urlscan.io logo urlscan.io
SecurityTrails logo

multibot.run Open in urlscan Pro
142.44.240.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://multibot.run/
Effective URL: https://multibot.run/
Submission: On December 21 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 97 HTTP transactions. The main IP is 142.44.240.14, located in Canada and belongs to OVH, FR. The main domain is multibot.run.
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.
This is the only time multibot.run was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 142.44.240.14 16276 (OVH)
6 104.17.25.14 13335 (CLOUDFLAR...)
1 172.64.141.13 13335 (CLOUDFLAR...)
14 172.253.122.156 15169 (GOOGLE)
2 172.253.63.97 15169 (GOOGLE)
1 146.75.28.193 54113 (FASTLY)
4 172.253.62.95 15169 (GOOGLE)
10 142.251.16.94 15169 (GOOGLE)
1 10 142.251.163.155 15169 (GOOGLE)
3 142.251.163.101 15169 (GOOGLE)
1 17 142.251.179.132 15169 (GOOGLE)
5 104.26.3.190 13335 (CLOUDFLAR...)
3 172.253.62.157 15169 (GOOGLE)
1 172.253.62.102 15169 (GOOGLE)
2 142.251.16.113 15169 (GOOGLE)
1 142.251.163.102 15169 (GOOGLE)
1 142.250.31.101 15169 (GOOGLE)
2 172.253.122.94 15169 (GOOGLE)
2 142.251.16.156 15169 (GOOGLE)
1 172.253.122.106 15169 (GOOGLE)
97 21
14    142.44.240.14 (Canada)

ASN16276 (OVH, FR)
PTR: 14.ip-142-44-240.net
multibot.run
6    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    172.64.141.13 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
14    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
pagead2.googlesyndication.com
2    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
1    146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)
i.imgur.com
4    172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net
fonts.googleapis.com
10    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
www.gstatic.com
10    142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
googleads.g.doubleclick.net
3    142.251.163.101 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f101.1e100.net
www.google-analytics.com
17    142.251.179.132 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f132.1e100.net
tpc.googlesyndication.com
5    104.26.3.190 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.rtbrain.app
g.rtbrain.app
3    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
www.googletagservices.com
1    172.253.62.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f102.1e100.net
encrypted-tbn3.gstatic.com
2    142.251.16.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f113.1e100.net
encrypted-tbn0.gstatic.com
1    142.251.163.102 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f102.1e100.net
encrypted-tbn2.gstatic.com
1    142.250.31.101 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f101.1e100.net
encrypted-tbn1.gstatic.com
2    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com
2    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
www.googleadservices.com
1    172.253.122.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f106.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
398 KB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com
204 KB
14 multibot.run
multibot.run
798 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
125 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
56 KB
5 rtbrain.app
cdn.rtbrain.app — Cisco Umbrella Rank: 12545
g.rtbrain.app — Cisco Umbrella Rank: 16355
166 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
193 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
149 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7364
11 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
316 KB
97 14
Domain Requested by
17 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 pagead2.googlesyndication.com multibot.run
pagead2.googlesyndication.com
www.gstatic.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 multibot.run 1 redirects multibot.run
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
7 www.gstatic.com googleads.g.doubleclick.net
6 cdnjs.cloudflare.com multibot.run
4 cdn.rtbrain.app googleads.g.doubleclick.net
4 fonts.googleapis.com multibot.run
googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.googleadservices.com multibot.run
2 p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com
2 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 www.googletagmanager.com multibot.run
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 g.rtbrain.app cdn.rtbrain.app
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 i.imgur.com multibot.run
1 use.fontawesome.com multibot.run
97 22
Subject Issuer Validity Valid
multibot.run
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
rtbrain.app
Cloudflare Inc ECC CA-3		 2023-10-19 -
2024-10-18		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://multibot.run/
Frame ID: 0D9CEED841E955AD4F7EB50B72F8EA28
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: F1FF68B839A8DBC14F73795A7033EAAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&adk=1812271804&adf=3025194257&lmt=1703155188&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_r&format=0x0&url=https%3A%2F%2Fmultibot.run%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188636&bpp=5&bdt=454&idt=165&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8386359946317&frm=20&pv=2&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: B51139F27592B1CA05985414C583F6DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Frame ID: 69F3262CC1593E008000F9C7F5620536
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&adk=3088186576&adf=964179395&pi=t.aa~a.664619069~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Frame ID: 9DC062D690454EF4C62D8675D9A64F5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&adk=1213588912&adf=3418555885&pi=t.aa~a.919773040~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Frame ID: E868FA728C95AC6586F8E1AEFA7A1040
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.845752464~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x90&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2659&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=15
Frame ID: F4E6116E509960588BE45929BCD3BE54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=90&adk=1162567870&adf=737391758&pi=t.aa~a.3844389495~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x90&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=20
Frame ID: 964DABF1D3B39A5BB047D048CBA3DFCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: ECA0E99C45828F21174072FFC32528F6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: DCC8BD687AD6F3F9FA50F5AF80F743B0
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 0070F21AC8C9AE4E78FA940AA2AA9769
Requests: 12 HTTP requests in this frame

Frame: https://p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 61A00FEA563F15C23B0D1EDACEBA1F5C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 20516A885762A00FD7BBAF6F3A2F8DC5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 369B07EEE9C9E33198E7A641772C4CB2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C48418D17C2723F56F2C1E67C3A39D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67E5A9A4C51795A5AB1891B10F28D04C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MultiBotRun @2023 - The best FREE games BOTs ! COC, CR and more...

