ae3fecaf64b374cb%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vcqrivpr&aid=6281823392505195594 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(11-0)?&RG=f5cf5615e8cc44d8ae3fecaf64b374cb&SNR=1&GV=2&med=10

Request Chain 128

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=523521dc-7c1f-4b8a-9294-05cd9bc38bed&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=2f218234-1b27-47c1-bca7-5c8727a59fdf&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2813-0%29%3F%26RG%3D982219efdee9481daf5af1d32899d5bf%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3cncc_fp&aid=8557960053254811914&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(13-0)?&RG=982219efdee9481daf5af1d32899d5bf&SNR=1&GV=2&med=10

Request Chain 134

https://googleads.g.doubleclick.net/pagead/adview?ai=CKINblP4qZYmoD4_4xtYPsZ-cwAma6eCnc5Se_aXfEZCSu5mzPxABILLK_GRg_aCZgegDoAGn29ONKsgBCakC3vU6GeShsT6oAwHIA8sEqgTKAU_QvEvHR-shtx5uLYy_uyfdWw4u-sMRNWXYTdymVC4v-upZzI4bJXoh6tWo1PFwVy_ChOmxuGjr8I3n7oe3Gn2ZbyaAjNplDeVWT3vSo4zFLrAn9KOsDHWtU5iqb0TjW4HkgKTFmr0VloR4DGihM4lhWeUbe5HjwrHZcyVEa8OxlfSqPr_Xq8wt1GO1oDm5Id-Jr8LA5lgOduW8NWiC2-KtQmuaP0guOErJbMbGhg86gnm5czzQezHw7qAbhravj0uUf7yxPEl2Hf3ABOfjn_S5BIgFz96ToEySBQQIBBgBkgUECAUYBKAGLoAHp5Ok7QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCZ3gLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJZmh0dHBzOi8vY2EuYWxkaXNjb3Zlci5jb20vZHNyP3E9enRuYSUyMHNvbHV0aW9ucyZhc2lkPWFkX2NoMjEyJmRlPWMmcmFjPXp0bmElMjBzb2x1dGlvbnMmc2NsaWQ9MC0yNDMzOIAKAcgLAdoMEAoKEMDe05Pw2L2pOxICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItMjk1NDk3NDIzNTQ1MTUwMRgA&sigh=RHw1WVEnYT8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNZJsCdAWyeISwplPU0IPm3hPYOSZSKRHwJNBG7ZBK4_uM8XJu0TUdzDg_z6PghTDqFbbDhdnDQU1_m35P2PnafcpMWfwMLBgB&template_id=5000&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%225915657346663634482%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222331451605018969329%22}&andc=true

Request Chain 137

https://googleads.g.doubleclick.net/pagead/adview?ai=CFKFllP4qZYqoD4_4xtYPsZ-cwAma6eCnc5Se_aXfEZCSu5mzPxABILLK_GRg_aCZgegDoAGn29ONKsgBCakC3vU6GeShsT6oAwHIA8sEqgTKAU_Q1VB5Ff9oktIRcDBatvccGlM47I4jpXJJyoiIMcfpzlajc-tDKbdCQ22fSwbfaOO-7luWpvgOp7C1XvqVh3osqy9GqXY6oFnrFenB-iXQthW_clT-91lVSAvvugbafxqnAOUA1TW4v_lGLYF5u9a63YwAwPdTeb5UiAdYdOgprXZerxoYXVZ3Mb18EbnrSHzJJ_icvnTYh95TaWvMDSBaagjBWVY5fQ9ClniVoCmwJ-YKjYg2sxxaAOEKHMVxe3vpaYrP0Aef6LHABOfjn_S5BIgFz96ToEySBQQIBBgBkgUECAUYBKAGLoAHp5Ok7QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDByQLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJZmh0dHBzOi8vY2EuYWxkaXNjb3Zlci5jb20vZHNyP3E9enRuYSUyMHNvbHV0aW9ucyZhc2lkPWFkX2NoMjEyJmRlPWMmcmFjPXp0bmElMjBzb2x1dGlvbnMmc2NsaWQ9MC0yNDMzOIAKAcgLAdoMEAoKEOCf3YvZzcSdJxICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItMjk1NDk3NDIzNTQ1MTUwMRgA&sigh=iNcb_qx14mk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNZJsCdAWyeISwplPU0IPm3hPYOSZSKRHwJNBG7ZBK4_uM8XJu0TUdzDg_z6PghTDqFbbDhdnDQU1_m35P2PnafcpMWfwMLBgB&template_id=5000&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%2213595606980980217936%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22624708314917736849%22}&andc=true

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 140

https://googleads.g.doubleclick.net/pagead/adview?ai=C8eQ1lP4qZff6D5aPvPIPlY-wwAqa6eCnc5Se_aXfEZCSu5mzPxABILLK_GRg_aCZgegDoAGn29ONKsgBAakC3vU6GeShsT6oAwHIA8sEqgTRAU_QcxYAaU5NF4oQVt5GSR08fZWpscdPako2n8hlhLpSPOqB-GqYO9tn9DGpiK_UcUrQemyaGnPO1_jU8cGGdBeiijd950sCHnT5uaGGSBhPdA0ZNM8KNUuHjmsG0-_KlG8JsgaP2p4JLnvO_3uyuLuNdgBKWuwOymWcXMKMHArwKvTqC8I38YIVD6CWVOZyRKKodkVmTzboC-tlt9mA2vsbq7nQAym05YRrOoPri5D5o4zVRJaIu5WJYAfFjGrLk86XAwiRvHaibFykUw2V0CFrwATn45_0uQSIBc_ek6BMkgUECAQYAZIFBAgFGASAB6eTpO0EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQh54S0ggUCIBhEAEYHzICigI6AoBASL39wTqaCWZodHRwczovL2NhLmFsZGlzY292ZXIuY29tL2Rzcj9xPXp0bmElMjBzb2x1dGlvbnMmYXNpZD1hZF9jaDIxMiZkZT1jJnJhYz16dG5hJTIwc29sdXRpb25zJnNjbGlkPTAtMjQzMziACgHICwHaDBEKCxDAuuetobeQxrkBEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi0yOTU0OTc0MjM1NDUxNTAxGAA&sigh=fcESrTxStFc&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNJ10VG-CgE9m1qTJ90Hpq1Ojgo-BJwRy3--KjPX94l0nzZ-OSoNfPDEt8CrZK94cUYSibJ8N5qSxJ7HX5b1YJOm3CM6pjF1wYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%223638517180751499444%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210899208753408036529%22}&andc=true

Request Chain 161

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHvNhBSjL_6r8jrDgo8Jc6g&google_cver=1&google_push=AXcoOmRpNj_yQNRXtbf7-Elo_nP-pUP2HxsZlDR_9medKATzGfWQ7jfQJCBW_MYWKDFkvwGYT9TviigAZMy7mhBa5o1KIzTIvzPFVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHvNhBSjL_6r8jrDgo8Jc6g&google_push=AXcoOmRpNj_yQNRXtbf7-Elo_nP-pUP2HxsZlDR_9medKATzGfWQ7jfQJCBW_MYWKDFkvwGYT9TviigAZMy7mhBa5o1KIzTIvzPFVA

Request Chain 163

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECCB2rMAA006SEfpXKTeDg4&google_cver=1&google_push=AXcoOmTxJ6IM3JX9m1qMvimwX8fyW4RTuOdleLkjVe7PNp5BDuCos0daqt58KRqeZsVr_hb76FO6KvFCTrpiH00u3FBnx-RwvqecjQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTxJ6IM3JX9m1qMvimwX8fyW4RTuOdleLkjVe7PNp5BDuCos0daqt58KRqeZsVr_hb76FO6KvFCTrpiH00u3FBnx-RwvqecjQ&google_hm=OTE1MDY5ODI0OTIwNjM0OTI3Ng==

Request Chain 164

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSOptRYYGhkmFCUAmXkqoZzwlPNVd58WkESqqevQVfXNA5h3_Of8gcpQatti_MJ5Se8EP9cYWn1ZP1majs-YKl4eo1Zs3bZlOY&google_gid=CAESEB9XSGGJVxw--MKc0N4GbAk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB9XSGGJVxw--MKc0N4GbAk&google_hm=T1BVZmJjMTk2NjMxZmM1NDBlY2E0ZWRjY2E4YTI4YjNkOGM&google_nid=opera_norway_as&google_push=AXcoOmSOptRYYGhkmFCUAmXkqoZzwlPNVd58WkESqqevQVfXNA5h3_Of8gcpQatti_MJ5Se8EP9cYWn1ZP1majs-YKl4eo1Zs3bZlOY

Request Chain 165

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI0ZH5YUo5P3hxeoqPi4IDU&google_cver=1&google_push=AXcoOmSPb5EoipDpV-58qJ6vqnd6Y1uSOOl_3ypxMn6LB-J4C9lPnZZ5-pxwM_r-L7cWK3GcxwWHdh9gLBX5T9HMXX8eUCYpGtbMuZ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZWIxYWM2NmEtMmM0YS00YzVkLTgxYTAtNmQzYTFmMjIxMzYx&google_push=AXcoOmSPb5EoipDpV-58qJ6vqnd6Y1uSOOl_3ypxMn6LB-J4C9lPnZZ5-pxwM_r-L7cWK3GcxwWHdh9gLBX5T9HMXX8eUCYpGtbMuZ8 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 166

https://trace.mediago.io/cs/google?google_gid=CAESEOas4khBnXB7qk2hUKcCzag&google_cver=1&google_push=AXcoOmS7eQLqfbPlPrnxkf0PIF3CgQ_5GJ6-CxaK8xYhv59z6jhZxoFrR55TZ_B6rrm92ryIHcLjMvtbbIMZkHUAl3asbDEabayyqTI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS7eQLqfbPlPrnxkf0PIF3CgQ_5GJ6-CxaK8xYhv59z6jhZxoFrR55TZ_B6rrm92ryIHcLjMvtbbIMZkHUAl3asbDEabayyqTI&google_hm=f85ea035f777f60111txnj00lnqif76b

Request Chain 168

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&google_cver=1&google_push=AXcoOmR8FQqFAtbBxNy3PnET_putX0nxmg86dqKA7fQMX28jMPG2dJpR61F9-tmBcohi9Y3sBomiGbjQaU5r-4kxmOrae6HQa4ylqvE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&google_cver=1&google_push=AXcoOmR8FQqFAtbBxNy3PnET_putX0nxmg86dqKA7fQMX28jMPG2dJpR61F9-tmBcohi9Y3sBomiGbjQaU5r-4kxmOrae6HQa4ylqvE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0h1cjJMV1ExUVJMeUM1&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&google_cver=1&google_push=AXcoOmR8FQqFAtbBxNy3PnET_putX0nxmg86dqKA7fQMX28jMPG2dJpR61F9-tmBcohi9Y3sBomiGbjQaU5r-4kxmOrae6HQa4ylqvE

Request Chain 170

https://fksnk.com/cs/google?google_gid=CAESEMZbxSMm8uKfNFQUzwXgClA&google_cver=1&google_push=AXcoOmS2eIZg36b-WN45v0LFatoK-9PjuaaQ3zWqjSxotyU0nwtFBMiFroyvOc72o4Fvzf8fmLHIaMN_lkPvzk-3lA4lS2lkwkIDLkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEM3REFBNUI2RDg1NjU1NQ==

Request Chain 173

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAQ6Lrd6c34ZZjDVYwMvlwc&google_cver=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVFdYBlk8ScSJXM_S8yKoaBmnOhzlpiN_Uqh2QrxmUuVS4NmwUYd6 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAQ6Lrd6c34ZZjDVYwMvlwc&google_cver=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVFdYBlk8ScSJXM_S8yKoaBmnOhzlpiN_Uqh2QrxmUuVS4NmwUYd6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=kRxs7iSHTWCsbBIeEXgbWw==&no_redirect=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVFdYBlk8ScSJXM_S8yKoaBmnOhzlpiN_Uqh2QrxmUuVS4NmwUYd6

Request Chain 174

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENaZBZ4hyShieJ_GVwEgM4o&google_cver=1&google_push=AXcoOmT0cVHzU8wIk3NlqYoh0XceFfLo2Zo2oTxZXqiEMvFO5ML5npK2DJBrFnNBef4v8Gw4OVumSM-nat3t5ql_quJY6rlE7wGMIFBo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NjBjODEwODktYjM2MC00MzE4LWI5MzUtOGE0Yjg4MGQ4Mjlm&google_push=AXcoOmT0cVHzU8wIk3NlqYoh0XceFfLo2Zo2oTxZXqiEMvFO5ML5npK2DJBrFnNBef4v8Gw4OVumSM-nat3t5ql_quJY6rlE7wGMIFBo HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

