vaybeu.com Open in urlscan Pro
162.0.209.159 Public Scan

Software

cafe /

Resource Hash

4115c034a5bde094b72dd16e9599a3b20324aed9aee85da745daefbdfea657f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vaybeu.com/
Origin: https://vaybeu.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55219
x-xss-protection: 0
server: cafe
etag: 13904346722325202082
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Nov 2022 15:08:44 GMT

GET
H2 200 da26f657b74ee3a5a2f11945f3a714d4.css
vaybeu.com/wp-content/cache/min/1/ 201 KB
31 KB 366ms
365ms Stylesheet
text/css 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaybeu.com/wp-content/cache/min/1/da26f657b74ee3a5a2f11945f3a714d4.css
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7c857f3cdbe0d1be1a03ee5614ce88f4720227f624e94f950043885ac40a5a2c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:44 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 21:12:46 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 31550
expires: Sun, 05 Nov 2023 15:08:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 711ms
240ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext&display=swap

Requested by

Host: vaybeu.com
URL: https://vaybeu.com/warzone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vaybeu.com/
Origin: https://vaybeu.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 15:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 15:08:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 15:08:44 GMT

GET
H2 200 jquery.min.js Show response
vaybeu.com/wp-includes/js/jquery/ 88 KB
30 KB 722ms
721ms Script
application/javascript 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaybeu.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:44 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 05:37:16 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30324
expires: Sun, 05 Nov 2023 15:08:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
vaybeu.com/wp-includes/js/jquery/ 11 KB
4 KB 1077ms
1076ms Script
application/javascript 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaybeu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:44 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3995
expires: Sun, 05 Nov 2023 15:08:44 GMT

GET
H2 200 bootstrap.min.js Show response
vaybeu.com/wp-content/themes/envo-magazine/js/ 7 KB
2 KB 1078ms
1077ms Script
application/javascript 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaybeu.com/wp-content/themes/envo-magazine/js/bootstrap.min.js?ver=3.3.7
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:44 GMT
content-encoding: br
last-modified: Fri, 28 Oct 2022 05:39:15 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2286
expires: Sun, 05 Nov 2023 15:08:44 GMT

GET
H2 200 customscript.js Show response
vaybeu.com/wp-content/themes/envo-magazine/js/ 4 KB
967 B 1078ms
1078ms Script
application/javascript 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaybeu.com/wp-content/themes/envo-magazine/js/customscript.js?ver=1.3.12
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: ea4e05b419e4603038c3140f01d23296d4981e4f4a0107a7d9d2bf781acef11c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:44 GMT
content-encoding: br
last-modified: Fri, 28 Oct 2022 05:39:15 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 708
expires: Sun, 05 Nov 2023 15:08:44 GMT

GET
H2 200 lazyload.min.js Show response
vaybeu.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 360ms
359ms Script
application/javascript 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaybeu.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:45 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 21:02:53 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2570
expires: Sun, 05 Nov 2023 15:08:45 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 353 KB
116 KB 733ms
265ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4547405449181750

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10581fb613357fa7f3e720d3edd48ba6c7326e84608846eedf9aba5c1eae4ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118921
x-xss-protection: 0
server: cafe
etag: 13165130163208352360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Nov 2022 15:08:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 710E 10 KB
5 KB 703ms
233ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4547405449181750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vaybeu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 73226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 18:48:19 GMT
etag: 2424782735605397694
expires: Fri, 18 Nov 2022 18:48:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 962ms
494ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vaybeu.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 15:57:57 GMT
x-content-type-options: nosniff
age: 429048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 15:57:57 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 702ms
234ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vaybeu.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:23:08 GMT
x-content-type-options: nosniff
age: 24337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 08:23:08 GMT

GET
H2 200 fontawesome-webfont.woff2
vaybeu.com/wp-content/themes/envo-magazine/fonts/ 75 KB
76 KB 359ms
358ms Font
font/woff2 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaybeu.com/wp-content/themes/envo-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/wp-content/cache/min/1/da26f657b74ee3a5a2f11945f3a714d4.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://vaybeu.com/wp-content/cache/min/1/da26f657b74ee3a5a2f11945f3a714d4.css
Origin: https://vaybeu.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:45 GMT
last-modified: Fri, 28 Oct 2022 05:39:15 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 77160
expires: Sun, 05 Mar 2023 15:08:45 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1421a9dd52a3a6a7bc807bcdfed1179cc0568af9e467faa04e16cb4674a6c476

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 747ms
293ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C700&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vaybeu.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 12:04:21 GMT
x-content-type-options: nosniff
age: 97464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 12:04:21 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6aa1779974106ff0bafc1baeca8012b78d755330bb80a4a52e16fb07561cf6f

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 image-108-720x405.png
vaybeu.com/wp-content/uploads/2022/11/ 312 KB
312 KB 362ms
362ms Image
image/png 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vaybeu.com/wp-content/uploads/2022/11/image-108-720x405.png
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 296f93512a1b7c87d6e709adc2a7baac31f338f7d54022d37a264c81853d6d5e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:46 GMT
last-modified: Thu, 03 Nov 2022 01:49:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 319469
expires: Sun, 05 Mar 2023 15:08:46 GMT