Page URL History Show full URLs

  1. http://multibot.run/ HTTP 301
    https://multibot.run/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

2441 kB
Transfer

5059 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://multibot.run/ HTTP 301
    https://multibot.run/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgyorPzwEQ5QwYmQMyCJNiWW7BUjVL HTTP 301
  • https://tpc.googlesyndication.com/simgad/388799601516824345
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cqnc89BWEZZ2ONdmKrr4PwI6W8Av3htzwdLj-0M2CEGQQASD_s-6AAWD96KKB8AOgAeqn9eQDyAEJqAMByAPLBKoEyAFP0M4aQ5KL4RM8p_OT9SNHwxoguhE-YS2pkrl738RwT_RqkcHT1TOBAUWS84K_8XoBOW33RVAv2POhT52eN2mjt65Wuim4EkCjaiFqBoSa9FCg4xnQa8GiGixr_mDHEMAEgIzHadItjWksYex2iBbP0pOz9kIBFiuyorjlA66JJuuhRAM6YqWwFKNJNo4K3oTMftp76znE6fFkKnRjGq23oweWPcl_-I-6IKyiahVJvRp3XGpuWuYp1z7pyA6aqjbFiKb6otodV8AE6_vvjPkDiAW70KrdPpIFBAgEGAGSBQQIBRgEoAYugAf-14obqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEOCAFdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYzKKewKuggwOaCRRodHRwczovL2FwcHN1bW8uY29tL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEODbwJLYv7Pz2AESAgED2BMOiBQP0BUBgBcBshccChoIABIUcHViLTI2NzEwMDY0MTEyNzM4MzIYAA&sigh=B6u60aCJ4yw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_g2KaFUyAEPxSDoFPyxKzGgjgbinhCqRuDMfdRetWKWlqDdKnkPI4xHJs6mmo1QJDg0KCo8JPfooHJ0lJP1S-QoKDt48fLidMWBgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5842212dce876a410000000000000000%22,%222%22:%220x37e7b6dd5cc0cdd60000000000000000%22,%223%22:%220x20b2e379374fc1a00000000000000000%22,%224%22:%220x1f897cbffbe348190000000000000000%22,%225%22:%220x49823cc6b428a7c70000000000000000%22},%22debug_key%22:%2212380667085082549155%22,%22debug_reporting%22:true,%22destination%22:%22https://appsumo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221016943594%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228588217828985335121%22}&andc=true

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
multibot.run/
Redirect Chain
  • http://multibot.run/
  • https://multibot.run/
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
08039d10ffb0d77645673af9f7efa960434bec0699118f0b3b855f5b953f2932
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Dec 2023 10:39:48 GMT
Server
nginx/1.14.0 (Ubuntu)
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
194
Content-Type
text/html
Date
Thu, 21 Dec 2023 10:39:48 GMT
Location
https://multibot.run/
Server
nginx/1.14.0 (Ubuntu)
main.css
multibot.run/css/bulma/ 		242 KB
242 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://multibot.run/css/bulma/main.css
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
36b989f0af3be2297ea3d254dea480e232a5fb4fd3ecd846faab4ee98d447130
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:48:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef6a-3c6e5"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
247525
X-XSS-Protection
1; mode=block
hover.css
multibot.run/css/hover/ 		108 KB
108 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://multibot.run/css/hover/hover.css
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
72deda409b2dfb706aa74c3b0abe48ea3c87c5126ebc2aabfc68c90a929723a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:47:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef3a-1afcb"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110539
X-XSS-Protection
1; mode=block
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/jquery.fancybox.min.css
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f3d53dd2240261f157695adf386a5c08014298c19f62ccf63cd162996892d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2949
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-36f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccv%2Fm7HbHTyCF%2F55%2FrF4WAWgWCOWOUtKVT2akqjdsyu8JrBnPNrLPiV%2Fwu%2F2nfxYWG6FOFIbHi0%2Fk9o6q2ngIOs9nzpIzxTt1hSZpq5dQcdW8QIrwS8OCKzUmjsL7XZqtkWHABOD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f80d67b427150-YUL
expires
Tue, 10 Dec 2024 10:39:48 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ 		57 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2427240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3541
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-e283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngupFf7Itbzg7rB37OeoaFvmdiRkc4f39BKuYqSuOsk%2FUg%2FXdJhxkYvD2hv7rt267Bl35XwByDwZgw5qMBYrUGgZevhTL2dnJFuVFCWql%2F9Xhv5OatjbxsJc3oXn1PK4W%2B3xk9T%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f80d67b417150-YUL
expires
Tue, 10 Dec 2024 10:39:48 GMT
Layout.js
multibot.run/js/ 		865 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://multibot.run/js/Layout.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
17d79da90456990d80e232263e65f7a00cd789e170c6c94e23b96872fbc866db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:48:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef94-361"
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
865
X-XSS-Protection
1; mode=block
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
89412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDfb0cVIPhvkmlTZlUIIFqhNqZ2am4Ur3FORPjHbGCKxCAO86Rm4eS6MV%2BeV%2BAYKY%2FIvgCtimX%2Fm6FGhWleRGT%2FGUP7McsacVTk9g9T3VFVIqRgo8KHJ9BwkLQtxrgmBOpr%2FxjcP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f80d67b467150-YUL
expires
Tue, 10 Dec 2024 10:39:48 GMT
all.js
use.fontawesome.com/releases/v5.1.0/js/ 		893 KB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/js/all.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.141.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1990990
etag
W/"004993df80280fa6c4af6ca17c4e5433"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dxy%2BrIlrNKkQzBsdaCafKVz%2Fco7KnDgylaNVtdjoyXVtA0vTFuKzdOBZOVm4o2Vd1UATYWx9z0UY4JrVV85%2FpcNAVOylh0tOrp6czA20jkviKnQsK19ljMWeSFu6OJPKb70ntH3A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31556926
cf-ray
838f80d69d3c72a7-EWR
alt-svc
h3=":443"; ma=86400
jquery.waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2428424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2417
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-2281"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CziHw9lDk5%2Feaeh6FmDR6uPElhRjSO4fxY9YB4kFbiLIZpTUuK6BrYQXJzLrZmx1sorEetZKfIQejEXY7uYmw6SjZs1wt%2BBUbwGLojbfIotxLzHrS5ea1sJ5Tlh7FTb5TT4w%2BMhb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f80d67b437150-YUL
expires
Tue, 10 Dec 2024 10:39:48 GMT
countUp.min.js
cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.min.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1240
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-ee7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZbLqFJUiXenSue2MklciXQa%2F9UvloiArmM4eivbUZTKMwjiHlf7dPaPp%2FPD89cK1mRoHs1g7Stq%2FclGxSa64bJ6ualvVSyAtXcM2tkTwj6VsYjO4n%2BJmWBm0OP7hTOMnIdXCylu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f80d67b447150-YUL
expires