170 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
discord.com.ua/
Redirect Chain

http://discord.clout.com.ua/
https://discord.com.ua/

122 KB
28 KB

395ms
324ms

Document
text/html

192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache / PHP/7.4.33
Resource Hash: 8315f74a7bfd856280c5d2d762b498d5b318ddccbadba9d1b17cbca34b4b35e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 20:48:18 GMT
expires: Sat, 11 Nov 2023 20:48:18 GMT
link: <https://discord.com.ua/wp-json/>; rel="https://api.w.org/", <https://discord.com.ua/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json", <https://discord.com.ua/>; rel=shortlink
server: Apache
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.33

Redirect headers

Cache-Control: private, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Oct 2023 20:48:18 GMT
Expires: Sat, 11 Nov 2023 20:48:18 GMT
Keep-Alive: timeout=2, max=100
Location: https://discord.com.ua/
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 138ms
60ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56556309-16

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0884f764f1c2afce4975cb06f843072c574d7c7a1ce75a805aca9eb0978dd8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68228
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 20:48:19 GMT

GET
DATA 200
OK truncated
/ 240 B
240 B Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631

Request headers

Referer
Origin: https://discord.com.ua
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 li.svg
discord.com.ua/wp-content/themes/basic/img/ 2 KB
748 B 74ms
74ms Image
image/svg+xml 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.com.ua/wp-content/themes/basic/img/li.svg
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: b9389cb6583f0d743318d61d4f74c3029eb5d8ed7e96b04712ebadfb2c3ad850

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 19:18:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=691200
accept-ranges: bytes
content-length: 645
expires: Sun, 22 Oct 2023 20:48:19 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 130ms
57ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Origin: https://discord.com.ua
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:07:47 GMT
x-content-type-options: nosniff
age: 182432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:07:47 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v18/ 20 KB
21 KB 142ms
70ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

acf9911eaa381e18fbd67241d47323ca848dfa1fe1fd0e1c02ba90e319809649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Origin: https://discord.com.ua
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:19:37 GMT
x-content-type-options: nosniff
age: 181722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20904
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:31:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:19:37 GMT

GET
H2 200 forkawesome-webfont.woff2
discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/ 88 KB
88 KB 42ms
41ms Font
font/woff2 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c

Request headers

Referer: https://discord.com.ua/
Origin: https://discord.com.ua
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 08 May 2021 16:59:44 GMT
server: Apache
vary: User-Agent
content-type: font/woff2
cache-control: max-age=0
accept-ranges: bytes
content-length: 90420
expires: Sat, 14 Oct 2023 20:48:19 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 109ms
37ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Origin: https://discord.com.ua
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:10:29 GMT
x-content-type-options: nosniff
age: 182270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:10:29 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v36/ 11 KB
11 KB 127ms
65ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Origin: https://discord.com.ua
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:30:51 GMT
x-content-type-options: nosniff
age: 181048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11084
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:30:51 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTglMkYwMiUyRmNyb3BwZWQtbG9nby1kaXNjb3JkLnBuZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM0LTU1MDEmdG9rZW49NDEyN...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 3 KB
3 KB 280ms
278ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTglMkYwMiUyRmNyb3BwZWQtbG9nby1kaXNjb3JkLnBuZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM0LTU1MDEmdG9rZW49NDEyNjA4MzVkMmMyOWI1Nw.q.png

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

c7f7493d76a46219fec5f2eb6a6e10d8ac3914a21e39bfd090bc395561641c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "ec2910a0b6b1a5b8750e14d78ea63ef4"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2018/02/cropped-logo-discord.png>; rel="canonical"
content-length: 2654
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwOSUyRmRpc2NvcmQtemFwaXMtenZ1a2EtMzAweDE2OS5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzNS03MTM5JnRva...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 4 KB
4 KB 183ms
181ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwOSUyRmRpc2NvcmQtemFwaXMtenZ1a2EtMzAweDE2OS5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzNS03MTM5JnRva2VuPWVlYWI1M2Q1ZjNhZTA0MWY.q.jpg

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

3fba978156e62c19d171b74f4efbd6057e52cd4756693db0cb920bba678db031

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "1f5c3b40f8e1819b71c510540a5e784c"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/09/discord-zapis-zvuka-300x169.jpg>; rel="canonical"
content-length: 4250
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwOSUyRm9jaGlzdGthLWNhc2gtZGlzY29yZC13aW5kb3dzLTMwMHgyODIucG5nJmNhY2hlTWFya2VyPTE2NjA0ODU0M...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 12 KB
12 KB 607ms
606ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwOSUyRm9jaGlzdGthLWNhc2gtZGlzY29yZC13aW5kb3dzLTMwMHgyODIucG5nJmNhY2hlTWFya2VyPTE2NjA0ODU0MzUtODE2OTUmdG9rZW49NGFhYzc4OTc2MWVmMTc0YQ.q.png

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

45b23d723f8a7382ee5e6b4788d8021d814147104eb23432929543e4f6a23c27

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "1e00325eb034f7198cd1fc0f0e15de60"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/09/ochistka-cash-discord-windows-300x282.png>; rel="canonical"
content-length: 12560
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwNCUyRmRpc2NvcmQtd2luZG93cy1rYWstaXNwcmF2aXQtMTUweDE1MC5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzN...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 3 KB
3 KB 380ms
378ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwNCUyRmRpc2NvcmQtd2luZG93cy1rYWstaXNwcmF2aXQtMTUweDE1MC5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzNS00NjMzJnRva2VuPTVmYzRlY2ZkMGMzYjE4MTc.q.jpg

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

281b26d4a91e56c896c53c98a892a2373f9759460f310d3a2aa36f80f19afaeb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "96855fdb4aabe467604572285fcc9473"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/04/discord-windows-kak-ispravit-150x150.jpg>; rel="canonical"
content-length: 3030
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwMyUyRnJlZGFrdGlyb3ZhdF90ZXh0X2Rpc2NvcmQtMzAweDEzNi5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzNS03N...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 3 KB
3 KB 277ms
276ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwMyUyRnJlZGFrdGlyb3ZhdF90ZXh0X2Rpc2NvcmQtMzAweDEzNi5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzNS03NDY1JnRva2VuPWYyOTdhNTgxZWI5NmI3YzQ.q.jpg

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

46a9222d51b37343bbb0bfed5f558865e8026ee44740d2b41474bf63b00bf7d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "74d49961b1112815fc6851151cb3c83c"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/03/redaktirovat_text_discord-300x136.jpg>; rel="canonical"
content-length: 3230
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwMyUyRmthay1kb2Jhdml0LWVtb2ppLWRpc2tvcmQtMzAweDIwOS5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzNS01O...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 3 KB
3 KB 383ms
382ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwMyUyRmthay1kb2Jhdml0LWVtb2ppLWRpc2tvcmQtMzAweDIwOS5qcGcmY2FjaGVNYXJrZXI9MTY2MDQ4NTQzNS01OTM0JnRva2VuPWEzYWMyM2ExMmRiNTE0MjQ.q.jpg

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

e8318eeaa9fb5db9b261e13ca76bb0f7eb1bef383b62c2069ea79565a23319b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "388b70da11b9109607c3b6a680e450f6"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/03/kak-dobavit-emoji-diskord-300x209.jpg>; rel="canonical"
content-length: 3228
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwOSUyRmRpc2NvcmQtZ3JhZmlrLXVzdGFub3Zvay0zMDB4MTgzLmpwZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM1LTkxO...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 5 KB
6 KB 181ms
180ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwOSUyRmRpc2NvcmQtZ3JhZmlrLXVzdGFub3Zvay0zMDB4MTgzLmpwZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM1LTkxOTcmdG9rZW49MDFlYjY3ODI4NGU3ZDcwOA.q.jpg

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

2b2783810c9102830a1c688f2fc107b54ff42804403267d4beaeba461a6fae5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "03712dbf8ea7f1f961a0238e54b70ae9"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/09/discord-grafik-ustanovok-300x183.jpg>; rel="canonical"
content-length: 5492
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwNCUyRnpvb20tdnMtZGlzY29yZC0xNTB4MTUwLmpwZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM1LTY0NzcmdG9rZW49Y...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 4 KB
4 KB 382ms
381ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwNCUyRnpvb20tdnMtZGlzY29yZC0xNTB4MTUwLmpwZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM1LTY0NzcmdG9rZW49YmU4N2ExMDI2NTVlOTZhOA.q.jpg

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

86ba404eb36df5b311ba69b6a907de3d28ee1dc58db3f91000d797a2be75fae5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "3b7e5508103a402e4fbd10869c00fd0e"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/04/zoom-vs-discord-150x150.jpg>; rel="canonical"
content-length: 4176
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwNCUyRmRpc2NvcmQtc2h1bW9wb2Rhdmxlbml5ZS0zMDB4MTk1LmpwZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM1LTExN...
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 6 KB
6 KB 376ms
375ms Image
image/webp 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGZGlzY29yZC5jb20udWElMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjAlMkYwNCUyRmRpc2NvcmQtc2h1bW9wb2Rhdmxlbml5ZS0zMDB4MTk1LmpwZyZjYWNoZU1hcmtlcj0xNjYwNDg1NDM1LTExNzEyJnRva2VuPTA4NjIxMzY2MjE3NjMxMzM.q.jpg

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

8aaa7f7eefb0d8921302476b583a938cde51f90d9f18e6a5952d2a6a678dcece

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "328a05124b201c43b1d7c5a8ad76be6f"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
link: <https://discord.com.ua/wp-content/uploads/2020/04/discord-shumopodavleniye-300x195.jpg>; rel="canonical"
content-length: 6144
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1idW5kbGVyJnI9U3RkcTFialBvMEU.q.js Show response
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 8 KB
9 KB 275ms
275ms XHR
text/plain 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9U3RkcTFialBvMEU.q.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

a0a6ee4674496a257bdb2735d9c6f692edd4caf417bf46ec418837d3b1d9027c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "0409834b2943b53eb017002c15ebd0cb"
vary: Accept-Encoding,User-Agent
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1idW5kbGVyJnI9R1U3eHZ6UElMMUE.q.js Show response
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 6 KB
6 KB 376ms
375ms XHR
text/plain 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9R1U3eHZ6UElMMUE.q.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

50f61633c4298b6514e8a46999662a1198d2fcba261d6e7f63ac5b977dc8ac5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "9b75599f8628bff4da6d283b3510f435"
vary: Accept-Encoding,User-Agent
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1idW5kbGVyJnI9dERnQkZBM1BOQWcmcj13MXdVdjJGelhiOA.q.js Show response
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 15 KB
16 KB 607ms
606ms XHR
text/plain 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9dERnQkZBM1BOQWcmcj13MXdVdjJGelhiOA.q.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

9a5622da2eff4032f98f4dd10c6859689fd9e05a739ba96a9bc96b6ae6bdbbaa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "d46c44128858d816ac3b0298dd4a1a39"
vary: Accept-Encoding,User-Agent
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 66ms
65ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BDW6YPKYGE&l=dataLayer&cx=c

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6b51cf54e17f23b685482938018ba87f410b930b08119e88391f9079e47c89ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78660
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 20:48:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 108ms
35ms Script
text/javascript 142.251.163.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 19:46:05 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3734
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 14 Oct 2023 21:46:05 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 44ms
43ms Ping
text/plain 142.251.163.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BDW6YPKYGE&gtm=45je3ab0&_p=1441788431&cid=1829976361.1697316499&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1697316499&sct=1&seg=0&dl=https%3A%2F%2Fdiscord.com.ua%2F&dt=Discord%20%E2%80%94%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%94%D0%B8%D1%81%D0%BA%D0%BE%D1%80%D0%B4%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%2C%20iOS&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BDW6YPKYGE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://discord.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 43ms
43ms XHR
text/plain 142.251.163.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1441788431&t=pageview&_s=1&dl=https%3A%2F%2Fdiscord.com.ua%2F&ul=en-us&de=UTF-8&dt=Discord%20%E2%80%94%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%94%D0%B8%D1%81%D0%BA%D0%BE%D1%80%D0%B4%20%D0%B4%D0%BB%D1%8F%20Windows%2C%20Android%2C%20iOS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=245587378&gjid=1482126762&cid=1829976361.1697316499&tid=UA-56556309-16&_gid=220060878.1697316499&_r=1&gtm=457e3ab0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=910241182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://discord.com.ua/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://discord.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.min.css
discord.com.ua/wp-includes/css/dist/block-library/ 57 KB
9 KB 39ms
39ms Stylesheet
text/css 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=5.7.9
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: gzip
last-modified: Sat, 08 May 2021 16:58:54 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
content-length: 8685
expires: Sat, 11 Nov 2023 20:48:19 GMT