GET
H2 200 image-160x120.png
vaybeu.com/wp-content/uploads/2022/10/ 22 KB
23 KB 731ms
730ms Image
image/png 162.0.209.159
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vaybeu.com/wp-content/uploads/2022/10/image-160x120.png
Requested by: Host: vaybeu.com
URL: https://vaybeu.com/warzone/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.159 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium178-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: da5b3aa4c54a2b6d25dad626f0208aa1710dba707bef315de728f53eb778ca42

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/warzone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:46 GMT
last-modified: Sat, 29 Oct 2022 20:49:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 23006
expires: Sun, 05 Mar 2023 15:08:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
696 B 707ms
235ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vaybeu.com&callback=_gfp_s_&client=ca-pub-4547405449181750&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f700b7790cfa5f012e795cb04ac00f06e2fc3d0b0a6c584582c5fcc08af5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.nz/adsid/ 107 B
792 B 712ms
237ms Script
application/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.nz/adsid/integrator.js?domain=vaybeu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 707ms
236ms Script
application/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vaybeu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 112E 173 KB
49 KB 1617ms
1316ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4547405449181750&output=html&adk=318159125&adf=2184669829&lmt=1667632448&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvaybeu.com%2Fwarzone%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667660925197&bpp=25&bdt=1460&idt=1247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5842403805703&frm=20&pv=2&ga_vid=1373811228.1667660926&ga_sid=1667660926&ga_hid=1650239190&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44777508%2C31070616%2C31070696%2C44770766%2C44775016%2C44775305&oid=2&pvsid=926477750486175&tmod=197072497&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1267

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c9e7fa627a756c3f4906e39fff55ef1984033f1a061c283716b0c67c8474abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vaybeu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 50428
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 15:08:47 GMT
expires: Sat, 05 Nov 2022 15:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 150 KB
51 KB 249ms
249ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/reactive_library_fy2021.js?bust=31070696

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3f7363d538eb171728d94cff0b334dd7d688c36e36c773604e578716df3d067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52153
x-xss-protection: 0
server: cafe
etag: 11479362855153925291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Nov 2022 15:08:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.nz/adsid/ 107 B
165 B 538ms
237ms Script
application/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.nz/adsid/integrator.js?domain=vaybeu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 537ms
236ms Script
application/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vaybeu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://vaybeu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame 2002 10 KB
4 KB 234ms
233ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vaybeu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 73225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 18:48:23 GMT
etag: 2424782735605397694
expires: Fri, 18 Nov 2022 18:48:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame C14E 10 KB
4 KB 234ms
233ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_fy2021.js?bust=31070696

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vaybeu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 73225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 18:48:23 GMT
etag: 2424782735605397694
expires: Fri, 18 Nov 2022 18:48:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 2002 4 KB
636 B 705ms
238ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 13:21:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 15:08:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2002 205 B
744 B 702ms
233ms Image
image/png 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:49:46 GMT
x-content-type-options: nosniff
age: 47943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 Nov 2023 01:49:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2002 604 B
695 B 702ms
234ms Image
image/png 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:33:10 GMT
x-content-type-options: nosniff
age: 48939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 Nov 2023 01:33:10 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 2002 19 KB
8 KB 705ms
233ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 02:08:10 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8BDD 624 B
246 B 241ms
239ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjKlKnEATAB&v=APEucNVBfvsWjqXm9pUDe2m8gFJwB36JL4RzkrTj0tIyg1qNUMww9gVq3_437FzrHYkgAk5wxz1G14pFrDU4T4Vha-io7gHeSg