Tue, 10 Dec 2024 10:39:48 GMT
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.3.5/jquery.fancybox.min.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dbe2075e08dfc008a9a1290dc149f6ee360215610cc1944bdb625c0aee3b83c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2346338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17617
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-f02e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k085gmt40xLffMMKrFKrTjeglsGUUlE0vRH1BP8YolisChytZZNefXpx9%2FX5USU1bCCEscGnvZ%2BaTlfwZOwOujdLk9FcRjIr%2BvpZCLLvgbkemKqnUlhXRT5rQLhgnYZDHGzrJ2s4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f80d67b457150-YUL
expires
Tue, 10 Dec 2024 10:39:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
035ce2116b26aea1f75ff555ea347cb9375a88cc3e34e5f0a7bc48da87748789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51555
x-xss-protection
0
server
cafe
etag
12811451508248557941
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:39:48 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117971760-2
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
29dcfa32eb6ea29fa2283f55ed9eab7372bb11609764d416b031ee61fcac4191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68918
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 10:39:48 GMT
website_icon.png
multibot.run/favicon/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/favicon/website_icon.png
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
810ab9f35adece1d37d614de75a59912c0fd855e7ab342abc4d3407430b30f09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:48:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef94-1ae2"
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6882
X-XSS-Protection
1; mode=block
Home.js
multibot.run/js/ 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://multibot.run/js/Home.js
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
376fc8ba9a646d7c7a3ca1290d67c1bd1480e319e92c78878000ffd3b4c7a74f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:48:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef94-284"
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
644
X-XSS-Protection
1; mode=block
ZVRhgTQ.png
i.imgur.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/ZVRhgTQ.png
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1df392cfe171c069104085ec7152039923cde98bf32f890cffa5706ca0eef027
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
2402953
x-cache
Miss from cloudfront, HIT
content-length
11193
x-served-by
cache-iad-kiad7000158-IAD
last-modified
Tue, 23 Feb 2021 19:14:25 GMT
server
cat factory 1.0
x-timer
S1703155188.420276,VS0,VE1
etag
"46048c296d9f04c975652f6a26862f62"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b137EprkV49WyRQFffTZVy0J0OzFt2Ynp2ukqP2uOLvbQ_bInIAR9w==
x-cache-hits
1
auto_clans_bot.png
multibot.run/images/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/images/auto_clans_bot.png
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6d68610b6d7b516ce0ca6b95c9c3be7f3ba2dba9680805a8832f402e0f63ba9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:47:14 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef32-2811a"
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164122
X-XSS-Protection
1; mode=block
auto_royale_bot.png
multibot.run/images/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/images/auto_royale_bot.png
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
63afe528c3351578ade1d27cea55dd703e4013ced513b25319d623da02b09d39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:47:16 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef34-1d590"
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120208
X-XSS-Protection
1; mode=block
diamond.svg
multibot.run/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/images/diamond.svg
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d6c24c986c7410379221b2c1f037685d1f577dbef5327ae3bb474a775fd5f952
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:47:14 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef32-4d1"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1233
X-XSS-Protection
1; mode=block
gold_medal.svg
multibot.run/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/images/gold_medal.svg
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
05e8d9fae7f24483545d303be8550c3b10dec13272d65080b5ce285a639a5d09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:47:06 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef2a-30f1"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12529
X-XSS-Protection
1; mode=block
fire.svg
multibot.run/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/images/fire.svg
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c5f441c1e2541d6327c0204f59a4fd57cdd3245eb4b88eb8a7016eed32a9ba57
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:47:06 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef2a-5f7"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1527
X-XSS-Protection
1; mode=block
promac_icon.jpg
multibot.run/images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/images/promac_icon.jpg
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f4ed7431bdcfc8c0e550e6660927729a296f2ef94f0b46e45fa991563257bab1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Nov 2021 21:59:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"61a54d47-1830c"
X-Frame-Options
DENY
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99084
X-XSS-Protection
1; mode=block
rorotiti_icon.jpg
multibot.run/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibot.run/images/rorotiti_icon.jpg
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.44.240.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
14.ip-142-44-240.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a0d2ba3e3c17e0b7bbbf365a92019815a270a214a06fbd574966a0ba80c8a740
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:39:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Oct 2020 10:47:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f9bef2e-9f77"
X-Frame-Options
DENY
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40823
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Sarabun:400,700
Requested by
Host: multibot.run
URL: https://multibot.run/css/bulma/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
e7ccce3cfadd03ec5a5e5dfddf09b6b705ad6725d2256604cab8993467e52b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 10:39:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 10:39:48 GMT
DtVmJx26TKEr37c9YK5silss6w.woff2
fonts.gstatic.com/s/sarabun/v15/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v15/DtVmJx26TKEr37c9YK5silss6w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sarabun:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
ad4e2d51cf7f8cad0b33fcae853656fa79fa2da3e9828bdf50895a88d9463259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://multibot.run