GET
H2 200 style.css
discord.com.ua/wp-content/themes/basic/ 29 KB
7 KB 39ms
39ms Stylesheet
text/css 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-content/themes/basic/style.css?ver=1
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: a7fba81a4510be9fe7ad6dc107aeda80a76b4841016f4a80e64975650942112b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 19:18:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
content-length: 7446
expires: Sat, 11 Nov 2023 20:48:19 GMT

GET
H2 200 shortcodes.css
discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/css/ 46 KB
8 KB 40ms
39ms Stylesheet
text/css 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.9.8
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: 22573d047950fe1d93b9440ce786ea90ae0f889c29857272f8deca81399c9004

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: gzip
last-modified: Sat, 08 May 2021 16:59:44 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
content-length: 7937
expires: Sat, 11 Nov 2023 20:48:19 GMT

GET
H2 200 icons.css
discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/css/ 33 KB
8 KB 39ms
39ms Stylesheet
text/css 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: gzip
last-modified: Sat, 08 May 2021 16:59:44 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
content-length: 8055
expires: Sat, 11 Nov 2023 20:48:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 127ms
56ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

ba0472eb251992a88cb6e5966ceeb5a720abc6fbe4be9bfc743a74efc67124b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51311
x-xss-protection: 0
server: cafe
etag: 955328329972604326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:19 GMT

GET
H2 200 c2VydmljZT1zY3JpcHRzJnNyYz1odHRwcyUzQSUyRiUyRmRpc2NvcmQuY29tLnVhJTJGd3AtaW5jbHVkZXMlMkZqcyUyRndwLWVtb2ppLXJlbGVhc2UubWluLmpzJTNGdmVyJTNENS43LjkmY2FjaGVNYXJrZXI9MjM1NzM4.q.js Show response
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 4 KB
5 KB 75ms
74ms Script
application/javascript 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1zY3JpcHRzJnNyYz1odHRwcyUzQSUyRiUyRmRpc2NvcmQuY29tLnVhJTJGd3AtaW5jbHVkZXMlMkZqcyUyRndwLWVtb2ppLXJlbGVhc2UubWluLmpzJTNGdmVyJTNENS43LjkmY2FjaGVNYXJrZXI9MjM1NzM4.q.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

f537ab392da2e07cfa40d5a91725acc6ed9e5a063091313c8c31e75205b56784

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "5aa309e55621e9be0f2d28175ba259a0"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1idW5kbGVyJnI9WjZoeVhqRnRmX0U.q.js Show response
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 30 KB
31 KB 154ms
154ms XHR
text/plain 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9WjZoeVhqRnRmX0U.q.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

a13ae04ba06b24d8012905bf66223044a469ea7cee9b01c48da3ca9385ac354c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "465cc5cceedcc0c778e3631cc1a1133f"
vary: Accept-Encoding,User-Agent
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 c2VydmljZT1idW5kbGVyJnI9SzkzN3I4Z2puR0kmcj1RSU5UOGdnN2RJOCZyPXI1NTdDTzdIUzZB.q.js Show response
discord.com.ua/wp-content/plugins/phastpress/phast.php/ 5 KB
5 KB 152ms
151ms XHR
text/plain 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com.ua/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9SzkzN3I4Z2puR0kmcj1RSU5UOGdnN2RJOCZyPXI1NTdDTzdIUzZB.q.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.99.147.139 , Canada, ASN16276 (OVH, FR),

Reverse DNS

s6.uahosting.com.ua

Software

Apache / PHP/7.4.33

Resource Hash

479f89a8e5c23f2a3157ea0174b683d07ce4f65002699f5f049411cc776d4e04

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-accel-expires: 31536000
content-security-policy: default-src 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 14 Oct 2023 20:48:19 GMT
server: Apache
x-powered-by: PHP/7.4.33
etag: "e13b1459e144ee2ababc21d131a1f464"
vary: Accept-Encoding,User-Agent
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, private, must-revalidate
expires: Sun, 13 Oct 2024 20:48:19 GMT

GET
H2 200 forkawesome-webfont.woff2
discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/ 88 KB
88 KB 41ms
41ms Font
font/woff2 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c

Request headers

Referer: https://discord.com.ua/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Origin: https://discord.com.ua
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
last-modified: Sat, 08 May 2021 16:59:44 GMT
server: Apache
vary: User-Agent
content-type: font/woff2
cache-control: max-age=0
accept-ranges: bytes
content-length: 90420
expires: Sat, 14 Oct 2023 20:48:19 GMT

GET
H2 200 jquery.min.js Show response
discord.com.ua/wp-includes/js/jquery/ 87 KB
30 KB 43ms
42ms Script
application/javascript 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:19 GMT
content-encoding: gzip
last-modified: Sat, 08 May 2021 16:58:51 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 30916
expires: Sat, 11 Nov 2023 20:48:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
discord.com.ua/wp-includes/js/jquery/ 11 KB
4 KB 39ms
38ms Script
application/javascript 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
content-encoding: gzip
last-modified: Sat, 08 May 2021 16:58:52 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4169
expires: Sat, 11 Nov 2023 20:48:20 GMT

GET
H2 200 functions.js Show response
discord.com.ua/wp-content/themes/basic/js/ 1 KB
614 B 39ms
39ms Script
application/javascript 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-content/themes/basic/js/functions.js?ver=1
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 19:18:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 580
expires: Sat, 11 Nov 2023 20:48:20 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/ 393 KB
134 KB 87ms
86ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

c160846cd593ba15f1e6f51be456a3e96299ae27dfa6cdd8f887979599a1ae94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136649
x-xss-protection: 0
server: cafe
etag: 3224050262761751987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:20 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 398C 9 KB
4 KB 108ms
35ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 8091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 18:33:29 GMT
etag: 6119613530591461916
expires: Sat, 28 Oct 2023 18:33:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wp-embed.min.js Show response
discord.com.ua/wp-includes/js/ 1 KB
861 B 38ms
38ms Script
application/javascript 192.99.147.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.com.ua/wp-includes/js/wp-embed.min.js?ver=5.7.9
Requested by: Host: discord.com.ua
URL: https://discord.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.147.139 , Canada, ASN16276 (OVH, FR),
Reverse DNS: s6.uahosting.com.ua
Software: Apache /
Resource Hash: 6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
content-encoding: gzip
last-modified: Thu, 25 May 2023 18:38:00 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 804
expires: Sat, 11 Nov 2023 20:48:20 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 117ms
45ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=discord.com.ua&callback=_gfp_s_&client=ca-pub-2954974235451501

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

eb80310c74df8566860ae7d69b4474e07e4dc31af372ed2b8090a0d3061c3500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DED 685 KB
115 KB 882ms
881ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&adk=1812271804&adf=3025194257&lmt=1697341700&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C260x675_r&tp=site_kit&format=0x0&url=https%3A%2F%2Fdiscord.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316500040&bpp=14&bdt=964&idt=143&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3652207399414&frm=20&pv=2&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=166

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

cb105175463840c02ba7068adbf8c1e2d9b9271f8f20b01433d1e9cf05e91f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 117577
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
expires: Sat, 14 Oct 2023 20:48:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 129ms
57ms XHR
application/json 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

398f6a84d707e7a6db1a79524df8624604f74e35577f19b5f6c5b52fb155acdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12172
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 637A 127 KB
42 KB 1070ms
1070ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=280&adk=2012851121&adf=753444050&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1697341700&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x280&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316500054&bpp=3&bdt=978&idt=162&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w0ZMrPBi58&p=https%3A//discord.com.ua&dtd=167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

e162246ba200da0816cc502d868122d384f5c1796d49bb662e2157bd41adb567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43147
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
expires: Sat, 14 Oct 2023 20:48:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 111ms
37ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 20:48:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0205 13 KB
5 KB 36ms
36ms Document
text/html 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 181666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 18:20:34 GMT
expires: Fri, 11 Oct 2024 18:20:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CDA1 829 B
1 KB 122ms
50ms Document
text/html 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f147.1e100.net

Software

GSE /

Resource Hash

c3d99d5f2717bce929a32266aea376ce84a8cee81ba4cd1cfee3980ae508e816

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WOq7bXmdMUTjf5I3m6cp5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WOq7bXmdMUTjf5I3m6cp5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:20 GMT
expires: Sat, 14 Oct 2023 20:48:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0205 37 KB
14 KB 37ms
36ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 04:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 04:44:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CDA1 0
0 92ms
92ms Image
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=1126908763937889&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0205 0
10 B 35ms
34ms Image
text/plain 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t_1_DA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/ 157 KB
53 KB 75ms
75ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/reactive_library_fy2021.js?bust=31078773

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

0c90efa027d2f1c5265e0e06531a1e8359a10d232647587f10da6d2917c52aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54693
x-xss-protection: 0
server: cafe
etag: 4938726960560870807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3301 436 B
238 B 840ms
840ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=280&adk=1421864282&adf=2366561231&pi=t.aa~a.2746192485~i.37~rp.4&daaos=1697310157268&w=725&fwrn=4&fwrnh=100&lmt=1697341701&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9019949464&tp=site_kit&ad_type=text_image&format=725x280&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rh=182&rw=725&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2133&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JlrgtL19NP&p=https%3A//discord.com.ua&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

07c385950086ecec194db94b08bb2eed024e56ec32869943cb16ddad9fcf49ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:22 GMT
expires: Sat, 14 Oct 2023 20:48:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F756 59 KB
21 KB 447ms
447ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

00f0ff99ea10899c9ee30db2630458cbfeac2de90cb2758774ff23928d0e4575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21288
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
expires: Sat, 14 Oct 2023 20:48:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E3E 59 KB
21 KB 450ms
450ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

90e246f38bb4d23b39626725c2263f2c21ef88f51ce5dc4dafd5f40e48fec1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21348
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
expires: Sat, 14 Oct 2023 20:48:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=1126908763937889&bg=!-fql-rXNAAbFpEfJ5aQ7ADQBe5WfOBiF7ZLqcYljA5jdK-4XRzWlX2PpLqYrN5r5bZCQMRb2k03eQ2Xa3Rfjjlwl2_25AgAAAEJSAAAABmgBB5kC6dOJirTc3GWGr-7mEKOGNV1lwWk4r374laAJXypJSUqfpNVfED_ZOSxdmqKg1AMAjhzuAwSsOzdPJ1NnbvN5wy1hftBKnRgPwHU_UCMmt4ezE9hxEejqMTo7pV9Yhm4xrTAlTF6UEDqeIeVzWxMhQdRLQbEgmVUqvHJhGJxH7lCeGcZBfUYl2ObDh18tZ4A4F31JNUXcOxO_xqAGPU4RzHJ5u92d3QnLvdAlI11FeGYdsU3HpMbxv1RZW_-Btiw-kLy8_LW8PTk0xMZQEeAluYG1N6HGEWx1PKuFCHVSPYduI0navd_5i9I5rmqgNOIwbFJBckvDXsvEdJQ4JtzFxvDzYBB7Kz85HrQeuNXaVhS3aJQZhTBJa9P-ZOLKp_kW1bdaJJXiKqv5uF8QNh1uwsdWieoMzgOlN2xFmgF9VLKSBak57NmvfJx_1U453dwrpFMMntsdllwCyR-Ez5VcXdu-OfWbZLrBZMnK3N5f5Kuxj0sS26dSx4fHs4s6XH7ScQspCLWraOp7jJwuBpDZOMCKdfzrgYE7N5LgpEyHYuz0BKpsuYYLRlMoNSSBcaxbkAVDHuAqJAwVB5Yjr881eZK4iPp7bxvmDHMPs0uUOLrmDQAvuvXfC0d9JUAJC3NO_e2EKrCFcwGYEj-j5Si3gOOWGORv1Jz8gLI2W0hFY_kdn0URioz889QXv2ad63IsMYZ7hOSnAnlJQ7oUMvcQWzrf0lnTPyMEQ-USseuvpXGoEcjauQaCYKzvPwLtAVi_faHsoBiBdjvSWz1FNz8vivnLm5O-1qtvS7zctga_Cy8m5qzx_qPywSDbQcvPLrK3jPPOh3d2Chjn9U9_v_SFXSHuidP6qU1glXoqZfD_qsTlj-7uwdCiXDNV_A0N2u0eb0FlxRnwOCDwQYQiLbzEIVI2pwqV9SvSQJB2aKfbcjg7OWkfRn5xJ4VhkEnHRnwKnOJ43YaVZUirIzHcnf9M_CLPagYTJ8z8Svs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://discord.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 637A 9 KB
4 KB 111ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=280&adk=2012851121&adf=753444050&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1697341700&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x280&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316500054&bpp=3&bdt=978&idt=162&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w0ZMrPBi58&p=https%3A//discord.com.ua&dtd=167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:53:49 GMT