Requested by

Host: vaybeu.com
URL: https://vaybeu.com/warzone/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 15:08:49 GMT
expires: Sat, 05 Nov 2022 15:08:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5117 47 KB
19 KB 260ms
257ms Script
text/javascript 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC4kaPaQkPghYiSNKRJ6HatfDPxn9zMKx4dpNplhIYAzlIfU3iPsFDW4f_8Y3N4loot0xi_2ozzBtmNB8kP6p7PBW0Pg&cry=1&dbm_d=AKAmf-AmtrFUmsl27e2N7FwT5eKbKyJ8IkLHIA0QiLXYTAZAJNC6UmapBi7J5A6zRnx4CT7usXZ2gIpX2Di9_IXkvmUn0xDwifdY8GBNxUUaC4B9LZSdcbX_-BnyqsVg1yGwxGYRV5UmUXYZsj2Vy_XOD3cbXd6ADEsHz-MMn8RxNcFZ6-P3lN53Yv5fphx4_OEIIroHS7XkzUhE9LA9Hg8H6pWCp7jQOkivIfK7tG97VpwHAI57zue1s6mNUIiShJy6fp9pDB6sgTL3htM9Ijk00wLgh7b_-Q39BlLwA1nbuj5BjjemI9TtHh1F96Hikmsm4FSBVvLdeOP6BmPanAO5F7xOxD7bwNLQqYF9TH_5Sub1ojgFK93o3rxtFUbFPi830WjWpN1-JIOr4-ODaTh-lVqIXcJHfZOTfF1H6Nw3DGtDnGL_jFvLRHr7ASezV-UV_2Jo3JOA_vYsfTi1bd2Vy9ToJIsnUX4MbLZNAlSD641ZOmfkeM1ERGvRL5mkXdhDsYueRPut2zIDYAikLhY6cWK1c2e7A0EXUYK7Pr_ZacKQY-YPS35IQijwrEwpvmZje5YvtTuWcYg9OPd43UO1ThuAKEjCRBkQ9nBKAN6ysctMq0ozX6d7tEdLsOvVGr2TMoy295GRymjRyFTlKjXQXel0IbaT5aez9PPNdPj4f0DNF3DO9wp8pbO3Odyvmkgq4w3El16ktaLi7Y7IForgAZ8lHSONGsTl6WJruxzp3uDYBtlJaFPtCGV2Peu0rZReUotMZmPc4CF40JzpGZVZ62QgqhRrW_fF2oHVfg6-UkHq9N2B1huzaG-3zu8V-mE9vucYuU6vCcFzAW01PkoRKLnDfsub96IOl23wruqSUKpAORY0VacsOwvfJ5sxaSwlRPtcSDM7YshPrjMI3y1ZbdR-2Bs43_m5Ry4-TPmDYH95SJtjqxDtAnHKn_JY_KcLJ_VzFsXPqsTmio_-7ZCpOLFAu0Q20OTcreMkxb3yWMQegoez1M7VfkungYiYXojYgY6FEwzpb1iLVxczs_L1dX_iuNB3NAOfP8mzsMlhWgYy7Yu6ERLrZj-dE9OFH_HMXITIZ0PeT8vR0AkLfseupfvhVUdK8_-z3Kli84JoCtcOlvkyV-xKlHse4P2z7Nbh6uBfmNpszldlCJJ5AoQHV0IYJHKoumr51U0RnOqDZAwHwcQhv46YcOOtQzXj-CuLJrscatnHTIAZjhl776TLdbq0OU28Cz9UVmcK_VD4ucBjDh_blXtlljGCni9gQxeOXjf_D6u8MGYbqxSZzNuqB79rU2mIEP4t8evRxOu3G4-q45OH2i1aiGnN-4IJAqtoMsy4ync3aVBl9J7YYZF9vv7ri6EmcvXP9zrfVW7gjq-UIfPmwDjCWrAAw6vDDFagsiQBMAjP8hkor2PpPoDAEMhDI4Vmr6SG3uBLwqmjhpyWf3kL1GXRhERF4nUVsq29IzRUg6lQZTHG1Ijnr7kRXiUjvvtBhCxhBGIexdhiDUWz_NvP8lld4G2JAA-FRQixugts14HC0okmZYyXFtTb0JPoetSjW-_9FqKt7XfcZfez2zSBxEtqm7dW9Mq_mZN3RML8GhslqDaS5XeM2MM2nwANOcQR0czCrUPzW7hn6pDjPZh1pig1eeGqIJ3KBj6oHY2FsVDqOZzCmRl0cuDBPsX5vYiHFSFU68j_mGFmg1iGEixuC2tvbUc0it6_DvIyI3tzxrxnv1YCz68k0EYCXr-fTsMyM1CO9ZHJmfXNgI2EXbLd9VGZ7pO835bzWFSEgzsk2OcBu9jzr9MNvLB3ANuD-lYwHJ_dfDmBsY4XQZFPwq1Fk6EoTrR7kgJvFKbr6sM2GbfhCH2gccAYmnxwfsgveDKrZwNFKr5YJE_Znvh0s6rTi9Cs_gYvNQFd0aC1XiS_1y4a0ScuaeIP7ZXc19F8-qIn_X9L2H-ypBxpK9eucU0xR75WwtFelDmGZsWsolQCeanJnMg0NX5_dMUIeugefjstUfHdcicUeLBwSqCD8gYSNYgO_aBGlDMCq4ET7iuKJRs8FabH_o2qbHzfYxobX8JHh01-Cb_kqMFtFkc-nm0wkrlapSJnbdYQg_CRItrXmu8Z6aTIUaFouv-DqjGYlWueeMorELT6hXOxdQUk2psMfbB6aWhoNWh5dlRCnglkV_Put97D7Bbk7D3grPDnnb9fUK6FdaUAWGpe3rnJrBF2Q8foTlKMtbRuhFd1-zWZsQfCLfhtg54WdJEuHCV_yn4VZJMqZuLCuX0em-nz0eAR_bCL9SnQpFWIS2niYFagUaCMhUEtowxQ3fh0JvBSMLF_5iRyo81CmrfkcuR_Daz-PKLH4G3X_zyYcX_9bSa_R4y6aYAq4dUgP-6kPmoNGiobshCBQ4CmRrFVWuU37JOOWDagZ_0_dfhV9kCWcLcG4t-sgNXpGhdDSEpwnZ5JQMVqNZaPnK1HjM8SCwgKH7YGI-w0B1W4XfyYziD4dNxCHjUx6VEY_xOZG1FLzduMXD_4MQhxxi0Qm5UiTnQENGUfy47jQuHBwW4ujXGCZqKBbQCYn4rWRYt0UDTKzhfAqmqe1Wix2JXG2KgCOdzcSWpodyOeeOfgHl3MWypN_DTWgIsifmdzpqNZ01nFWHGhwRrWYHL4nCkWZhqpnpDJSf7kZLEbevuw2h3MA4kbjjs1LT0A1NtRHfXq7QvpWuO5gxQ1qifUbNMf-Dg7R-31ljAV1vv2uNvNyO4vD__DIEg3ViPuuJvBfUGMrAarjOEzpy9KAodNzH7gPcbJSG1iDarTUNGEGKNi0PFBe4HLfxxRF5NUe19h0VhxaiqSEH5POXngz516b9OBeugXRkNKem-Sfvj5NrEWjx_0Cc3XYXX4zqWEndtbX6fXJFgvCuU1AzXTELQXS-gUiWtAJPV8I1pCTCY0Gz6qpkfwIvAYRpf3aRZGw539vPwHShmANU4mfme_9QmYY2NWLzw5iomLTkXN3hnadt3sQ-ytNiOB1gZaAhRXIXVoUYOsVCdvDp7NYafif6fbLP20TO_a5SoPkAE8gqk&cid=CAQSGwDq26N9cBJ41A7GYSyhCQu83yaJAqLd9EcNaBgBIA4&rfl=2%2Chttps%253A%252F%252Fvaybeu.com%252F%240