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:21:55 GMT
x-content-type-options
nosniff
age
440273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11632
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:36:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 08:21:55 GMT
DtVjJx26TKEr37c9aBVJnw.woff2
fonts.gstatic.com/s/sarabun/v15/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aBVJnw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sarabun:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://multibot.run
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 23:53:22 GMT
x-content-type-options
nosniff
age
470786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11452
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 23:53:22 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
b3f8b6630b6dff3720b43b2e745b4a2c6843539a16af9dc3cf5b98af45eb4a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137927
x-xss-protection
0
server
cafe
etag
6944461894553272985
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:39:48 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame F1FF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 09:21:07 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 09:21:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		234 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HLQWFMNHYY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117971760-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8859ab6936413a1da365d7fd35cf99f9ab80d2deb93d4ac4440d8c6042e48672
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83332
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 10:39:48 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117971760-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Dec 2023 09:30:19 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4169
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 21 Dec 2023 11:30:19 GMT
collect
www.google-analytics.com/g/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HLQWFMNHYY&gtm=45je3bt0v9117077854&_p=1703155188493&gcd=11l1l1l1l1&dma=0&cid=2017250688.1703155189&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703155188&sct=1&seg=0&dl=https%3A%2F%2Fmultibot.run%2F&dt=MultiBotRun%20%402023%20-%20The%20best%20FREE%20games%20BOTs%20!%20COC%2C%20CR%20and%20more...&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=728
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HLQWFMNHYY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://multibot.run
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B511 		276 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&adk=1812271804&adf=3025194257&lmt=1703155188&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_r&format=0x0&url=https%3A%2F%2Fmultibot.run%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188636&bpp=5&bdt=454&idt=165&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8386359946317&frm=20&pv=2&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ae94973f3d4a93394e873436ca387f84edad751527fed355319cf425c4550271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
69383
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Thu, 21 Dec 2023 10:39:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=column%20is-3-desktop%20is-8-touch%20box%20animated%20pulse%20infinite%20has-text-centered&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20is-fixed-top%20is-primary%20animated%20fadeInDown%20faster&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 69F3 		147 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
697fc0faf4f834a6889adafaebe41fc42b44e1359b10709fa42e8291e23d05c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44090
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Thu, 21 Dec 2023 10:39:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=830713887&t=pageview&_s=1&dl=https%3A%2F%2Fmultibot.run%2F&ul=en-us&de=UTF-8&dt=MultiBotRun%20%402023%20-%20The%20best%20FREE%20games%20BOTs%20!%20COC%2C%20CR%20and%20more...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1508294824&gjid=1895529060&cid=2017250688.1703155189&tid=UA-117971760-2&_gid=363980435.1703155189&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=694780828
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://multibot.run/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://multibot.run
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
d74de076d9c90f3d4cdd757799412583d97e8febe411202b5f54de6bfdc01096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56005
x-xss-protection
0
server
cafe
etag
12404162226298872930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:39:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9DC0 		719 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&adk=3088186576&adf=964179395&pi=t.aa~a.664619069~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
34e64a43b6b54c977efbc6c5afcceb5b67e1e0282a9df2a069e2f665f9720284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Thu, 21 Dec 2023 10:39:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E868 		719 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&adk=1213588912&adf=3418555885&pi=t.aa~a.919773040~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
6a5d98efcc7082787912dfe2b5a322e26ab279db560b582d945938201edfaf5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Thu, 21 Dec 2023 10:39:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F4E6 		719 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.845752464~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x90&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2659&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
91f5579c85bb75e8b15a52c0ba73bfb87f12dbb216e19f7f55ca812d224da3a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Thu, 21 Dec 2023 10:39:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 964D 		719 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=90&adk=1162567870&adf=737391758&pi=t.aa~a.3844389495~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1703155189&rafmt=1&to=qs&pwprc=1131281508&format=1200x90&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155189481&bpp=1&bdt=1299&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
98b450edb7f6d2dbfa77af4c41ffff767d979335d1bb8cbfe23f9ae3a7673e91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Thu, 21 Dec 2023 10:39:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame ECA0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
74811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 13:52:58 GMT
etag
5585625838579639069
expires
Wed, 03 Jan 2024 13:52:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame DCC8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
74811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 13:52:58 GMT
etag
5585625838579639069
expires