GET
H2 200 f9452dcf4f221a00d49f3197c484e17d.js Show response
www.gstatic.com/mysidia/ Frame 637A 11 KB
5 KB 113ms
38ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:48:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 637A 14 KB
2 KB 121ms
46ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 18:49:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 637A 2 KB
892 B 48ms
45ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:25:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 637A 23 KB
9 KB 49ms
47ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 637A 3 KB
1 KB 47ms
46ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:12:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 637A 20 KB
8 KB 36ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 637A 187 KB
59 KB 111ms
37ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 637A 35 KB
15 KB 36ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:33:17 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 5D33 9 KB
4 KB 37ms
36ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 8141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 18:32:40 GMT
etag: 6119613530591461916
expires: Sat, 28 Oct 2023 18:32:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 4808 9 KB
4 KB 36ms
36ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 8141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 18:32:40 GMT
etag: 6119613530591461916
expires: Sat, 28 Oct 2023 18:32:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame D338 9 KB
4 KB 37ms
36ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 8141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 18:32:40 GMT
etag: 6119613530591461916
expires: Sat, 28 Oct 2023 18:32:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 2723 9 KB
4 KB 37ms
37ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_fy2021.js?bust=31078773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 8141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 18:32:40 GMT
etag: 6119613530591461916
expires: Sat, 28 Oct 2023 18:32:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5D33 4 KB
744 B 46ms
45ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 18:56:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5D33 205 B
520 B 37ms
36ms Image
image/png 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:51:43 GMT
x-content-type-options: nosniff
age: 111398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 12 Oct 2024 13:51:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5D33 604 B
695 B 39ms
38ms Image
image/png 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:33:17 GMT
x-content-type-options: nosniff
age: 112504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 12 Oct 2024 13:33:17 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 5D33 15 KB
6 KB 36ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6575
x-xss-protection: 0
server: cafe
etag: 17858602555770451360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:21:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 5D33 20 KB
8 KB 37ms
37ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8568
x-xss-protection: 0
server: cafe
etag: 3657364187347500438
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:09:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4808 14 KB
1 KB 48ms
47ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 20:35:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 4808 2 KB
892 B 37ms
36ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:25:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 4808 23 KB
9 KB 37ms
36ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 4808 3 KB
1 KB 37ms
36ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:12:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 4808 20 KB
8 KB 39ms
38ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4808 187 KB
59 KB 38ms
37ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 4808 35 KB
15 KB 37ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:33:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D338 14 KB
1 KB 49ms
48ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 20:24:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D338 2 KB
892 B 35ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:25:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame D338 23 KB
9 KB 37ms
36ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D338 3 KB
1 KB 36ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:12:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D338 20 KB
8 KB 38ms
37ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D338 187 KB
59 KB 48ms
48ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame D338 35 KB
15 KB 36ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:33:17 GMT

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 2723 9 KB
4 KB 42ms
38ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:53:49 GMT

GET
H2 200 f9452dcf4f221a00d49f3197c484e17d.js Show response
www.gstatic.com/mysidia/ Frame 2723 11 KB
5 KB 40ms
37ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:48:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2723 14 KB
1 KB 52ms
49ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 18:58:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 2723 2 KB
892 B 39ms
37ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:25:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 2723 23 KB
9 KB 41ms
38ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 2723 3 KB
1 KB 40ms
38ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:12:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 2723 20 KB
8 KB 43ms
40ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2723 187 KB
59 KB 47ms
46ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 2723 35 KB
15 KB 41ms
39ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:33:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D32A 14 KB
1 KB 47ms
47ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 19:42:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D32A 2 KB
892 B 36ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:25:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame D32A 23 KB
9 KB 37ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C82 143 B
166 B 36ms
35ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 63
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:47:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D32A 3 KB
1 KB 35ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:12:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D32A 20 KB
8 KB 36ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D32A 187 KB
59 KB 39ms
38ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame D32A 35 KB
14 KB 37ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 13:33:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86CE 143 B
166 B 36ms
36ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=280&adk=2012851121&adf=753444050&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1697341700&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x280&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316500054&bpp=3&bdt=978&idt=162&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w0ZMrPBi58&p=https%3A//discord.com.ua&dtd=167
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 63
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:47:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 637A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88be29a37dc08a868f16d5ddecd308657c5444cc0f5cdedd8de0899b47810d67

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 637A 33 KB
33 KB 36ms
35ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:28:03 GMT
x-content-type-options: nosniff
age: 181218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:28:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2723
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CwTEUlP4qZYuoD4_4xtYPsZ-cwAm9pczIc_KU4OSEEtCz-vqNDhABILLK_GRg_aCZgegDoAHBtdGpKsgBAagDAcgDywSqBMsBT9AYh8S2Vewxit_CgUf482qG9ffTfIOEB3ljpV8z8DlMFnt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaddac8a26c4bee0000000000000000%22,%222%22:%220x551c68b73497e9f60000000000000000%22,%223%22:%220x75d774...

0
0

126ms
51ms

Fetch
text/css

142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaddac8a26c4bee0000000000000000%22,%222%22:%220x551c68b73497e9f60000000000000000%22,%223%22:%220x75d774c1dce29d810000000000000000%22,%224%22:%220x25f0005f975def200000000000000000%22,%225%22:%220x5fc3a22df8c19e400000000000000000%22},%22debug_key%22:%227762998134441355550%22,%22debug_reporting%22:true,%22destination%22:%22https://krauto.tips%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211361606337%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224357111896199818753%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xafaddac8a26c4bee0000000000000000","2":"0x551c68b73497e9f60000000000000000","3":"0x75d774c1dce29d810000000000000000","4":"0x25f0005f975def200000000000000000","5":"0x5fc3a22df8c19e400000000000000000"},"debug_key":"7762998134441355550","debug_reporting":true,"destination":"https://krauto.tips","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11361606337"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"4357111896199818753"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Oct 2023 20:48:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Oct 2023 20:48:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xafaddac8a26c4bee0000000000000000","2":"0x551c68b73497e9f60000000000000000","3":"0x75d774c1dce29d810000000000000000","4":"0x25f0005f975def200000000000000000","5":"0x5fc3a22df8c19e400000000000000000"},"debug_key":"7762998134441355550","debug_reporting":true,"destination":"https://krauto.tips","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11361606337"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"4357111896199818753"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B79F 143 B
166 B 36ms
36ms Document
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 63
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:47:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14224294663322987388/ Frame 4808 26 KB
26 KB 37ms
37ms Image
image/jpeg 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14224294663322987388/14763004658117789537?w=400&h=209&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

sffe /

Resource Hash

ffd890bf12820248e842003f386d8efe51172ace5c76156d494f732ef6b04c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:34:20 GMT
x-content-type-options: nosniff
age: 841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26802
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:20:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Oct 2024 20:34:20 GMT

GET
DATA 200
OK truncated
/ Frame 4808 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4808 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4808 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0fd9b9c035336ed973e20bd7c29319df0fcc87584f3b96f26ef602b2a8e0f61

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2723 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5da2e8638a2b5c3f7e2b63b9f7603d83857046e9e1e08e8e219f1ff7d81c0568

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C82
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
45ms

Document
text/html

142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
expires: Sat, 14 Oct 2023 20:48:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
45ms

Document
text/html

142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
expires: Sat, 14 Oct 2023 20:48:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 9782 89 KB
29 KB 179ms
42ms Script
application/javascript 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
x-azure-ref-originshield: 0N1oqZQAAAACby9N0odksQ5SCt+xG9MkNTU5aMjIxMDYwNjEyMDM1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: PotOPf+YQ2Xxf+TSXc0mXw==
etag: 0x8DBC9B6675A26FC
x-azure-ref: 0lf4qZQAAAAC5sjqiUgCgR5RK6ws38t8tWVRPMjIxMDkwODIwMDQ1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c20ff7be-e01e-002d-3c70-fe2496000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 9782 80 KB
28 KB 68ms
17ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Sat, 14 Oct 2023 20:48:21 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 8239923
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-yyz4526-YYZ
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1697316502.911512,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 26, 1287531

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 9782 3 KB
1 KB 36ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:12:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 9782 20 KB
8 KB 37ms
37ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9782 0
0 48ms
47ms Image
text/html 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4WzkzuRIBs8VD1i7pbSQccfpTCfZLdeXFuKgK4f-bGasfCq5OwXiAc-fTPpsXXg08XhHIPBnyrX15bwG_uovBCmVNnw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.163.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9782 187 KB
59 KB 37ms
37ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 9782
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f4011f00-01c4-489c-8a2b-d69d0a67111c&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=274825ad-6cc4-48e6-ac6...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(11-0)?&RG=f5cf5615e8cc44d8ae3fecaf64b374cb&SNR=1&GV=2&med=10

0
184 B

113ms
113ms

Image
text/plain

204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(11-0)?&RG=f5cf5615e8cc44d8ae3fecaf64b374cb&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Protocol: H2
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF12A19635D047A491416A92C309DDEE Ref B: YTO01EDGE0822 Ref C: 2023-10-14T20:48:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 14 Oct 2023 20:48:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4DC003125544E0B85200DA62D7B2C6C Ref B: YTO01EDGE0822 Ref C: 2023-10-14T20:48:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(11-0)?&RG=f5cf5615e8cc44d8ae3fecaf64b374cb&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 156
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 306A 89 KB
29 KB 181ms
60ms Script
application/javascript 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
x-azure-ref-originshield: 0N1oqZQAAAACby9N0odksQ5SCt+xG9MkNTU5aMjIxMDYwNjEyMDM1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: PotOPf+YQ2Xxf+TSXc0mXw==
etag: 0x8DBC9B6675A26FC
x-azure-ref: 0lf4qZQAAAAA1HbLlGWnVS5lpF+dED/SFWVRPMjIxMDkwODIwMDQ1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c20ff7be-e01e-002d-3c70-fe2496000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 306A 80 KB
28 KB 53ms
17ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Sat, 14 Oct 2023 20:48:21 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 8239922
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-yyz4534-YYZ
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1697316502.912037,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 26, 1186581

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 306A 3 KB
1 KB 37ms
35ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:12:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 306A 20 KB
8 KB 38ms
36ms Script
text/javascript 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 18:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:30:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 306A 0
0 49ms
47ms Image
text/html 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOCG_T2KI-bNHGaOwDZ0tfMQ_kV468daAWdwQ1zCupvoleJh8TZVqFNa9OAl5oxbCrMtCKVXDI9rWiufy4_P2HQ5gghQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.163.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 306A 187 KB
59 KB 39ms
38ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 20:48:21 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 306A
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=523521dc-7c1f-4b8a-9294-05cd9bc38bed&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=2f218234-1b27-47c1-bca...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(13-0)?&RG=982219efdee9481daf5af1d32899d5bf&SNR=1&GV=2&med=10

0
315 B

55ms
55ms

Image
text/plain

204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(13-0)?&RG=982219efdee9481daf5af1d32899d5bf&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18
Protocol: H2
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D257E76FFD454519A62B5B741AAB54B8 Ref B: YTO01EDGE0822 Ref C: 2023-10-14T20:48:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 14 Oct 2023 20:48:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1BB72F89C054AD7BD1EDFC8D46E2490 Ref B: YTO01EDGE0822 Ref C: 2023-10-14T20:48:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(13-0)?&RG=982219efdee9481daf5af1d32899d5bf&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 156
expires: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14224294663322987388/ Frame D338 26 KB
26 KB 36ms
36ms Image
image/jpeg 142.251.163.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14224294663322987388/14763004658117789537?w=400&h=209&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f132.1e100.net

Software

sffe /

Resource Hash

ffd890bf12820248e842003f386d8efe51172ace5c76156d494f732ef6b04c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:34:20 GMT
x-content-type-options: nosniff
age: 841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26802
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:20:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Oct 2024 20:34:20 GMT

GET
DATA 200
OK truncated
/ Frame D338 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D338 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D338 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd1c3235540dbc7bcd6c75d2839bb31cbd031f427f0fc2c605b6dc01d96283d0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame F632 37 KB
14 KB 38ms
36ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 14:00:12 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4808
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CKINblP4qZYmoD4_4xtYPsZ-cwAma6eCnc5Se_aXfEZCSu5mzPxABILLK_GRg_aCZgegDoAGn29ONKsgBCakC3vU6GeShsT6oAwHIA8sEqgTKAU_QvEvHR-shtx5uLYy_uyfdWw4u-sMRNWX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844...