Requested by

Host: vaybeu.com
URL: https://vaybeu.com/warzone/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00c7646c06b7da74b86d0cf299f03b749854868d6fdf3838d80b05482b8f5f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 15:08:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19241
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 5117 3 KB
1 KB 748ms
289ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: vaybeu.com
URL: https://vaybeu.com/warzone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 02:27:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 5117 17 KB
7 KB 715ms
257ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: vaybeu.com
URL: https://vaybeu.com/warzone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 01:48:25 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5117 0
0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5117 42 B
63 B 235ms
235ms Image
image/gif 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DvNOSwVfy3ISssbnZjE6aQxvPGRw8IajLjo5rqYt2lq70JX9MaFOSEO-_CZtA4aeZTxirC1wKAz0U7olbZqi0KJC08H9TFLaZI_mbFBvCsogGu2ZE

Requested by

Host: vaybeu.com
URL: https://vaybeu.com/warzone/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8BDD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGUBaFOPY8mEt_XlcAoAkyc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGUBaFOPY8mEt_XlcAoAkyc&google_cver=1&C=1

43 B
766 B

351ms
351ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGUBaFOPY8mEt_XlcAoAkyc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjKlKnEATAB&v=APEucNVBfvsWjqXm9pUDe2m8gFJwB36JL4RzkrTj0tIyg1qNUMww9gVq3_437FzrHYkgAk5wxz1G14pFrDU4T4Vha-io7gHeSg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 15:08:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 15:08:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGUBaFOPY8mEt_XlcAoAkyc&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8BDD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2Z8gnecYRL2hk8rkEL.lQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA-obxkkoNrpfJ-gANrVAc&google_cver=1&google_hm=2

43 B
766 B

353ms
352ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA-obxkkoNrpfJ-gANrVAc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjKlKnEATAB&v=APEucNVBfvsWjqXm9pUDe2m8gFJwB36JL4RzkrTj0tIyg1qNUMww9gVq3_437FzrHYkgAk5wxz1G14pFrDU4T4Vha-io7gHeSg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 15:08:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 15:08:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA-obxkkoNrpfJ-gANrVAc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8BDD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMQR3vzGSJrauGZPyV4IY6U&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMQR3vzGSJrauGZPyV4IY6U%26google_cver%3D1

43 B
1 KB

290ms
289ms

Image
image/gif

104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMQR3vzGSJrauGZPyV4IY6U%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjKlKnEATAB&v=APEucNVBfvsWjqXm9pUDe2m8gFJwB36JL4RzkrTj0tIyg1qNUMww9gVq3_437FzrHYkgAk5wxz1G14pFrDU4T4Vha-io7gHeSg

Protocol

HTTP/1.1

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 15:08:50 GMT
AN-X-Request-Uuid: d92bdfa4-3a4f-413d-8900-7502131fbb8b
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 116.90.74.196; 116.90.74.196; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 15:08:50 GMT
AN-X-Request-Uuid: de950dfb-5e45-43f0-a6f6-445f56febe42
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMQR3vzGSJrauGZPyV4IY6U%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 116.90.74.196; 116.90.74.196; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8BDD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ0NDU1MTcxNzg0MzY0MzA3NA%3D%3D

170 B
243 B

539ms
238ms

Image
image/png

142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ0NDU1MTcxNzg0MzY0MzA3NA%3D%3D