Wed, 03 Jan 2024 13:52:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame ECA0 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 10:10:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 10:39:49 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ECA0 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 07:36:52 GMT
x-content-type-options
nosniff
age
10977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 20 Dec 2024 07:36:52 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ECA0 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:46:17 GMT
x-content-type-options
nosniff
age
14012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 20 Dec 2024 06:46:17 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame ECA0 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:41:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
35900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:41:29 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame ECA0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:41:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
35898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:41:31 GMT
index-08bee3b1.js
cdn.rtbrain.app/ng-assets/creative/assets/ Frame DCC8 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2592
cf-polished
origSize=107390
x-guploader-uploadid
ABPtcPr_YWk23o3ry2a2FPHQ41OoscZCr5I-bFA9l64YUVMEJ7R0xmkN4OitPSwCy6S0Rt4ew6LbKqAfrmr3rQZ68O0XgP3VOy7G
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-bgj
minify
last-modified
Thu, 07 Dec 2023 14:16:01 GMT
server
cloudflare
etag
W/"eb3bd05687aff47dc216f3861993307b"
vary
Accept-Encoding
x-goog-generation
1701958561063690
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=uVi5mA==, md5=6zvQVoev9H3CFvOGGZMwew==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVft8n9jgNN7LPTdV05uWgxQGGlSTvVVOZOaevhnZH7J2Nxh9vJjiJzktIZwsgIR42b%2BmFlc%2FookWakpHGBX%2BbAcpFdEfMkowUrvookYa8F0AoENwyj587aQeKjJ8gFsaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
107390
cf-ray
838f80df8dfa54bb-YYZ
expires
Thu, 21 Dec 2023 10:51:02 GMT
index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame DCC8 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2483
cf-polished
origSize=12801
x-guploader-uploadid
ABPtcPp1VZiUmAQoBQxE1P-OM4QXs9sck70F8P4dPwIZvnAtDLQ9_HBw0ZKnIf2l8H3Uhk8BZ4wRYu5QWv5CBu9PxFHivve-CONB
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-bgj
minify
last-modified
Mon, 27 Nov 2023 14:44:13 GMT
server
cloudflare
etag
W/"e698b92f41bf324999730858bf1a8adb"
vary
Accept-Encoding
x-goog-generation
1701096253798128
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAoDf%2BAoOFG2TV0sKOeNu7p6WvPGRd99390eu%2F2X%2Fx8xihCmiO%2BrMeJJBhBAB9cgk7FplAR4OjfKFfi%2B1mruysByRUD8psmBBpAYBmgVNzWEncVlsqzs3wNzp6ZbAlH41A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
12801
cf-ray
838f80df7b63a220-YYZ
expires
Thu, 21 Dec 2023 10:58:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DCC8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
35787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:43:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DCC8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
35825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:42:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DCC8 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:39:49 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 0070 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 06:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 06:24:32 GMT
d500f8b303efba9f5ab695bab8da4c89.js
www.gstatic.com/mysidia/ Frame 0070 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8365
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 00:38:53 GMT
css
fonts.googleapis.com/ Frame 0070 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 10:35:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 10:39:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0070 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
35912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:41:17 GMT
92da1c8e4790a69c4d76e84ba2e3001c.js
www.gstatic.com/mysidia/ Frame 0070 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 07:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2259
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 07:43:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 0070 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:41:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:41:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0070 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
35787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:43:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0070 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
35825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:42:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0070 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:39:49 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 0070 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 03:47:09 GMT
css
fonts.googleapis.com/ Frame 69F3 		4 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:51:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 10:39:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 69F3 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
35912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:41:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 69F3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:41:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:41:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 69F3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
35787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:43:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 69F3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
35825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 00:42:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 69F3 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:39:49 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 69F3 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 03:47:09 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 69F3 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRqojQ4GF2LHnLGZPGzk8vhfq7E-u482MvCHXqD_lNw8sabirVXECrB20gBQeI&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f102.1e100.net
Software
sffe /
Resource Hash
d6e5cc4845ee21e2dd0233281668301df982a54995012333708fab1aba38b3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:14:36 GMT
x-content-type-options
nosniff
age
15913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34422
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 10:09:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 20 Dec 2024 06:14:36 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 69F3 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSlAUs-RS-dEhCZAJD7mWAJxX0yd2HDDXGN0cMM_dtiVNV2K1ww3x_jpNLemRo&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f113.1e100.net