0
0

52ms
51ms

Fetch
text/css

142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%225915657346663634482%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222331451605018969329%22}&andc=true

Protocol

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x58f6f4fb4fefa7690000000000000000","2":"0xe6a924637fe4a1960000000000000000","3":"0xa9d844ea83159c450000000000000000","4":"0xdf753e769fa131f50000000000000000","5":"0x67db743c5a1bdcdf0000000000000000"},"debug_key":"5915657346663634482","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302923687"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"2331451605018969329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Oct 2023 20:48:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Oct 2023 20:48:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x58f6f4fb4fefa7690000000000000000","2":"0xe6a924637fe4a1960000000000000000","3":"0xa9d844ea83159c450000000000000000","4":"0xdf753e769fa131f50000000000000000","5":"0x67db743c5a1bdcdf0000000000000000"},"debug_key":"5915657346663634482","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302923687"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"2331451605018969329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 126ms
51ms Preflight
text/html 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 20:48:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame A088 37 KB
14 KB 39ms
38ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 14:00:12 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D338
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFKFllP4qZYqoD4_4xtYPsZ-cwAma6eCnc5Se_aXfEZCSu5mzPxABILLK_GRg_aCZgegDoAGn29ONKsgBCakC3vU6GeShsT6oAwHIA8sEqgTKAU_Q1VB5Ff9oktIRcDBatvccGlM47I4jpXJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844...

0
0

53ms
52ms

Fetch
text/css

142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%2213595606980980217936%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22624708314917736849%22}&andc=true

Protocol

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x58f6f4fb4fefa7690000000000000000","2":"0xe6a924637fe4a1960000000000000000","3":"0xa9d844ea83159c450000000000000000","4":"0xdf753e769fa131f50000000000000000","5":"0x67db743c5a1bdcdf0000000000000000"},"debug_key":"13595606980980217936","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302923687"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"624708314917736849"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Oct 2023 20:48:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Oct 2023 20:48:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x58f6f4fb4fefa7690000000000000000","2":"0xe6a924637fe4a1960000000000000000","3":"0xa9d844ea83159c450000000000000000","4":"0xdf753e769fa131f50000000000000000","5":"0x67db743c5a1bdcdf0000000000000000"},"debug_key":"13595606980980217936","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302923687"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"624708314917736849"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B79F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
44ms

Document
text/html

142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:22 GMT
expires: Sat, 14 Oct 2023 20:48:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 20:48:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 759D 37 KB
14 KB 36ms
36ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 14:00:12 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 637A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8eQ1lP4qZff6D5aPvPIPlY-wwAqa6eCnc5Se_aXfEZCSu5mzPxABILLK_GRg_aCZgegDoAGn29ONKsgBAakC3vU6GeShsT6oAwHIA8sEqgTRAU_QcxYAaU5NF4oQVt5GSR08fZWpscdPako...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844...

0
0

52ms
51ms

Fetch
text/css

142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%223638517180751499444%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210899208753408036529%22}&andc=true

Protocol

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x58f6f4fb4fefa7690000000000000000","2":"0xe6a924637fe4a1960000000000000000","3":"0xa9d844ea83159c450000000000000000","4":"0xdf753e769fa131f50000000000000000","5":"0x67db743c5a1bdcdf0000000000000000"},"debug_key":"3638517180751499444","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302923687"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"10899208753408036529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Oct 2023 20:48:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x58f6f4fb4fefa7690000000000000000","2":"0xe6a924637fe4a1960000000000000000","3":"0xa9d844ea83159c450000000000000000","4":"0xdf753e769fa131f50000000000000000","5":"0x67db743c5a1bdcdf0000000000000000"},"debug_key":"3638517180751499444","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302923687"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"10899208753408036529"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FF6 37 KB
14 KB 35ms
35ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: discord.com.ua
URL: https://discord.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 14:00:12 GMT

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E0C 37 KB
14 KB 36ms
36ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 14:00:12 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 52ms
51ms Preflight
text/html 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 20:48:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
51ms Preflight
text/html 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%2213595606980980217936%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22624708314917736849%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 20:48:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
50ms Preflight
text/html 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x58f6f4fb4fefa7690000000000000000%22,%222%22:%220xe6a924637fe4a1960000000000000000%22,%223%22:%220xa9d844ea83159c450000000000000000%22,%224%22:%220xdf753e769fa131f50000000000000000%22,%225%22:%220x67db743c5a1bdcdf0000000000000000%22},%22debug_key%22:%223638517180751499444%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302923687%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210899208753408036529%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 20:48:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 th
www.bing.com/ Frame 9782 9 KB
9 KB 40ms
39ms Image
image/jpeg 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7146935802466_1KRS1I5WI5BE9EWQ6J&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: c308dc96fb18755d83ad1ee6185e01c501ace9904446bf82051643232b37c92e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 802D6E76ABDE43E2B628BE5660201695 Ref B: YTO01EDGE0822 Ref C: 2023-10-14T20:48:22Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 9001

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame 9782 0
530 B 117ms
36ms Script
text/html 68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fdiscord.com.ua&e=wqT_3QLmA8jmAQAAAwDWAAUBCJX9q6kGEMrYi-D8ouGWVxgAKjYJAu2wlyScmz8RBGs4QRnImj8ZAAABAgzwPyEEDRIAKREkyDEAAADA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHgAgAEBigEDVVNEkgUG8LaYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vZGlzY29yZC5jb20udWGAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF38igjtH-4cVlwAUAyQUhBxwAAPA_0gUJCQkMeAAA2AUA4AUB8AWgoVH6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBaBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQI2gcGAVykGADgBwDqBwIIAPAH57EJiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=c8bed29b564cff71953de81c6cd835074586e861&bdref=https%3A%2F%2Fdiscord.com.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fdiscord.com.ua%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2954974235451501%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2913177901%26pi%3Dt.aa~a.372871807~rp.4%26daaos%3D1697310157268%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697341701%26rafmt%3D1%26to%3Dqs%26pwprc%3D9019949464%26tp%3Dsite_kit%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fdiscord.com.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697316501209%26bpp%3D1%26bdt%3D2132%26idt%3D-M%26shv%3Dr20231011%26mjsv%3Dm202310110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D90dbee57f6fd4318-22a7000894e4003c%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg%26gpic%3DUID%253D00000d999fdc1bea%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q%26prev_fmts%3D0x0%252C1200x280%252C725x280%26nras%3D4%26correlator%3D3652207399414%26frm%3D20%26pv%3D1%26ga_vid%3D1829976361.1697316499%26ga_sid%3D1697316500%26ga_hid%3D1441788431%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2682%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31078362%252C44795921%252C44804684%252C44805099%252C44805675%252C44805681%252C31078773%26oid%3D2%26pvsid%3D1126908763937889%26tmod%3D1779632347%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DRHsnboKzX4%26p%3Dhttps%253A%2F%2Fdiscord.com.ua%26dtd%3D14,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2954974235451501%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D2913177901%26pi%3Dt.aa~a.372871807~rp.4%26daaos%3D1697310157268%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697341701%26rafmt%3D1%26to%3Dqs%26pwprc%3D9019949464%26tp%3Dsite_kit%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fdiscord.com.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697316501209%26bpp%3D1%26bdt%3D2132%26idt%3D-M%26shv%3Dr20231011%26mjsv%3Dm202310110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D90dbee57f6fd4318-22a7000894e4003c%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg%26gpic%3DUID%253D00000d999fdc1bea%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q%26prev_fmts%3D0x0%252C1200x280%252C725x280%26nras%3D4%26correlator%3D3652207399414%26frm%3D20%26pv%3D1%26ga_vid%3D1829976361.1697316499%26ga_sid%3D1697316500%26ga_hid%3D1441788431%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2682%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31078362%252C44795921%252C44804684%252C44805099%252C44805675%252C44805681%252C31078773%26oid%3D2%26pvsid%3D1126908763937889%26tmod%3D1779632347%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DRHsnboKzX4%26p%3Dhttps%253A%2F%2Fdiscord.com.ua%26dtd%3D14&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
an-x-request-uuid: cbea8057-787a-470f-b26b-ed685ee769d3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.200; 86.48.14.200; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 306A 10 KB
10 KB 39ms
38ms Image
image/jpeg 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7146935802199_1F9KT28D8VK2LZT1CL&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: 74c39574dd06be5d194b590541f37b8efe7d337008846e48dda3a28fed30e73f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11FEE27916ED431C825F53A0EACF4735 Ref B: YTO01EDGE0822 Ref C: 2023-10-14T20:48:22Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10545

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame 306A 0
530 B 107ms
36ms Script
text/html 68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fdiscord.com.ua&e=wqT_3QLqA8jqAQAAAwDWAAUBCJX9q6kGEIri8YG56v7hdhgAKjYJT55CDfVenj8R66hXYbV1nT8ZAAABAgzwPyHrDRIAKREk0DEAAADA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHiVvgWAAQGKAQNVU0SSBQbwtpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIWaHR0cHM6Ly9kaXNjb3JkLmNvbS51YYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXYkoWJrcqMvSHABQDJBSEJHAAA8D_SBQkJCQx4AADYBQHgBQHwBaChUfoFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAeVvgXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB-exCYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=b7ef7ac295494ce3e0992798d891af805d2952d1&bdref=https%3A%2F%2Fdiscord.com.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fdiscord.com.ua%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2954974235451501%26output%3Dhtml%26h%3D90%26adk%3D3187286696%26adf%3D391540361%26pi%3Dt.aa~a.2637067697~rp.1%26daaos%3D1697310157268%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697341701%26rafmt%3D1%26to%3Dqs%26pwprc%3D9019949464%26tp%3Dsite_kit%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fdiscord.com.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697316501209%26bpp%3D1%26bdt%3D2132%26idt%3D0%26shv%3Dr20231011%26mjsv%3Dm202310110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D90dbee57f6fd4318-22a7000894e4003c%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg%26gpic%3DUID%253D00000d999fdc1bea%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q%26prev_fmts%3D0x0%252C1200x280%252C725x280%252C1200x90%26nras%3D5%26correlator%3D3652207399414%26frm%3D20%26pv%3D1%26ga_vid%3D1829976361.1697316499%26ga_sid%3D1697316500%26ga_hid%3D1441788431%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2812%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31078362%252C44795921%252C44804684%252C44805099%252C44805675%252C44805681%252C31078773%26oid%3D2%26pvsid%3D1126908763937889%26tmod%3D1779632347%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DKZonRO9CCe%26p%3Dhttps%253A%2F%2Fdiscord.com.ua%26dtd%3D18,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2954974235451501%26output%3Dhtml%26h%3D90%26adk%3D3187286696%26adf%3D391540361%26pi%3Dt.aa~a.2637067697~rp.1%26daaos%3D1697310157268%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697341701%26rafmt%3D1%26to%3Dqs%26pwprc%3D9019949464%26tp%3Dsite_kit%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fdiscord.com.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697316501209%26bpp%3D1%26bdt%3D2132%26idt%3D0%26shv%3Dr20231011%26mjsv%3Dm202310110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D90dbee57f6fd4318-22a7000894e4003c%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg%26gpic%3DUID%253D00000d999fdc1bea%253AT%253D1697316500%253ART%253D1697316500%253AS%253DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q%26prev_fmts%3D0x0%252C1200x280%252C725x280%252C1200x90%26nras%3D5%26correlator%3D3652207399414%26frm%3D20%26pv%3D1%26ga_vid%3D1829976361.1697316499%26ga_sid%3D1697316500%26ga_hid%3D1441788431%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2812%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31078362%252C44795921%252C44804684%252C44805099%252C44805675%252C44805681%252C31078773%26oid%3D2%26pvsid%3D1126908763937889%26tmod%3D1779632347%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DKZonRO9CCe%26p%3Dhttps%253A%2F%2Fdiscord.com.ua%26dtd%3D18&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
an-x-request-uuid: bdea5197-eaf0-4c9b-aff1-59ea190cd302
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.200; 86.48.14.200; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3A0B 1 KB
643 B 37ms
36ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 24940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 13:52:42 GMT
etag: 48472445140208031
expires: Sun, 15 Oct 2023 13:52:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 306A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3168a6a1d9261fd0215f1c06cbba29a1be29308a20d0aef45682f9dbd0175f08