Requested by

Protocol

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 15:08:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 15:08:50 GMT
AN-X-Request-Uuid: 6d22e8c1-6b46-4413-af4b-2b90ded17371
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ0NDU1MTcxNzg0MzY0MzA3NA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 116.90.74.196; 116.90.74.196; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 404 mraid.js
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame 5117 0
0 234ms
233ms Script
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/mraid.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC4kaPaQkPghYiSNKRJ6HatfDPxn9zMKx4dpNplhIYAzlIfU3iPsFDW4f_8Y3N4loot0xi_2ozzBtmNB8kP6p7PBW0Pg&cry=1&dbm_d=AKAmf-AmtrFUmsl27e2N7FwT5eKbKyJ8IkLHIA0QiLXYTAZAJNC6UmapBi7J5A6zRnx4CT7usXZ2gIpX2Di9_IXkvmUn0xDwifdY8GBNxUUaC4B9LZSdcbX_-BnyqsVg1yGwxGYRV5UmUXYZsj2Vy_XOD3cbXd6ADEsHz-MMn8RxNcFZ6-P3lN53Yv5fphx4_OEIIroHS7XkzUhE9LA9Hg8H6pWCp7jQOkivIfK7tG97VpwHAI57zue1s6mNUIiShJy6fp9pDB6sgTL3htM9Ijk00wLgh7b_-Q39BlLwA1nbuj5BjjemI9TtHh1F96Hikmsm4FSBVvLdeOP6BmPanAO5F7xOxD7bwNLQqYF9TH_5Sub1ojgFK93o3rxtFUbFPi830WjWpN1-JIOr4-ODaTh-lVqIXcJHfZOTfF1H6Nw3DGtDnGL_jFvLRHr7ASezV-UV_2Jo3JOA_vYsfTi1bd2Vy9ToJIsnUX4MbLZNAlSD641ZOmfkeM1ERGvRL5mkXdhDsYueRPut2zIDYAikLhY6cWK1c2e7A0EXUYK7Pr_ZacKQY-YPS35IQijwrEwpvmZje5YvtTuWcYg9OPd43UO1ThuAKEjCRBkQ9nBKAN6ysctMq0ozX6d7tEdLsOvVGr2TMoy295GRymjRyFTlKjXQXel0IbaT5aez9PPNdPj4f0DNF3DO9wp8pbO3Odyvmkgq4w3El16ktaLi7Y7IForgAZ8lHSONGsTl6WJruxzp3uDYBtlJaFPtCGV2Peu0rZReUotMZmPc4CF40JzpGZVZ62QgqhRrW_fF2oHVfg6-UkHq9N2B1huzaG-3zu8V-mE9vucYuU6vCcFzAW01PkoRKLnDfsub96IOl23wruqSUKpAORY0VacsOwvfJ5sxaSwlRPtcSDM7YshPrjMI3y1ZbdR-2Bs43_m5Ry4-TPmDYH95SJtjqxDtAnHKn_JY_KcLJ_VzFsXPqsTmio_-7ZCpOLFAu0Q20OTcreMkxb3yWMQegoez1M7VfkungYiYXojYgY6FEwzpb1iLVxczs_L1dX_iuNB3NAOfP8mzsMlhWgYy7Yu6ERLrZj-dE9OFH_HMXITIZ0PeT8vR0AkLfseupfvhVUdK8_-z3Kli84JoCtcOlvkyV-xKlHse4P2z7Nbh6uBfmNpszldlCJJ5AoQHV0IYJHKoumr51U0RnOqDZAwHwcQhv46YcOOtQzXj-CuLJrscatnHTIAZjhl776TLdbq0OU28Cz9UVmcK_VD4ucBjDh_blXtlljGCni9gQxeOXjf_D6u8MGYbqxSZzNuqB79rU2mIEP4t8evRxOu3G4-q45OH2i1aiGnN-4IJAqtoMsy4ync3aVBl9J7YYZF9vv7ri6EmcvXP9zrfVW7gjq-UIfPmwDjCWrAAw6vDDFagsiQBMAjP8hkor2PpPoDAEMhDI4Vmr6SG3uBLwqmjhpyWf3kL1GXRhERF4nUVsq29IzRUg6lQZTHG1Ijnr7kRXiUjvvtBhCxhBGIexdhiDUWz_NvP8lld4G2JAA-FRQixugts14HC0okmZYyXFtTb0JPoetSjW-_9FqKt7XfcZfez2zSBxEtqm7dW9Mq_mZN3RML8GhslqDaS5XeM2MM2nwANOcQR0czCrUPzW7hn6pDjPZh1pig1eeGqIJ3KBj6oHY2FsVDqOZzCmRl0cuDBPsX5vYiHFSFU68j_mGFmg1iGEixuC2tvbUc0it6_DvIyI3tzxrxnv1YCz68k0EYCXr-fTsMyM1CO9ZHJmfXNgI2EXbLd9VGZ7pO835bzWFSEgzsk2OcBu9jzr9MNvLB3ANuD-lYwHJ_dfDmBsY4XQZFPwq1Fk6EoTrR7kgJvFKbr6sM2GbfhCH2gccAYmnxwfsgveDKrZwNFKr5YJE_Znvh0s6rTi9Cs_gYvNQFd0aC1XiS_1y4a0ScuaeIP7ZXc19F8-qIn_X9L2H-ypBxpK9eucU0xR75WwtFelDmGZsWsolQCeanJnMg0NX5_dMUIeugefjstUfHdcicUeLBwSqCD8gYSNYgO_aBGlDMCq4ET7iuKJRs8FabH_o2qbHzfYxobX8JHh01-Cb_kqMFtFkc-nm0wkrlapSJnbdYQg_CRItrXmu8Z6aTIUaFouv-DqjGYlWueeMorELT6hXOxdQUk2psMfbB6aWhoNWh5dlRCnglkV_Put97D7Bbk7D3grPDnnb9fUK6FdaUAWGpe3rnJrBF2Q8foTlKMtbRuhFd1-zWZsQfCLfhtg54WdJEuHCV_yn4VZJMqZuLCuX0em-nz0eAR_bCL9SnQpFWIS2niYFagUaCMhUEtowxQ3fh0JvBSMLF_5iRyo81CmrfkcuR_Daz-PKLH4G3X_zyYcX_9bSa_R4y6aYAq4dUgP-6kPmoNGiobshCBQ4CmRrFVWuU37JOOWDagZ_0_dfhV9kCWcLcG4t-sgNXpGhdDSEpwnZ5JQMVqNZaPnK1HjM8SCwgKH7YGI-w0B1W4XfyYziD4dNxCHjUx6VEY_xOZG1FLzduMXD_4MQhxxi0Qm5UiTnQENGUfy47jQuHBwW4ujXGCZqKBbQCYn4rWRYt0UDTKzhfAqmqe1Wix2JXG2KgCOdzcSWpodyOeeOfgHl3MWypN_DTWgIsifmdzpqNZ01nFWHGhwRrWYHL4nCkWZhqpnpDJSf7kZLEbevuw2h3MA4kbjjs1LT0A1NtRHfXq7QvpWuO5gxQ1qifUbNMf-Dg7R-31ljAV1vv2uNvNyO4vD__DIEg3ViPuuJvBfUGMrAarjOEzpy9KAodNzH7gPcbJSG1iDarTUNGEGKNi0PFBe4HLfxxRF5NUe19h0VhxaiqSEH5POXngz516b9OBeugXRkNKem-Sfvj5NrEWjx_0Cc3XYXX4zqWEndtbX6fXJFgvCuU1AzXTELQXS-gUiWtAJPV8I1pCTCY0Gz6qpkfwIvAYRpf3aRZGw539vPwHShmANU4mfme_9QmYY2NWLzw5iomLTkXN3hnadt3sQ-ytNiOB1gZaAhRXIXVoUYOsVCdvDp7NYafif6fbLP20TO_a5SoPkAE8gqk&cid=CAQSGwDq26N9cBJ41A7GYSyhCQu83yaJAqLd9EcNaBgBIA4&rfl=2%2Chttps%253A%252F%252Fvaybeu.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 16:27:04 GMT
x-content-type-options: nosniff
server: cafe
age: 81705
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 16:27:04 GMT