Software
sffe /
Resource Hash
d7f70dd7f7d214c149e34730642d3ce09118c964c11863e8cf03e760cf521415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:05:34 GMT
x-content-type-options
nosniff
age
16455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16636
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 06:47:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 20 Dec 2024 06:05:34 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 69F3 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQgXzU_uwLGrAsyDfWRmO0KtYYGXGjbdjwQ348zF7Y3gp5bTGR27ctlVD_jJVE&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
sffe /
Resource Hash
b73854a6f5803e25c017eafde16c5e669c0fd27b9ad1bdaf2d2a603a3088f01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:09:07 GMT
x-content-type-options
nosniff
age
16242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23390
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 04:09:56 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 20 Dec 2024 06:09:07 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 69F3 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQsHDn-Hms1wPkIYNBYh2-2qEXGY0vvflD--haF3ADVnKvmqwYUPPdfNLjnrPM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.101 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f101.1e100.net
Software
sffe /
Resource Hash
5e1e0f8fdbbf61fdbdee9f0d1dd27b45003d9fb3852babc864ae2aecba9f6873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 08:24:58 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24272
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 20 Dec 2024 10:39:49 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 69F3 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSjpG72BnTYPiDez93Bqr9CI-XzoOioPOgZWtacaVmRJmZ7meReb3O33h654A&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f113.1e100.net
Software
sffe /
Resource Hash
3ef1e4f2da6c3247458ba54f2e1454551b7f9451a474ab6e5670d1df9b5cbe3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:39:20 GMT
x-content-type-options
nosniff
age
14429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11689
x-xss-protection
0
last-modified
Sun, 01 Jan 2023 07:14:08 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 20 Dec 2024 06:39:20 GMT
388799601516824345
tpc.googlesyndication.com/simgad/ Frame 69F3
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgyorPzwEQ5QwYmQMyCJNiWW7BUjVL
  • https://tpc.googlesyndication.com/simgad/388799601516824345
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/388799601516824345
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H2
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
sffe /
Resource Hash
01bc94eace248cc63c0a8d0310a58823e49c52e536348b593929f503740874a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 20 Dec 2024 06:38:11 GMT
date
Thu, 21 Dec 2023 06:38:11 GMT
x-content-type-options
nosniff
age
14498
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15695
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 22:16:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Thu, 21 Dec 2023 06:27:27 GMT
x-content-type-options
nosniff
server
cafe
age
15142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/388799601516824345
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 20 Jan 2024 06:27:27 GMT
redir.html
p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 61A0 		247 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
482f7e6d943370d673b5277f2a806e9dee28f2105a6a08c0c5b4f2dd81984617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
205
content-security-policy-report-only
script-src 'nonce-ArVm_XZQwnol1AHu5RCgiQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 69F3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6544c4567d730a9bd0c301f217b8b9d7936aa828c7bfa070789ee174fa90846

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0070 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX3JlbGVhc2VfY2FuYXJ5Cg0QKyEAAAAAAAAmQDAECg0QAyEAAAAwMzNWQDAECg0QDSEAAAAAgJm5PzAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAKkAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAOBD9UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAmJk5ZUAwBBIaQ096aG5jQ3JvSU1ERlhZQ2FBZ2RFUFFKblEiKmltYWdlL2ltYWdlX3ZpZ25ldHRlX3RyYW5zbHVjZW50X3YyX21lcmdlZCgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 69F3 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:47:14 GMT
x-content-type-options
nosniff
age
456755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 03:47:14 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 69F3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cqnc89BWEZZ2ONdmKrr4PwI6W8Av3htzwdLj-0M2CEGQQASD_s-6AAWD96KKB8AOgAeqn9eQDyAEJqAMByAPLBKoEyAFP0M4aQ5KL4RM8p_OT9SNHwxoguhE-YS2pkrl738RwT_RqkcHT1TO...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5842212dce876a410000000000000000%22,%222%22:%220x37e7b6dd5cc0cdd60000000000000000%22,%223%22:%220x20b2e3...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5842212dce876a410000000000000000%22,%222%22:%220x37e7b6dd5cc0cdd60000000000000000%22,%223%22:%220x20b2e379374fc1a00000000000000000%22,%224%22:%220x1f897cbffbe348190000000000000000%22,%225%22:%220x49823cc6b428a7c70000000000000000%22},%22debug_key%22:%2212380667085082549155%22,%22debug_reporting%22:true,%22destination%22:%22https://appsumo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221016943594%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228588217828985335121%22}&andc=true
Requested by
Host: multibot.run
URL: https://multibot.run/
Protocol
H3
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:50 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x5842212dce876a410000000000000000","2":"0x37e7b6dd5cc0cdd60000000000000000","3":"0x20b2e379374fc1a00000000000000000","4":"0x1f897cbffbe348190000000000000000","5":"0x49823cc6b428a7c70000000000000000"},"debug_key":"12380667085082549155","debug_reporting":true,"destination":"https://appsumo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1016943594"],"22":["true"],"4":["12-21"],"6":["true"]},"priority":"500","source_event_id":"8588217828985335121"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:39:50 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 21 Dec 2023 10:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5842212dce876a410000000000000000","2":"0x37e7b6dd5cc0cdd60000000000000000","3":"0x20b2e379374fc1a00000000000000000","4":"0x1f897cbffbe348190000000000000000","5":"0x49823cc6b428a7c70000000000000000"},"debug_key":"12380667085082549155","debug_reporting":true,"destination":"https://appsumo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1016943594"],"22":["true"],"4":["12-21"],"6":["true"]},"priority":"500","source_event_id":"8588217828985335121"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 2051 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2671006411273832&output=html&h=280&slotname=6071982931&adk=1965850690&adf=1177066395&pi=t.ma~as.6071982931&w=1200&fwrn=4&fwrnh=100&lmt=1703155188&rafmt=1&format=1200x280&url=https%3A%2F%2Fmultibot.run%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703155188641&bpp=2&bdt=459&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8386359946317&frm=20&pv=1&ga_vid=2017250688.1703155189&ga_sid=1703155189&ga_hid=830713887&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=128&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320884&oid=2&pvsid=392720642209846&tmod=177579339&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 02:57:47 GMT
iframe.html
p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 61A0 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
ce65349d4adaf6044c2381e67f447e84ac578c7d1993c85ab2dba71e1b2e5ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1986
content-security-policy-report-only
script-src 'nonce-Ur5UaS7ahMKkz-f-V7vX7g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5842212dce876a410000000000000000%22,%222%22:%220x37e7b6dd5cc0cdd60000000000000000%22,%223%22:%220x20b2e379374fc1a00000000000000000%22,%224%22:%220x1f897cbffbe348190000000000000000%22,%225%22:%220x49823cc6b428a7c70000000000000000%22},%22debug_key%22:%2212380667085082549155%22,%22debug_reporting%22:true,%22destination%22:%22https://appsumo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221016943594%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228588217828985335121%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 10:39:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
RobotoRegular.woff2
cdn.rtbrain.app/compressedFonts/ Frame DCC8 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/compressedFonts/RobotoRegular.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2944
x-guploader-uploadid
ABPtcPpV5aQ1A07LHUelgQe3Dl3YPnqQLMObVWKD3WM7sekS11eYDmXTuy8TvWZyfKnX7oHiQkBgjo4W5OtqUjDIAOV0n9S6leEc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
61736
last-modified
Wed, 29 Nov 2023 10:07:40 GMT
server
cloudflare
etag
"ede84d96808c486e3de74cbd8f2a2c80"
vary
Accept-Encoding
x-goog-generation
1701252459996546
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6xRp7yQf61K%2BaWDTtvLwnyFNotE3CMYNl1HKhkWwEnuuWMvt5CmzgWBIrQCxaylt1BgSvrY%2BXWIzVH415PLneV5mlej1IecmXRqqaL%2BTphNeckwDvrJJxyeFkwyQImZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
61736
accept-ranges
bytes
cf-ray
838f80e1beec54bb-YYZ
expires
Thu, 21 Dec 2023 10:39:42 GMT
RobotoBold.woff2
cdn.rtbrain.app/compressedFonts/ Frame DCC8 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/compressedFonts/RobotoBold.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2687
x-guploader-uploadid
ABPtcPqiNbtDLSRyqGj0Ekgq2HHc3jtxLSSkHknkCxAeNvjTAKi8Ev_0ExBzXesR-bOjRuuD2-xjTy6XU5vC2aaKqKljP5_zxxMq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
61628
last-modified
Wed, 29 Nov 2023 10:09:00 GMT
server
cloudflare
etag
"1033a47731e45f7bd46a1962359e96b4"
vary
Accept-Encoding
x-goog-generation
1701252540208192
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdLlQAWJ%2FdlAVNPGHnP6ukN9adHzRR5u%2FlKPtVtiNyGaXbwuDgIlvXRvnGrm3fuKJJTGBj7V7D1MR5zP0FX2PuubbbSCheFzM7hlWLmIUkUFy8fLAzL8VwzyhfbYQpsspg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
61628
accept-ranges
bytes
cf-ray
838f80e1beed54bb-YYZ
expires
Thu, 21 Dec 2023 10:39:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
9e175239fe61dc6998a19bd79e98f7a52732939617a53a1950bee0203bfe5259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12243
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 369B 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 02:57:47 GMT
rtimp
g.rtbrain.app/ Frame DCC8 		0
962 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.rtbrain.app/rtimp
Requested by
Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsEokyPDDQ2dF1dji6hvAeNgHoDqBqJ%2BiQIqvIWJ%2F95nBkLB2I0yIHEAtsRIo0KZVdCtzrxajw54VVfSe9pOaLyScqkKfEHGmclciVhwIaCDHZXRjxNK1hQHvoBav%2F0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
838f80e1fd2fa220-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0070 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX3JlbGVhc2VfY2FuYXJ5Cg0QFCEAAAAAoKH1QDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAAAJB5QDAECg0QMiEAAAAAAAAAADAECg0QMyEAAAAAAAAAADAECg0QNCEAAAAAAAAAADAECg0QNSEAAAAAAAAAADAECg0QNiEAAAAAAAAAADAECg0QNyEAAAAAAAAAADAECg0QOCEAAAAAAAAAADAECg0QOSEAAAAAAAAAADAECg0QOiEAAAAAzMzsPzAECg0QOyEAAAAAAADwPzAECg0QPCEAAAAAAADwPzAECg0QPSEAAAAAAADwPzAECg0QPiEAAAAAAAD4PzAECg0QPyEAAAAAAAD4PzAECg0QQCEAAAAAAAD4PzAEEhpDT3pobmNDcm9JTURGWFlDYUFnZEVQUUpuUSIqaW1hZ2UvaW1hZ2VfdmlnbmV0dGVfdHJhbnNsdWNlbnRfdjJfbWVyZ2VkKCM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:39:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C48 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
33936
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 01:14:14 GMT
expires
Fri, 20 Dec 2024 01:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 67E5 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f106.1e100.net
Software
GSE /
Resource Hash
66ecd3d69945a02bfe18a2a9e7091836caf8b8520f4afefb9ca13068b00c231a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IBiylkxgH7QxDULHeezN_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://multibot.run/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IBiylkxgH7QxDULHeezN_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:39:50 GMT
expires
Thu, 21 Dec 2023 10:39:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1C48 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 09:11:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 67E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=392720642209846&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1C48 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?u1MLqQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:39:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 69F3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIZYQjg6hrucLNTJJqYh4gbK7ezyz3Xv74Bn7IVlncHGxCzhdR5ZQPgwpwXY8WdyW8GO9gjD0CzegUmYx4a2X9laRmfaHTApySdWHYAcLgWlxyM5qWIL_UeQPcJojdUTAgv7mcZ2WG53H6jroVVTR-qqoW&sai=AMfl-YTEG79y8WP-_1j-yesPfap-FVhHk370XsNvk12HJD1I1egtr2UjHVrJCxljj2m8nbJRGAgH9BxiBrSI1GCNajY3jB3KIWfVXrl_DsjKmkphJH7x9JHm_tKhx_HZRtiHSngA0UCXTenbbGPfPPX9&sig=Cg0ArKJSzFu0J7pD0UvDEAE&cid=CAQSTgAvHhf_g2KaFUyAEPxSDoFPyxKzGgjgbinhCqRuDMfdRetWKWlqDdKnkPI4xHJs6mmo1QJDg0KCo8JPfooHJ0lJP1S-QoKDt48fLidMWBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1965850690&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703155188836&rpt=1044&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=392720642209846&bg=!3N-l35DNAAY3kmNgF5I7ADQBe5WfOCSX8EorXxnwktDIpybm4Te-L2uAFW1A8RuKSKDpGMLOoEUNBXIkKDu_i6QDYcTkAgAAAGJSAAAAA2gBB5kDBXBju10Si_0hb7Nyf8AzroYvTOgjKtGrlvA-FfkO4LzY2YH6wNvJBpal-IJ3BnK393HPYItyfp-LbibNj5KMnfjB8GzsTLYHoWu0WgTu1bmCfwIxm0f5AyNyN2qFi_0F1o6ojbkrxSKlwWck3T-iOGCxei_1fOH-B7l5eoEhPx_nHHAGOiKJvh6J75H9aR8F1WZp_WpImkRnXAHusEPN069jFcLooNoUKJMB5R7I_TXd73RYWjAve9IKTLlz3Cyx5NCvv6WIGY4i6UEHHuYX4OBSdFRdJbNaXt0FyETGSmvtPgOl45SVqDyh8DNcwin5Pn_4bkYwi-GnxmDFNSlytg_eG70LrLNaQBuv8Czids0OPug-YhEi41CDv5dcL7_N0UpuXbZjYYyiGOH77Ibd33evmKRDCNIJKslXPFXLZz2lVg83kI87n1yNxR6a8ehhNRsvl2sZaKqSLgJJlb_nKkQd6C1KIVzxQQm8xcNMBxy4ooNqbIPajbfGUZuAH0sFn-khv3M56GTkTvsMs75xddcByUaoZ7xdJwB3Vxoj1f13sUXYRRh43oyREIJ2XBDSpSwvnakyABRUF3GAFDQpBo09b-BytnB7qKWuYEvrDBqUwWgueNu-kbFxQY4_c3KUmcyHi2FYuSk4NkHTbfDE17nAlLkcRhV_neza1iEWS1OcvysihO9eRXCLMqsFEPjCHaMnUchDcsfUNK_IrCpewQI8Wnsy47s-RvpW7g3hV61Az2X0b4xWbbemTXe9eY6cXMgCBf1e5aXtqyXw3cMKxGdG8Hfef8rROKfmRnlAmyaqVRRvn9doYopUTK5UJkKcFA7WOf5ko87X8rHd-vD07eNN9KwBCPvbSB_fHkhq0irKAeai-qBfSA3PPoeEOEIUI2xvFtUJEZLQ7a64v3TdA3q2agJ6LzQGSumFc06jYDjqnNnviRnZbWIdwlxIxw2gN1YRw1WJSC1AlIiiTtrnTiiaGjIiT4VeCRRBKmApV-EAK3c4RN2qRrFyK1qEHp2pXWqjFhPG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://multibot.run/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| $ function| jQuery object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Waypoint function| CountUp function| gtag object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp object| googletag object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
multibot.run/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdRNnVDU3RNbWZ5eHZud2xiWEgzSnc9PSIsInZhbHVlIjoiMWFnSFM0MUhtN05SSktCeXhiYm9kTkQrdFlWWGYrUkdENDN6TUNDVkpLTkx1eU1YaVcwMkwzNjF5N29aQWtjMSIsIm1hYyI6ImZmZDE4MjY4YWQzZjk0MWI2YTYxNTU5M2QxNDcxMDNjNjA1NDA4Y2JhNTAxOWFkOTU1YTg4ZmQ1MTNmMjRiMTkifQ%3D%3D
multibot.run/ Name: laravel_session
Value: eyJpdiI6InRcL3FTa3lWbm4xOW44YmxcL1BLdzJjdz09IiwidmFsdWUiOiJXaFlraE5rMUQ2RWR0ZWJEOUJmSm5rdk53ODhNcE9sSUxmRXc2RGF3RCtPeXUyeHY0TFlHQkxJT3pQdVkrT0ZqIiwibWFjIjoiYjNmYTRkZDZkMjQ2MjJmNWEyZmNkYjNjMjAyODVlMmVmZmVkNGExNmMyNzM5ZjlmYzVlNjBhMWE0MjZiODgxYiJ9
.multibot.run/ Name: _ga_HLQWFMNHYY
Value: GS1.1.1703155188.1.0.1703155188.0.0.0
.multibot.run/ Name: _ga
Value: GA1.2.2017250688.1703155189
.multibot.run/ Name: _gid
Value: GA1.2.363980435.1703155189
.multibot.run/ Name: _gat_gtag_UA_117971760_2
Value: 1
.multibot.run/ Name: __gads
Value: ID=8dda4114e5622bf0:T=1703155188:RT=1703155188:S=ALNI_MZTN9wPKSauIueg2sdHowMgjSkpyA
.multibot.run/ Name: __gpi
Value: UID=00000dac038c95e0:T=1703155188:RT=1703155188:S=ALNI_Makel3l7RNh6oa5bGnECgv8-t_oJA
.doubleclick.net/ Name: IDE
Value: AHWqTUlkrDLNsG6AcZhzpQx0KJR7_aVOnLAguxu4gDL-6qeG3JRh-jYwP7ZPPAGL58o
.rtbrain.app/ Name: uid_cross
Value: 448ab65c-9fed-11ee-9e87-622093101e96
.rtbrain.app/ Name: sid_cross
Value: 43dfcada-9fed-11ee-8a7a-86bff8f512f8
.googleadservices.com/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rtbrain.app
cdnjs.cloudflare.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
g.rtbrain.app
googleads.g.doubleclick.net
i.imgur.com
multibot.run
p4-fhhbxx4n3anuq-w3e6mgtyucwkz5ea-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.17.25.14
104.26.3.190
142.250.31.101
142.251.16.113
142.251.16.156
142.251.16.94
142.251.163.101
142.251.163.102
142.251.163.155
142.251.179.132
142.44.240.14
146.75.28.193
172.253.122.106
172.253.122.156
172.253.122.94
172.253.62.102
172.253.62.157
172.253.62.95
172.253.63.97
172.64.141.13
01bc94eace248cc63c0a8d0310a58823e49c52e536348b593929f503740874a1
02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e
035ce2116b26aea1f75ff555ea347cb9375a88cc3e34e5f0a7bc48da87748789
05e8d9fae7f24483545d303be8550c3b10dec13272d65080b5ce285a639a5d09
08039d10ffb0d77645673af9f7efa960434bec0699118f0b3b855f5b953f2932
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17d79da90456990d80e232263e65f7a00cd789e170c6c94e23b96872fbc866db
1df392cfe171c069104085ec7152039923cde98bf32f890cffa5706ca0eef027
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
29dcfa32eb6ea29fa2283f55ed9eab7372bb11609764d416b031ee61fcac4191
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34e64a43b6b54c977efbc6c5afcceb5b67e1e0282a9df2a069e2f665f9720284
36b989f0af3be2297ea3d254dea480e232a5fb4fd3ecd846faab4ee98d447130
376fc8ba9a646d7c7a3ca1290d67c1bd1480e319e92c78878000ffd3b4c7a74f
39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4
3ef1e4f2da6c3247458ba54f2e1454551b7f9451a474ab6e5670d1df9b5cbe3f
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
482f7e6d943370d673b5277f2a806e9dee28f2105a6a08c0c5b4f2dd81984617
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dbe2075e08dfc008a9a1290dc149f6ee360215610cc1944bdb625c0aee3b83c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e1e0f8fdbbf61fdbdee9f0d1dd27b45003d9fb3852babc864ae2aecba9f6873
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798
63afe528c3351578ade1d27cea55dd703e4013ced513b25319d623da02b09d39
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
66ecd3d69945a02bfe18a2a9e7091836caf8b8520f4afefb9ca13068b00c231a
697fc0faf4f834a6889adafaebe41fc42b44e1359b10709fa42e8291e23d05c9
6a5d98efcc7082787912dfe2b5a322e26ab279db560b582d945938201edfaf5b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6d68610b6d7b516ce0ca6b95c9c3be7f3ba2dba9680805a8832f402e0f63ba9b
72deda409b2dfb706aa74c3b0abe48ea3c87c5126ebc2aabfc68c90a929723a3
810ab9f35adece1d37d614de75a59912c0fd855e7ab342abc4d3407430b30f09
8859ab6936413a1da365d7fd35cf99f9ab80d2deb93d4ac4440d8c6042e48672
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
91f5579c85bb75e8b15a52c0ba73bfb87f12dbb216e19f7f55ca812d224da3a6
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98b450edb7f6d2dbfa77af4c41ffff767d979335d1bb8cbfe23f9ae3a7673e91
9e175239fe61dc6998a19bd79e98f7a52732939617a53a1950bee0203bfe5259
a0d2ba3e3c17e0b7bbbf365a92019815a270a214a06fbd574966a0ba80c8a740
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad4e2d51cf7f8cad0b33fcae853656fa79fa2da3e9828bdf50895a88d9463259
ae94973f3d4a93394e873436ca387f84edad751527fed355319cf425c4550271
b3f8b6630b6dff3720b43b2e745b4a2c6843539a16af9dc3cf5b98af45eb4a52
b6544c4567d730a9bd0c301f217b8b9d7936aa828c7bfa070789ee174fa90846
b73854a6f5803e25c017eafde16c5e669c0fd27b9ad1bdaf2d2a603a3088f01c
c5f441c1e2541d6327c0204f59a4fd57cdd3245eb4b88eb8a7016eed32a9ba57
ce65349d4adaf6044c2381e67f447e84ac578c7d1993c85ab2dba71e1b2e5ff4
d6c24c986c7410379221b2c1f037685d1f577dbef5327ae3bb474a775fd5f952
d6e5cc4845ee21e2dd0233281668301df982a54995012333708fab1aba38b3b4
d74de076d9c90f3d4cdd757799412583d97e8febe411202b5f54de6bfdc01096
d7f70dd7f7d214c149e34730642d3ce09118c964c11863e8cf03e760cf521415
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ccce3cfadd03ec5a5e5dfddf09b6b705ad6725d2256604cab8993467e52b32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ed7431bdcfc8c0e550e6660927729a296f2ef94f0b46e45fa991563257bab1
f6f3d53dd2240261f157695adf386a5c08014298c19f62ccf63cd162996892d0
fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06