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 306A 0
19 B 100ms
99ms Image
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3iJalf4qZemhEJCD6toP9pm2kAzS4Nfgbo-ktpOTCsCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yOTU0OTc0MjM1NDUxNTAxyAEJqAMByAMCqgTEAU_Q-w2mmhY-1AO_89FsrDxFQA4XI8cXc_jyALKcsZBzB3ssF6TTzo9tTRqmweVekWrrTa7YHRdt30q__KlnkkHXwGlMi3oMmftgdapUhtyJksLTM1-hChY-yzX6379rsByxZ5gZeT-Z3sBg-qgJgMAkWtKKHSbX1n5gJhzkOPk1_2VAR9RJ9UhAo4AxQOwvFk1f937oaxfxz-7oyPWRl-5kn5dvj1_UBJVYyaInLnhJMS4UkeiPnoaR1i9CQZ3pNxQIMPqABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5NTQ5NzQyMzU0NTE1MDEYAA&sigh=mCCfoMzgDlI&uach_m=[UACH]&cid=CAQSPADICaaNsLiJ-nxhwy8a7RIKsjCdQ8_KRD2dbd8nH_v6_UB2Y7JrWt121zR1iveqlzY0LTmYJLyOBi82RBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=3187286696&adf=391540361&pi=t.aa~a.2637067697~rp.1&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=0&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280%2C1200x90&nras=5&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=KZonRO9CCe&p=https%3A//discord.com.ua&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
nym1-ib.adnxs.com/ Frame 306A 0
530 B 85ms
84ms Image
text/html 68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fdiscord.com.ua&e=wqT_3QKaB8iaAwAAAwDWAAUBCJX9q6kGEIri8YG56v7hdhgAKjYJT55CDfVenj8R66hXYbV1nT8ZAAABAgzwPyHrDRIAKREk0DEAAADA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHiVvgWAAQGKAQNVU0SSBQbwaZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhZodHRwczovL2Rpc2NvcmQuY29tLnVhgAMAiAMBkAMAmAMJoAMBqgOtAwrHAmh0dHBzOi8vd3d3LmJpbmcBLfB1L2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTJmMjE4MjM0LTFiMjctNDdjMS1iY2E3LTVjODcyN2E1OWZkZiZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVR1YGHB1Ymxpc2gFKSgxNjI2NDUzMzAmcp5tALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAGhuY2NfZnAmYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM4NTU3OTYwMDUzMjU0ODExOTE0IgkzODE4NDY3MTQqBCFkgDo0VTJWaGNtTm9RV1FqT0RFMU56QXhNakF3TXpFM01qWRUU8HlPVGt5TkRReE56UT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF2JKFia3KjL0hwAUAyQUAAAAAAADwP9IFCQkAAAEMeAAA2AUB4AUB8AWgoVH6BQQIABAAkAYAmAYAuAYAwQYJIyzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHlb4F0gcNCREoASYI2gcGAV6wGADgBwDqBwIIAPAH57EJiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a7aca2f25e2aa693ddb837db281eeeaed839eb30&pp=ZSr-lQAEEOkFWoGQAA2M9gexvWJKWv0DOzcZGA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJW7Vlf4qZemhEJCD6toP9pm2kAzS4Nfgbo-ktpOTCsCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yOTU0OTc0MjM1NDUxNTAxyAEJqAMByAMCqgTHAU_Q-w2mmhY-1AO_89FsrDxFQA4XI8cXc_jyALKcsZBzB3ssF6TTzo9tTRqmweVekWrrTa7YHRdt30q__KlnkkHXwGlMi3oMmftgdapUhtyJksLTM1-hChY-yzX6379rsByxZ5gZeT-Z3sBg-qgJgMAkWtKKHSbX1n5gJhzkOPk1_2VAR9RJ9UhAo4AxQOwvFk1f937oaxfxz-7oyPWR1exFDVXLdTJA_uHtV_ujmHxqO6odv_BWPADIUpPCa7Hx95XqXW4EvoyABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dsy-_Km5zYIknqw9mdrntQ5Ifag%26client%3Dca-pub-2954974235451501%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
an-x-request-uuid: b8c5dc96-e0eb-4f1c-b713-23028e51abe6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.200; 86.48.14.200; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5609 1 KB
643 B 36ms
35ms Document
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 24940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 13:52:42 GMT
etag: 48472445140208031
expires: Sun, 15 Oct 2023 13:52:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9782 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd57f547be960315ba4df995df71d6091128f8ce201a11c7415d077eb5709ff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9782 0
19 B 100ms
99ms Image
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1zNKlf4qZfOREPqS6toPwd6BmAnS4Nfgbo-ktpOTCsCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yOTU0OTc0MjM1NDUxNTAxyAEJqAMByAMCqgTEAU_QTNNiqHg6jjdr7RtLpaEGwBh1qfocFiobYzrCTf45vv51UDxTE20X8LZykrsvHYDszW4CYLBasmCCXRu96ZCKQn0WErX_MJ1SYvvxvJ_a-4eaxryGyHOe7XAV6ufsoqIzMyDw1q-9Rjl7aOVq0mp4LgJiEQkdI_sEt2nmcYyjmJPugsY4K6T3lCq48QhkDr9osRCPjDRkEoDYVkVzsHr4XM4VgHtB0lXDc07c7BBq5x9EwyPeF-zqqAVti-BpJjfIQrCABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5NTQ5NzQyMzU0NTE1MDEYAA&sigh=ZHYSmqYQX8U&uach_m=[UACH]&cid=CAQSPADICaaNJxdgwkuxz3MA6Q0xqr1HVC4xfD0hBgK8zNlfRa6v6lxIFB-xJ7HX4PO3jFlti1vAtfOUPs9RsxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
nym1-ib.adnxs.com/ Frame 9782 0
530 B 36ms
36ms Image
text/html 68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fdiscord.com.ua&e=wqT_3QKLB8iLAwAAAwDWAAUBCJX9q6kGEMrYi-D8ouGWVxgAKjYJAu2wlyScmz8RBGs4QRnImj8ZAAABAgzwPyEEDRIAKREkyDEAAADA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHgAgAEBigEDVVNEkgUG8GmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIWaHR0cHM6Ly9kaXNjb3JkLmNvbS51YYADAIgDAZADAJgDCaADAaoDogMKvAJodHRwczovL3d3dy5iaW5nAS3wdS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yNzQ4MjVhZC02Y2M0LTQ4ZTYtYWM2NS03NDBiYjczNjhhYmYmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFUdWBhwdWJsaXNoBSkoMTYyNjQ1MzMwJnKebQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wQ192Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYyODE4MjMzOTI1MDUxOTU1OTQiCTM4MTg0NjcxNCoEIVmAOjRVMlZoY21Ob1FXUWpPREUxTnpBeE1qQXdNekUzTWpZFRTweU9Ua3lORFF4TnpRPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXfyKCO0f7hxWXABQDJBQAAAAAAAPA_0gUJCQAAAQx4AADYBQDgBQHwBaChUfoFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQFsEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCREmASQI2gcGAVywGADgBwDqBwIIAPAH57EJiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=668d3e540cfc03ed7c2aaab85f242afe8c2f6e8b&pp=ZSr-lQAECPMFWol6AABvQWDztRV3rfn5JMicEQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRkWDlf4qZfOREPqS6toPwd6BmAnS4Nfgbo-ktpOTCsCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yOTU0OTc0MjM1NDUxNTAxyAEJqAMByAMCqgTHAU_QTNNiqHg6jjdr7RtLpaEGwBh1qfocFiobYzrCTf45vv51UDxTE20X8LZykrsvHYDszW4CYLBasmCCXRu96ZCKQn0WErX_MJ1SYvvxvJ_a-4eaxryGyHOe7XAV6ufsoqIzMyDw1q-9Rjl7aOVq0mp4LgJiEQkdI_sEt2nmcYyjmJPugsY4K6T3lCq48QhkDr9osRCPjDRkEoDYVkVz8njZzgyxehbVKCF27RdYWhRJ7ZtN7TsHtWqzLLntocxx5rYqLyTIaQKABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1cf5X39RHfwIvFG1rtv5esHj0KIg%26client%3Dca-pub-2954974235451501%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
an-x-request-uuid: bda58c12-9167-4d3e-be7a-8bccfeb39f1c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.200; 86.48.14.200; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 306A 0
553 B 36ms
36ms Ping
text/html 68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fdiscord.com.ua&e=wqT_3QKaB8iaAwAAAwDWAAUBCJX9q6kGEIri8YG56v7hdhgAKjYJT55CDfVenj8R66hXYbV1nT8ZAAABAgzwPyHrDRIAKREk0DEAAADA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHiVvgWAAQGKAQNVU0SSBQbwaZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhZodHRwczovL2Rpc2NvcmQuY29tLnVhgAMAiAMBkAMAmAMJoAMBqgOtAwrHAmh0dHBzOi8vd3d3LmJpbmcBLfB1L2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTJmMjE4MjM0LTFiMjctNDdjMS1iY2E3LTVjODcyN2E1OWZkZiZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVR1YGHB1Ymxpc2gFKSgxNjI2NDUzMzAmcp5tALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAGhuY2NfZnAmYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM4NTU3OTYwMDUzMjU0ODExOTE0IgkzODE4NDY3MTQqBCFkgDo0VTJWaGNtTm9RV1FqT0RFMU56QXhNakF3TXpFM01qWRUU8HlPVGt5TkRReE56UT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF2JKFia3KjL0hwAUAyQUAAAAAAADwP9IFCQkAAAEMeAAA2AUB4AUB8AWgoVH6BQQIABAAkAYAmAYAuAYAwQYJIyzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHlb4F0gcNCREoASYI2gcGAV6wGADgBwDqBwIIAPAH57EJiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a7aca2f25e2aa693ddb837db281eeeaed839eb30&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=5374067151049237304&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
an-x-request-uuid: ec499b2c-2620-4392-b777-cc9c2f1c7e81
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.200; 86.48.14.200; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 9782 0
554 B 64ms
64ms Ping
text/html 68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fdiscord.com.ua&e=wqT_3QKLB8iLAwAAAwDWAAUBCJX9q6kGEMrYi-D8ouGWVxgAKjYJAu2wlyScmz8RBGs4QRnImj8ZAAABAgzwPyEEDRIAKREkyDEAAADA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHgAgAEBigEDVVNEkgUG8GmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIWaHR0cHM6Ly9kaXNjb3JkLmNvbS51YYADAIgDAZADAJgDCaADAaoDogMKvAJodHRwczovL3d3dy5iaW5nAS3wdS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yNzQ4MjVhZC02Y2M0LTQ4ZTYtYWM2NS03NDBiYjczNjhhYmYmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFUdWBhwdWJsaXNoBSkoMTYyNjQ1MzMwJnKebQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wQ192Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYyODE4MjMzOTI1MDUxOTU1OTQiCTM4MTg0NjcxNCoEIVmAOjRVMlZoY21Ob1FXUWpPREUxTnpBeE1qQXdNekUzTWpZFRTweU9Ua3lORFF4TnpRPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXfyKCO0f7hxWXABQDJBQAAAAAAAPA_0gUJCQAAAQx4AADYBQDgBQHwBaChUfoFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQFsEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCREmASQI2gcGAVywGADgBwDqBwIIAPAH57EJiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=668d3e540cfc03ed7c2aaab85f242afe8c2f6e8b&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=5374067151049237304&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
an-x-request-uuid: 10396784-bf3f-49dc-8c89-648b6dc6ce3e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.200; 86.48.14.200; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3A0B 35 B
463 B 249ms
80ms Image
image/gif 192.184.69.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELHjmg65-UdIV82r8Q-vpjc&google_cver=1&google_push=AXcoOmR6-3S4EphbLIqFr5uPcOh2gDCqPtw11FHDNqcOQEmy4DwPBhxF3mFBwj-mUUW_AZtVmrF0LxFVaDPnizqpe7Yo3luCpLXogA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.184.69.252 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3A0B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHvNhBSjL_6r8jrDgo8Jc6g&google_push=AXcoOmRpNj_yQNRXtbf7-Elo_nP-pUP2HxsZlDR_9medKATzGfWQ7jfQJC...

170 B
329 B

47ms
47ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHvNhBSjL_6r8jrDgo8Jc6g&google_push=AXcoOmRpNj_yQNRXtbf7-Elo_nP-pUP2HxsZlDR_9medKATzGfWQ7jfQJCBW_MYWKDFkvwGYT9TviigAZMy7mhBa5o1KIzTIvzPFVA

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-yyz4536-YYZ
pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1697316502.475102,VS0,VE21
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHvNhBSjL_6r8jrDgo8Jc6g&google_push=AXcoOmRpNj_yQNRXtbf7-Elo_nP-pUP2HxsZlDR_9medKATzGfWQ7jfQJCBW_MYWKDFkvwGYT9TviigAZMy7mhBa5o1KIzTIvzPFVA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3A0B 43 B
362 B 101ms
33ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTuVySAQggFFZmhFC3wv0Xsj0idk1I8Y4ZAPYEE54s3_vUiIYnpZkfFWaUZXN-nFNg2RxAYiCzHyuGJV7OA4Enf7d0NMVLp&google_gid=CAESEPRVKmPnK30IV09MBcqh7i4&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 293464
expires: Sat, 14 Oct 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3A0B
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECCB2rMAA006SEfpXKTeDg4&google_cver=1&google_push=AXcoOmTxJ6IM3JX9m1qMvimwX8fyW4RTuOdleLkjVe7PNp5BDuCos0daqt58KRqeZsVr_hb76FO6KvFCTrpiH00u3FBnx-R...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTxJ6IM3JX9m1qMvimwX8fyW4RTuOdleLkjVe7PNp5BDuCos0daqt58KRqeZsVr_hb76FO6KvFCTrpiH00u3FBnx-RwvqecjQ&google_hm=OTE1MDY5O...