GET
H2 200 new-tag.min.js Show response
cdn.somplo.com/prod/test/251119/ Frame 5117 35 KB
35 KB 786ms
234ms Script
application/javascript 92.223.95.95

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC4kaPaQkPghYiSNKRJ6HatfDPxn9zMKx4dpNplhIYAzlIfU3iPsFDW4f_8Y3N4loot0xi_2ozzBtmNB8kP6p7PBW0Pg&cry=1&dbm_d=AKAmf-AmtrFUmsl27e2N7FwT5eKbKyJ8IkLHIA0QiLXYTAZAJNC6UmapBi7J5A6zRnx4CT7usXZ2gIpX2Di9_IXkvmUn0xDwifdY8GBNxUUaC4B9LZSdcbX_-BnyqsVg1yGwxGYRV5UmUXYZsj2Vy_XOD3cbXd6ADEsHz-MMn8RxNcFZ6-P3lN53Yv5fphx4_OEIIroHS7XkzUhE9LA9Hg8H6pWCp7jQOkivIfK7tG97VpwHAI57zue1s6mNUIiShJy6fp9pDB6sgTL3htM9Ijk00wLgh7b_-Q39BlLwA1nbuj5BjjemI9TtHh1F96Hikmsm4FSBVvLdeOP6BmPanAO5F7xOxD7bwNLQqYF9TH_5Sub1ojgFK93o3rxtFUbFPi830WjWpN1-JIOr4-ODaTh-lVqIXcJHfZOTfF1H6Nw3DGtDnGL_jFvLRHr7ASezV-UV_2Jo3JOA_vYsfTi1bd2Vy9ToJIsnUX4MbLZNAlSD641ZOmfkeM1ERGvRL5mkXdhDsYueRPut2zIDYAikLhY6cWK1c2e7A0EXUYK7Pr_ZacKQY-YPS35IQijwrEwpvmZje5YvtTuWcYg9OPd43UO1ThuAKEjCRBkQ9nBKAN6ysctMq0ozX6d7tEdLsOvVGr2TMoy295GRymjRyFTlKjXQXel0IbaT5aez9PPNdPj4f0DNF3DO9wp8pbO3Odyvmkgq4w3El16ktaLi7Y7IForgAZ8lHSONGsTl6WJruxzp3uDYBtlJaFPtCGV2Peu0rZReUotMZmPc4CF40JzpGZVZ62QgqhRrW_fF2oHVfg6-UkHq9N2B1huzaG-3zu8V-mE9vucYuU6vCcFzAW01PkoRKLnDfsub96IOl23wruqSUKpAORY0VacsOwvfJ5sxaSwlRPtcSDM7YshPrjMI3y1ZbdR-2Bs43_m5Ry4-TPmDYH95SJtjqxDtAnHKn_JY_KcLJ_VzFsXPqsTmio_-7ZCpOLFAu0Q20OTcreMkxb3yWMQegoez1M7VfkungYiYXojYgY6FEwzpb1iLVxczs_L1dX_iuNB3NAOfP8mzsMlhWgYy7Yu6ERLrZj-dE9OFH_HMXITIZ0PeT8vR0AkLfseupfvhVUdK8_-z3Kli84JoCtcOlvkyV-xKlHse4P2z7Nbh6uBfmNpszldlCJJ5AoQHV0IYJHKoumr51U0RnOqDZAwHwcQhv46YcOOtQzXj-CuLJrscatnHTIAZjhl776TLdbq0OU28Cz9UVmcK_VD4ucBjDh_blXtlljGCni9gQxeOXjf_D6u8MGYbqxSZzNuqB79rU2mIEP4t8evRxOu3G4-q45OH2i1aiGnN-4IJAqtoMsy4ync3aVBl9J7YYZF9vv7ri6EmcvXP9zrfVW7gjq-UIfPmwDjCWrAAw6vDDFagsiQBMAjP8hkor2PpPoDAEMhDI4Vmr6SG3uBLwqmjhpyWf3kL1GXRhERF4nUVsq29IzRUg6lQZTHG1Ijnr7kRXiUjvvtBhCxhBGIexdhiDUWz_NvP8lld4G2JAA-FRQixugts14HC0okmZYyXFtTb0JPoetSjW-_9FqKt7XfcZfez2zSBxEtqm7dW9Mq_mZN3RML8GhslqDaS5XeM2MM2nwANOcQR0czCrUPzW7hn6pDjPZh1pig1eeGqIJ3KBj6oHY2FsVDqOZzCmRl0cuDBPsX5vYiHFSFU68j_mGFmg1iGEixuC2tvbUc0it6_DvIyI3tzxrxnv1YCz68k0EYCXr-fTsMyM1CO9ZHJmfXNgI2EXbLd9VGZ7pO835bzWFSEgzsk2OcBu9jzr9MNvLB3ANuD-lYwHJ_dfDmBsY4XQZFPwq1Fk6EoTrR7kgJvFKbr6sM2GbfhCH2gccAYmnxwfsgveDKrZwNFKr5YJE_Znvh0s6rTi9Cs_gYvNQFd0aC1XiS_1y4a0ScuaeIP7ZXc19F8-qIn_X9L2H-ypBxpK9eucU0xR75WwtFelDmGZsWsolQCeanJnMg0NX5_dMUIeugefjstUfHdcicUeLBwSqCD8gYSNYgO_aBGlDMCq4ET7iuKJRs8FabH_o2qbHzfYxobX8JHh01-Cb_kqMFtFkc-nm0wkrlapSJnbdYQg_CRItrXmu8Z6aTIUaFouv-DqjGYlWueeMorELT6hXOxdQUk2psMfbB6aWhoNWh5dlRCnglkV_Put97D7Bbk7D3grPDnnb9fUK6FdaUAWGpe3rnJrBF2Q8foTlKMtbRuhFd1-zWZsQfCLfhtg54WdJEuHCV_yn4VZJMqZuLCuX0em-nz0eAR_bCL9SnQpFWIS2niYFagUaCMhUEtowxQ3fh0JvBSMLF_5iRyo81CmrfkcuR_Daz-PKLH4G3X_zyYcX_9bSa_R4y6aYAq4dUgP-6kPmoNGiobshCBQ4CmRrFVWuU37JOOWDagZ_0_dfhV9kCWcLcG4t-sgNXpGhdDSEpwnZ5JQMVqNZaPnK1HjM8SCwgKH7YGI-w0B1W4XfyYziD4dNxCHjUx6VEY_xOZG1FLzduMXD_4MQhxxi0Qm5UiTnQENGUfy47jQuHBwW4ujXGCZqKBbQCYn4rWRYt0UDTKzhfAqmqe1Wix2JXG2KgCOdzcSWpodyOeeOfgHl3MWypN_DTWgIsifmdzpqNZ01nFWHGhwRrWYHL4nCkWZhqpnpDJSf7kZLEbevuw2h3MA4kbjjs1LT0A1NtRHfXq7QvpWuO5gxQ1qifUbNMf-Dg7R-31ljAV1vv2uNvNyO4vD__DIEg3ViPuuJvBfUGMrAarjOEzpy9KAodNzH7gPcbJSG1iDarTUNGEGKNi0PFBe4HLfxxRF5NUe19h0VhxaiqSEH5POXngz516b9OBeugXRkNKem-Sfvj5NrEWjx_0Cc3XYXX4zqWEndtbX6fXJFgvCuU1AzXTELQXS-gUiWtAJPV8I1pCTCY0Gz6qpkfwIvAYRpf3aRZGw539vPwHShmANU4mfme_9QmYY2NWLzw5iomLTkXN3hnadt3sQ-ytNiOB1gZaAhRXIXVoUYOsVCdvDp7NYafif6fbLP20TO_a5SoPkAE8gqk&cid=CAQSGwDq26N9cBJ41A7GYSyhCQu83yaJAqLd9EcNaBgBIA4&rfl=2%2Chttps%253A%252F%252Fvaybeu.com%252F%240
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.95.95 , Singapore, ASN199524 (),
Reverse DNS: asia.a.gcdn.co
Software: nginx /