170 B
232 B

48ms
48ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTxJ6IM3JX9m1qMvimwX8fyW4RTuOdleLkjVe7PNp5BDuCos0daqt58KRqeZsVr_hb76FO6KvFCTrpiH00u3FBnx-RwvqecjQ&google_hm=OTE1MDY5ODI0OTIwNjM0OTI3Ng==

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTxJ6IM3JX9m1qMvimwX8fyW4RTuOdleLkjVe7PNp5BDuCos0daqt58KRqeZsVr_hb76FO6KvFCTrpiH00u3FBnx-RwvqecjQ&google_hm=OTE1MDY5ODI0OTIwNjM0OTI3Ng==
Date: Sat, 14 Oct 2023 20:48:22 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A0B
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSOptRYYGhkmFCUAmXkqoZzwlPNVd58WkESqqevQVfXNA5h3_Of8gcpQatti_MJ5Se8EP9cYWn1ZP1majs-YKl4eo1Zs3bZlOY&google_gid=CAESEB9XSGGJVx...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB9XSGGJVxw--MKc0N4GbAk&google_hm=T1BVZmJjMTk2NjMxZmM1NDBlY2E0ZWRjY2E4YTI4YjNkOGM&google_nid=opera_norway_as&google_push=AXcoOmSOptRY...

170 B
188 B

46ms
46ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB9XSGGJVxw--MKc0N4GbAk&google_hm=T1BVZmJjMTk2NjMxZmM1NDBlY2E0ZWRjY2E4YTI4YjNkOGM&google_nid=opera_norway_as&google_push=AXcoOmSOptRYYGhkmFCUAmXkqoZzwlPNVd58WkESqqevQVfXNA5h3_Of8gcpQatti_MJ5Se8EP9cYWn1ZP1majs-YKl4eo1Zs3bZlOY

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB9XSGGJVxw--MKc0N4GbAk&google_hm=T1BVZmJjMTk2NjMxZmM1NDBlY2E0ZWRjY2E4YTI4YjNkOGM&google_nid=opera_norway_as&google_push=AXcoOmSOptRYYGhkmFCUAmXkqoZzwlPNVd58WkESqqevQVfXNA5h3_Of8gcpQatti_MJ5Se8EP9cYWn1ZP1majs-YKl4eo1Zs3bZlOY
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 327
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 3A0B
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI0ZH5YUo5P3...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZWIxYWM2NmEtMmM0YS00YzVkLTgxYTAtNmQzYTFmMjIxMzYx&google_push=AXcoOmSPb5EoipDpV-58qJ6vqnd6Y1uSOOl_3ypxMn6LB-J4C9lPnZZ5-pxwM_r-L7cWK...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

40ms
40ms

Image
image/gif

104.112.20.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.112.20.199 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-20-199.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Sat, 14 Oct 2023 20:48:22 GMT
pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3A0B
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEOas4khBnXB7qk2hUKcCzag&google_cver=1&google_push=AXcoOmS7eQLqfbPlPrnxkf0PIF3CgQ_5GJ6-CxaK8xYhv59z6jhZxoFrR55TZ_B6rrm92ryIHcLjMvtbbIMZkHUAl3asbDEab...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS7eQLqfbPlPrnxkf0PIF3CgQ_5GJ6-CxaK8xYhv59z6jhZxoFrR55TZ_B6rrm92ryIHcLjMvtbbIMZkHUAl3asbDEabayyqTI&google_hm=f85ea035f77...

170 B
232 B

46ms
46ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS7eQLqfbPlPrnxkf0PIF3CgQ_5GJ6-CxaK8xYhv59z6jhZxoFrR55TZ_B6rrm92ryIHcLjMvtbbIMZkHUAl3asbDEabayyqTI&google_hm=f85ea035f777f60111txnj00lnqif76b

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS7eQLqfbPlPrnxkf0PIF3CgQ_5GJ6-CxaK8xYhv59z6jhZxoFrR55TZ_B6rrm92ryIHcLjMvtbbIMZkHUAl3asbDEabayyqTI&google_hm=f85ea035f777f60111txnj00lnqif76b
date: Sat, 14 Oct 2023 20:48:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3A0B 0
49 B 117ms
45ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9hq_ESF1DzXRgLbCgKKQ0rB-hX7AXVnVvgxZc6gJGz_fY0CdKZtDbQoanx01crSGgdy7wpjT09w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5609
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0h1cjJMV1ExUVJMeUM1&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&google_cver=1&google_push=AXcoOmR8FQqFAtbBxNy3PnET_putX0nxmg86dqKA7fQMX28...

170 B
232 B

47ms
46ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0h1cjJMV1ExUVJMeUM1&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&google_cver=1&google_push=AXcoOmR8FQqFAtbBxNy3PnET_putX0nxmg86dqKA7fQMX28jMPG2dJpR61F9-tmBcohi9Y3sBomiGbjQaU5r-4kxmOrae6HQa4ylqvE

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Oct 2023 20:48:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-02a542224b3edb51e@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0h1cjJMV1ExUVJMeUM1&google_gid=CAESEDOMoTlgM8x2CcSxpkLFmk8&google_cver=1&google_push=AXcoOmR8FQqFAtbBxNy3PnET_putX0nxmg86dqKA7fQMX28jMPG2dJpR61F9-tmBcohi9Y3sBomiGbjQaU5r-4kxmOrae6HQa4ylqvE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5609 0
173 B 79ms
39ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBGy-tzZb6YF1RVqsHwTvYQ&google_cver=1&google_push=AXcoOmS3Lb8WJ_7-pyEIIJSfFS6BHqJIDA68Uao2nRZPN3QkwgcGcWMOjKZm-I4OVQCWw8wHZE9nRe0Sjcz5eEt4BQLaS30ew21e2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5609
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEMZbxSMm8uKfNFQUzwXgClA&google_cver=1&google_push=AXcoOmS2eIZg36b-WN45v0LFatoK-9PjuaaQ3zWqjSxotyU0nwtFBMiFroyvOc72o4Fvzf8fmLHIaMN_lkPvzk-3lA4lS2lkwkIDLkE
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEM3REFBNUI2RDg1NjU1NQ==

170 B
232 B

47ms
47ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEM3REFBNUI2RDg1NjU1NQ==

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEM3REFBNUI2RDg1NjU1NQ==
date: Sat, 14 Oct 2023 20:48:22 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5609 43 B
363 B 96ms
33ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTJgu8nEAfm4SKBKut8z9mePgr9rhv_pmlo3Ulr-Sow7VVedpGvfHJFeeEIEG3k_ozaZfYkp-W_d5YFMD5mKYLb3kdCQe8x_w&google_gid=CAESEFA8zBjXIsDCrnKjQ4b7Mjo&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 274665
expires: Sat, 14 Oct 2023 00:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 5609 42 B
233 B 137ms
44ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEj9a6hT-8a3gpmcgHQq29Q&google_cver=1&google_push=AXcoOmTqi_fb-tHyO9vVfKgGZSTgY1gMYO7Yz3IJP5Zz9ktE1LrWTQFQB7s8DM8MsdL7CFRLkYNFgptIDcpl2Xrb5aSecK5-jmFC9aU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2954974235451501&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.372871807~rp.4&daaos=1697310157268&w=1200&fwrn=4&fwrnh=100&lmt=1697341701&rafmt=1&to=qs&pwprc=9019949464&tp=site_kit&format=1200x90&url=https%3A%2F%2Fdiscord.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697316501209&bpp=1&bdt=2132&idt=-M&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90dbee57f6fd4318-22a7000894e4003c%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MavoxEdn0IjM5ewL2DczSJfQN4WCg&gpic=UID%3D00000d999fdc1bea%3AT%3D1697316500%3ART%3D1697316500%3AS%3DALNI_MZK0cWBuZzMKTp4SjHhDTiekUMF-Q&prev_fmts=0x0%2C1200x280%2C725x280&nras=4&correlator=3652207399414&frm=20&pv=1&ga_vid=1829976361.1697316499&ga_sid=1697316500&ga_hid=1441788431&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2682&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078362%2C44795921%2C44804684%2C44805099%2C44805675%2C44805681%2C31078773&oid=2&pvsid=1126908763937889&tmod=1779632347&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=RHsnboKzX4&p=https%3A//discord.com.ua&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Oct 2023 20:48:22 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5609
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAQ6Lrd6c34ZZjDVYwMvlwc&google_cver=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVFdYBlk8ScSJXM_S8yKoaBmn...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAQ6Lrd6c34ZZjDVYwMvlwc&google_cver=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVFdYBlk8ScSJXM_S8y...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=kRxs7iSHTWCsbBIeEXgbWw==&no_redirect=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVF...

170 B
188 B

47ms
46ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=kRxs7iSHTWCsbBIeEXgbWw==&no_redirect=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVFdYBlk8ScSJXM_S8yKoaBmnOhzlpiN_Uqh2QrxmUuVS4NmwUYd6

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=kRxs7iSHTWCsbBIeEXgbWw==&no_redirect=1&google_push=AXcoOmSpj6fig4-ysPCKoxDE2jkwZQ6k3quc6riQjThl2RT-l49UVFdYBlk8ScSJXM_S8yKoaBmnOhzlpiN_Uqh2QrxmUuVS4NmwUYd6
date: Sat, 14 Oct 2023 20:48:22 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 5609
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENaZBZ4hyShi...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NjBjODEwODktYjM2MC00MzE4LWI5MzUtOGE0Yjg4MGQ4Mjlm&google_push=AXcoOmT0cVHzU8wIk3NlqYoh0XceFfLo2Zo2oTxZXqiEMvFO5ML5npK2DJBrFnNBef4v8...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

39ms
39ms

Image
image/gif

104.112.20.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.112.20.199 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-20-199.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Sat, 14 Oct 2023 20:48:22 GMT
pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5609 0
130 B 113ms
44ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgHxs7iRtnDdmdXE-ut4zSqsd2OzKGU1E6bCt8SVzjUf7MS_S9-sdA2lQtAHZHakpXCKsOzvs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 20:48:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4808 42 B
64 B 95ms
94ms Fetch
image/gif 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvevm_qOfwVecVy3t6hdGIHmeZI0Gnnk49J0qxdoN9s0Xpr2zB93KU8znrGB8Az-QNez8WiGE0Jf6FibWaQQKcdOe3PYr85d_yXHvoL0kykJRvGlaBY2piuu0M6gPd6-P1JvJ_CPOpXCA&sai=AMfl-YSgK1EMmMZrvYSbjbmQf2YV_FiNrjVkgsr1mqmgegPYfvHMDJKDXWja2GObVMc-TKEqv-OHMPKKbhpEfMYWMXooZGZ7hO_2y7UlDbthv7kA7Tn7zSD2WLkBuZVlbjt9BmfLLJzy5hSwkaaD&sig=Cg0ArKJSzJtmLxlqnFbhEAE&cid=CAQSSwDICaaNZJsCdAWyeISwplPU0IPm3hPYOSZSKRHwJNBG7ZBK4_uM8XJu0TUdzDg_z6PghTDqFbbDhdnDQU1_m35P2PnafcpMWfwMLBgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697316501351&rpt=456&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D338 42 B
64 B 94ms
93ms Fetch
image/gif 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspj2JBqBOI_rDk9evmQwOXVETWZDPFSVQp8sn113XJULwut3NV1JN6_E5n_c6c0gUawMhwTai93N0KtmHI-YtBXUJi2xLXS6odOd_rBHmUQ7c1jiIMeIrwyaYodbKeKhoAIWDnMrZlvw&sai=AMfl-YTVAFvhKNT5GxkJmYa_ukONJ-tq-uiq0ve1ZIJLkHTlCtOLs3Abya6C-lHn39XDazqW5O52dNhyNLBQKCLYgMIqFnimEE_nTHJP65wzzf0UktCZMvruOYeYsvV-QZezTzK-txyLIxHphLRG&sig=Cg0ArKJSzHEGW20AayIxEAE&cid=CAQSSwDICaaNZJsCdAWyeISwplPU0IPm3hPYOSZSKRHwJNBG7ZBK4_uM8XJu0TUdzDg_z6PghTDqFbbDhdnDQU1_m35P2PnafcpMWfwMLBgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697316501354&rpt=526&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2723 42 B
64 B 94ms
94ms Fetch
image/gif 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6UNUTE4pPu7DTS5AgzfLuYBKAmc5yUwMVNOJ2M38UomyZEWHS4xP1fkRK_k7szF4elaFkdcq7tCxLsKxV9IylCY_qsD5RR61Ve-yX1s4MtPa0EwFIX_xK-rwGDOREU5KvOpziVAW_QQ&sai=AMfl-YSNXQ3OSRutBnLpQAxut0hbrc0vjOCtjAQNKn81LCJ99olaQj0EuTmcvVCWSQpxsoVAT74sjKiW3PYtkyY2v2TlKFde2SX_ZFFk9RU9FQmolrpTy35Y6WIq5HI-jkqffLpr5fFUq3SACvDt&sig=Cg0ArKJSzF9fEUGWd2rsEAE&cid=CAQSSwDICaaNZJsCdAWyeISwplPU0IPm3hPYOSZSKRHwJNBG7ZBK4_uM8XJu0TUdzDg_z6PghTDqFbbDhdnDQU1_m35P2PnafcpMWfwMLBgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=304,961,1002,1002,1002&tos=304,657,41,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697316501356&rpt=573&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 637A 42 B
64 B 94ms
93ms Fetch
image/gif 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8qAJHHGSbJ1m5EYNiOym768rnl7kbF9JIyM02qQOOcB8siNgrMbFMQ109Bvb8_qRdl-03kYcj0KUOU-j3Xts8zM2iOACu-B1ZRvY78Fp_PY4Y7E4j7WhvlfDlbHO4U6pB0Q1zoQq1tw&sai=AMfl-YR2ejbAxzHXtq2M0myZaF2LcIQzVPXRHN3253yX_pYQRb3eTHKgEk2fXE4yTC8f4D5tYK4IeZ5QVPfKXEMTEvvPIiLKoPVH3PXMx1EBYJfXTJ3XYofcUuD2EK8Tbvo_f4Z2lxOL8LNxJTRSOA&sig=Cg0ArKJSzH0nKm8vrcW4EAE&cid=CAQSTADICaaNJ10VG-CgE9m1qTJ90Hpq1Ojgo-BJwRy3--KjPX94l0nzZ-OSoNfPDEt8CrZK94cUYSibJ8N5qSxJ7HX5b1YJOm3CM6pjF1wYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2012851121&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697316500222&rpt=1767&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 20:48:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discord.com.ua/	1970-01-21 01:04:36	Name: _ga_BDW6YPKYGE Value: GS1.1.1697316499.1.0.1697316499.0.0.0
.discord.com.ua/	1970-01-21 01:04:36	Name: _ga Value: GA1.3.1829976361.1697316499
.discord.com.ua/	1970-01-20 15:30:02	Name: _gid Value: GA1.3.220060878.1697316499
.discord.com.ua/	1970-01-20 15:28:36	Name: _gat_gtag_UA_56556309_16 Value: 1
.discord.com.ua/	1970-01-21 00:50:12	Name: __gads Value: ID=fa9eeed3a2da61bd:T=1697316500:RT=1697316500:S=ALNI_MZmRn_DVCDwqf6oa2L21W3VLxs0UQ
.discord.com.ua/	1970-01-21 00:50:12	Name: __gpi Value: UID=00000d999fb7ddb1:T=1697316500:RT=1697316500:S=ALNI_MbkRqiGvHPDSKmcBVN0pTlwKcu5hw
.doubleclick.net/	1970-01-20 15:28:40	Name: DSID Value: NO_DATA
.bing.com/	1970-01-21 00:50:12	Name: MUID Value: 0072698A5FF668271B8E7A205EDC696E
.doubleclick.net/	1970-01-21 01:04:36	Name: IDE Value: AHWqTUlxOITFNjF6a8CGB_UB0FTR3gCs9mH_UGV9H0i3TO_LJkB-5vpj6UNygZ85P6w
.googleadservices.com/	1970-01-20 17:38:12	Name: ar_debug Value: 1
.blismedia.com/	1970-01-21 00:14:16	Name: b Value: 652AFE96AE154F4C1E968174BLIS
.everesttech.net/	1970-01-21 00:14:12	Name: everest_g_v2 Value: g_surferid~ZSr_lgAX0ZUaWABY
.rfihub.com/	1970-01-21 00:50:12	Name: rud Value: H4sIAAAAAAAA_-MStjQ0NTCztDAysTQyMDMGkuZmQnyGumaWxcnuFcUGjs4BUQAkvMN9JQAAAA
.rfihub.com/	1970-01-21 00:50:12	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dXZ2MirydXQ0MDALdk0riPAOSXVJNwniNTSzNDc2NDM1MDKxsHzFiMoHAHHMBFg9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dXZ2MirydXQ0MDALdk0riPAOSXVJNwEAuSLsbB4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MStjQ0NTCztDAysTQyMDMGkuZmQnyGumaWxcnuFcUGjs4BUQAkvMN9JQAAAA
fksnk.com/	1970-01-20 15:38:41	Name: AWSALBCORS Value: 84RP6aDANId67xrRWl+qLsLPZhZcCYSXE8c0rLLg+BkX4liNakkoea34Vdnk9YZovGLo22Mt4asWcc6wasRGbChrQQvBuqIDpS3DKrPGfaI+QTmssZNgkLwzEYPv
.fksnk.com/	1970-01-20 17:38:12	Name: f_001 Value: 0C7DAA5B6D856555
.fksnk.com/	1970-01-20 15:30:02	Name: g_001 Value: 1
.teads.tv/	1970-01-21 00:12:46	Name: tt_viewer Value: 60c81089-b360-4318-b935-8a4b880d829f
.w55c.net/	1970-01-21 01:00:17	Name: wfivefivec Value: SHur2LWQ1QRLyC5
.mediago.io/	1970-01-21 00:14:12	Name: __mguid_ Value: f85ea035f777f60111txnj00lnqif76b
.w55c.net/	1970-01-20 16:11:48	Name: matchgoogle Value: 5
.mfadsrvr.com/	1970-01-21 01:04:36	Name: tuuid Value: 911c6cee-2487-4d60-ac6c-121e11781b5b
.mfadsrvr.com/	1970-01-21 01:04:36	Name: c Value: 1697316502
.mfadsrvr.com/	1970-01-21 01:04:36	Name: tuuid_lu Value: 1697316502
.quantserve.com/	1970-01-20 17:38:12	Name: d Value: ECUBCQGXKoEA
.quantserve.com/	1970-01-21 00:58:50	Name: mc Value: 652afe96-98e49-fd786-2ba1c
.mfadsrvr.com/	1970-01-21 01:04:36	Name: ssh Value: !google,1697316502
.adx.opera.com/	1970-01-21 00:14:12	Name: UID Value: OPUfbc196631fc540eca4edcca8a28b3d8c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
adsdk.microsoft.com
cdn.adnxs.com
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
discord.clout.com.ua
discord.com.ua
dsp.adkernel.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
nym1-ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
rtb.mfadsrvr.com
sync-tm.everesttech.net
sync.teads.tv
t.adx.opera.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
www.bing.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.112.20.199
13.107.226.40
142.250.31.155
142.251.16.157
142.251.163.113
142.251.163.132
142.251.163.147
142.251.163.154
142.251.163.94
142.251.167.154
151.101.129.108
151.101.2.49
172.253.115.156
172.253.115.95
172.253.122.94
172.253.63.155
172.253.63.97
174.137.133.49
18.213.189.173
192.184.69.252
192.99.147.139
199.38.167.131
204.79.197.200
34.96.105.8
35.207.24.140
35.208.249.213
52.205.209.227
68.67.179.153
74.119.119.150
82.145.213.8
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
00f0ff99ea10899c9ee30db2630458cbfeac2de90cb2758774ff23928d0e4575
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
07c385950086ecec194db94b08bb2eed024e56ec32869943cb16ddad9fcf49ca
0884f764f1c2afce4975cb06f843072c574d7c7a1ce75a805aca9eb0978dd8fa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c90efa027d2f1c5265e0e06531a1e8359a10d232647587f10da6d2917c52aff
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f
22573d047950fe1d93b9440ce786ea90ae0f889c29857272f8deca81399c9004
281b26d4a91e56c896c53c98a892a2373f9759460f310d3a2aa36f80f19afaeb
2b2783810c9102830a1c688f2fc107b54ff42804403267d4beaeba461a6fae5b
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3168a6a1d9261fd0215f1c06cbba29a1be29308a20d0aef45682f9dbd0175f08
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
398f6a84d707e7a6db1a79524df8624604f74e35577f19b5f6c5b52fb155acdd
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3fba978156e62c19d171b74f4efbd6057e52cd4756693db0cb920bba678db031
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45b23d723f8a7382ee5e6b4788d8021d814147104eb23432929543e4f6a23c27
46a9222d51b37343bbb0bfed5f558865e8026ee44740d2b41474bf63b00bf7d4
479f89a8e5c23f2a3157ea0174b683d07ce4f65002699f5f049411cc776d4e04
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f61633c4298b6514e8a46999662a1198d2fcba261d6e7f63ac5b977dc8ac5f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5da2e8638a2b5c3f7e2b63b9f7603d83857046e9e1e08e8e219f1ff7d81c0568
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6b51cf54e17f23b685482938018ba87f410b930b08119e88391f9079e47c89ee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a
74c39574dd06be5d194b590541f37b8efe7d337008846e48dda3a28fed30e73f
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
8315f74a7bfd856280c5d2d762b498d5b318ddccbadba9d1b17cbca34b4b35e0
86ba404eb36df5b311ba69b6a907de3d28ee1dc58db3f91000d797a2be75fae5
88be29a37dc08a868f16d5ddecd308657c5444cc0f5cdedd8de0899b47810d67
8aaa7f7eefb0d8921302476b583a938cde51f90d9f18e6a5952d2a6a678dcece
90e246f38bb4d23b39626725c2263f2c21ef88f51ce5dc4dafd5f40e48fec1e3
9a5622da2eff4032f98f4dd10c6859689fd9e05a739ba96a9bc96b6ae6bdbbaa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0a6ee4674496a257bdb2735d9c6f692edd4caf417bf46ec418837d3b1d9027c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fd9b9c035336ed973e20bd7c29319df0fcc87584f3b96f26ef602b2a8e0f61
a13ae04ba06b24d8012905bf66223044a469ea7cee9b01c48da3ca9385ac354c
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
a7fba81a4510be9fe7ad6dc107aeda80a76b4841016f4a80e64975650942112b
a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abd57f547be960315ba4df995df71d6091128f8ce201a11c7415d077eb5709ff
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
acf9911eaa381e18fbd67241d47323ca848dfa1fe1fd0e1c02ba90e319809649
b9389cb6583f0d743318d61d4f74c3029eb5d8ed7e96b04712ebadfb2c3ad850
ba0472eb251992a88cb6e5966ceeb5a720abc6fbe4be9bfc743a74efc67124b0
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c160846cd593ba15f1e6f51be456a3e96299ae27dfa6cdd8f887979599a1ae94
c308dc96fb18755d83ad1ee6185e01c501ace9904446bf82051643232b37c92e
c3d99d5f2717bce929a32266aea376ce84a8cee81ba4cd1cfee3980ae508e816
c7f7493d76a46219fec5f2eb6a6e10d8ac3914a21e39bfd090bc395561641c62
cb105175463840c02ba7068adbf8c1e2d9b9271f8f20b01433d1e9cf05e91f2c
cd1c3235540dbc7bcd6c75d2839bb31cbd031f427f0fc2c605b6dc01d96283d0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e162246ba200da0816cc502d868122d384f5c1796d49bb662e2157bd41adb567
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f
e8318eeaa9fb5db9b261e13ca76bb0f7eb1bef383b62c2069ea79565a23319b8
eb80310c74df8566860ae7d69b4474e07e4dc31af372ed2b8090a0d3061c3500
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f537ab392da2e07cfa40d5a91725acc6ed9e5a063091313c8c31e75205b56784
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
ffd890bf12820248e842003f386d8efe51172ace5c76156d494f732ef6b04c46

discord.com.ua Open in urlscan Pro 192.99.147.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

91 %HTTPS

0 %IPv6

26 Domains

31 Subdomains

24 IPs

3 Countries

2071 kBTransfer

5514 kBSize

30 Cookies

7 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

discord.com.ua Open in urlscan Pro
192.99.147.139 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

91 %
HTTPS

0 %
IPv6

26
Domains

31
Subdomains

24
IPs

3
Countries

2071 kB
Transfer

5514 kB
Size

30
Cookies

170 HTTP transactions
11 data transactions