Resource Hash: 61539205d56624d72efb22ae6dc279637588ba1c0f5725047d1767126ea0130b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: am3-up-gc89, sg1-up-gc55
date: Sat, 05 Nov 2022 15:08:49 GMT
via: 1.1 0186e9c41d0aebb13c1398b95b7f4756.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-cached-since: 2022-10-09T18:07:26+00:00, 2022-11-02T18:08:18+00:00
content-length: 35520
last-modified: Mon, 28 Mar 2022 08:10:45 GMT
server: nginx
etag: "1ae62b0367e3f6f7d0418c15050b13e5"
vary: Content-Type, Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT, HIT
accept-ranges: bytes
x-amz-cf-id: vc4Zyk2GL6XyswoKbz49mrV2TRd7Qtpcj9vS1Sv9XDmhNEeq07898g==
expires: Wed, 09 Nov 2022 15:08:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 5117 30 KB
11 KB 234ms
234ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 03:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 03:10:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 5117 8 KB
3 KB 234ms
233ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2990
x-xss-protection: 0
server: cafe
etag: 2274832811029412562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 02:13:59 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5117 0
0 723ms
248ms Fetch
image/gif 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmfRLtrJWtyo5lWJRKqU1PMEjCB1oosOguqIdq23Ey6cgWxmAwXKCKkGiPcFM1WM1q1CrCNczRbRfRYVnnfgTDk86NCiUW51aqNifEvRyZv468L1zYAkD6X-OqADty-4mkNqoICqLj7LPURv9AKLyTHQesIMe7mxoHG6kLeMsQWa8cS7OP205EYWqQOiW_hF90lAUYOKwzuazgFpeunxyfuR_dnlOirQmA4Sd40nKeSk1m2dMcOVDzipWjE0Stsxkgdz8wFXlZ3kwYavphfJhAVMi1g-ADGDFI08rFxpqiEKblY0znIjyvkeds6dGDaEUi14AfafAuYjv5EQrwOED9klcpYiR45LmPVwqEOx3h_nveewbpPobF51icNtOXfBBviv6jT1MGUQBiQ2Mh4gJqPNeR-EAm_CJ3AtFuli8Hm8Dg-G97XXQXS-xkO2YQ76g0A9fonjaZa8NOB_y0WUHn3J57kPnTejIy8g8BqKdcLMaWDHAwpg4qcJg5yrDC5ERNxXnSe0vPAufHN49UUoznCOFLXSlWmmWJKXNCSGbFktew9NU4uS7KlVjJfLc_DlqvAyO_GTR9YVspoiJn8ZiIagV-7xDCO7aZJjenmBCRCKWEMdcwzMONNdzYoc4fznedWSY7lw_h0LYPx7FqXuz11MCM7C9tFuQi9SPMfz-ByRbxyCowZaJ3cNwHDdIbcEqsmu5-KjowJCV-aSQMYFHZILEp7TZFD-GKBeEXrIlrpz6eOLWt5A-UVhvWXH_fejwv_Atqz47f5ARgWI8A31ToadGPNhhAsdN4KqEo8AXnwCQFtZYF3ea1j-kaJp0JM-UCYMykoWT8thCYk3XHOEjDUPlspdCAEn_mhLUdhOjl_njuVsyx9gEEFv6JgccQT1ivM6HC4C9TDe2f6oErspf_MQh_OtoEOIOmP28U6GX1riuRkv1rTexBSQoMj6X6G8deas7MYxdlYsMIIwBhv3MofDxTV8Vdxf3zwz4BVgdwCIxrY9W0_1D7evsCu9hSP8BVUxStMJc7R0MWZTpIcLWWqQijls_1xw-gpjCeCj7pIbE8zH3rxOXxtr-VoIa9HkJFoG-MEfa1MoNuGB54wh4O_xZlI6iiSxQWfDDlVgwvdnhxl4E8DJ_kSO-46FIg&sai=AMfl-YQI5TvF3nEUcD4smB-7yFf02WokCrSzm3frnBSgK30z6lMDYuH-_NGbqATXACd_buwzPI0fBtssC6-V_faIqeXI-jdD4T4t1I28fEoZjtcTU8v-gvNDUvM_yFDnUKgUn5j4XhvmNztr-X0yfDVFmZX0k4kTDKWr4FWm4_abd6vgX6kq6P4Rr3L1Ig&sig=Cg0ArKJSzKM0j-c8oh7FEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221027.87864&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 05 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 15:08:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FEFE 8 KB
895 B 237ms
236ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 13:12:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 15:08:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FEFE 2 KB
847 B 534ms
233ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:16:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 02:16:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame FEFE 23 KB
9 KB 536ms
236ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 01:48:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FEFE 3 KB
1 KB 281ms
233ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 02:27:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame FEFE 17 KB
7 KB 578ms
276ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS