imgbb.com Open in urlscan Pro
2606:4700:3036::6815:1440 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gebehee.top/cndi4858vmefovl/4292614/
Effective URL:
https://imgbb.com/YNrVVQ1
Submission: On March 20 via api (March 20th 2024, 9:06:10 pm UTC) from US — Scanned from US

Summary HTTP 133 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 18 domains to perform 133 HTTP transactions. The main IP is 2606:4700:3036::6815:1440, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgbb.com. The Cisco Umbrella rank of the primary domain is 263552.
TLS certificate: Issued by GTS CA 1P5 on February 26th 2024. Valid for: 3 months.

This is the only time imgbb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	104.21.34.74 104.21.34.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
1 1	35.204.193.90 35.204.193.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	213.174.132.224 213.174.132.224	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3032::ac43:83fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:ba35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	169.197.85.95 169.197.85.95	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
1	2606:4700:303... 2606:4700:3036::6815:1440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
3 17	2607:f8b0:400... 2607:f8b0:4006:806::2002	() ()
1 30	2607:f8b0:400... 2607:f8b0:4006:80a::2001	() ()
8	2607:f8b0:400... 2607:f8b0:4006:809::2003	() ()
2	142.251.40.102 142.251.40.102	() ()
1	2607:f8b0:400... 2607:f8b0:4006:821::2006	() ()
3 4	142.251.32.98 142.251.32.98	() ()
2 4	172.64.151.101 172.64.151.101	() ()
2 3	68.67.160.117 68.67.160.117	() ()
6	142.250.80.66 142.250.80.66	() ()
3	2607:f8b0:400... 2607:f8b0:4006:816::200e	() ()
2 2	2607:f8b0:400... 2607:f8b0:4006:823::2004	() ()
4	2607:f8b0:400... 2607:f8b0:4006:806::200e	() ()
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	() ()
4	2607:f8b0:400... 2607:f8b0:4006:816::201b	() ()
133	25

4 104.21.34.74 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gebehee.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.193.90 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.193.204.35.bc.googleusercontent.com

tracking.trackingshub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.132.224 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:ba35 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.197.85.95 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1440 (United States)

ASN13335 (CLOUDFLARENET, US)

imgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:806::2002 (None, ) 3 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2607:f8b0:4006:80a::2001 (None, ) 1 redirects

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:809::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.102 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.117 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.66 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::200e (None, )

ASN- ()

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2004 (None, ) 2 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:806::200e (None, )

ASN- ()

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (None, )

ASN- ()

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::201b (None, )

ASN- ()

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com	903 KB
23	doubleclick.net 6 redirects googleads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	281 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	432 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 storage.googleapis.com	59 KB
8	simgbb.com simgbb.com — Cisco Umbrella Rank: 192255	167 KB
6	googleadservices.com www.googleadservices.com
5	google.com 2 redirects fundingchoicesmessages.google.com www.google.com	68 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	ibb.co ibb.co — Cisco Umbrella Rank: 10222 i.ibb.co — Cisco Umbrella Rank: 10410	260 KB
4	gebehee.top 2 redirects gebehee.top	15 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
1	2mdn.net s0.2mdn.net	99 KB
1	imgbb.com imgbb.com — Cisco Umbrella Rank: 263552	6 KB
1	usefulcontentsites.com cdn.usefulcontentsites.com — Cisco Umbrella Rank: 111360	2 KB
1	trackingshub.com 1 redirects tracking.trackingshub.com — Cisco Umbrella Rank: 192981	119 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 19762	464 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 7780	491 B
0	vlitag.com Failed services.vlitag.com Failed
133	18

	Domain	Requested by
30	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com gebehee.top
19	pagead2.googlesyndication.com	imgbb.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com gebehee.top
17	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net gebehee.top
8	www.gstatic.com	googleads.g.doubleclick.net gebehee.top
8	simgbb.com	ibb.co imgbb.com simgbb.com
6	www.googleadservices.com	imgbb.com
6	fonts.googleapis.com	ibb.co imgbb.com googleads.g.doubleclick.net gebehee.top
4	storage.googleapis.com	srcdoc
4	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	gebehee.top	2 redirects gebehee.top
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	i.ibb.co	ibb.co imgbb.com
2	www.google.com	2 redirects
2	ad.doubleclick.net	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	imgbb.com	simgbb.com
1	cdn.usefulcontentsites.com	ibb.co
1	ibb.co
1	tracking.trackingshub.com	1 redirects
1	datatechone.com	gebehee.top
1	my.rtmark.net	gebehee.top
0	services.vlitag.com Failed	ibb.co
133	27

This site contains links to these domains. Also see Links.

Domain
api.imgbb.com
i.ibb.co
ibb.co

Subject Issuer	Validity	Valid
gebehee.top E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
simgbb.com GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh
usefulcontentsites.com GTS CA 1P5	`2024-02-18` - `2024-05-18`	3 months	crt.sh
imgbb.com GTS CA 1P5	`2024-02-26` - `2024-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://imgbb.com/YNrVVQ1
Frame ID: B37B0A561197B37523856C8E068520C1
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&adk=3359615552&adf=3810287254&lmt=1710968766&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765462&bpp=10&bdt=572&idt=515&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5248957039096&frm=20&pv=2&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=564
Frame ID: E42B05B1BC24216BBC649415547F3543
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=1707231127&adk=3202445627&adf=1841902683&pi=t.ma~as.1707231127&w=1200&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765473&bpp=16&bdt=584&idt=562&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=573
Frame ID: B9E01AD499E90EAABBFA93D2E440C146
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=4370068811&adk=1877126515&adf=4071670924&pi=t.ma~as.4370068811&w=336&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765490&bpp=1&bdt=600&idt=587&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=626
Frame ID: 5C4C484D280E0B6EFCAEB691B649DC0F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=4866082202&adk=46905600&adf=2007866562&pi=t.ma~as.4866082202&w=250&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=250x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=602&idt=634&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=693&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=658
Frame ID: F12352B76F097BA83B01793177437B42
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=3553000530&adk=1075946893&adf=2627989341&pi=t.ma~as.3553000530&w=300&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=601&idt=680&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280%2C250x250&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=963&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=699
Frame ID: 49C899026F1543AD7B8834A67A445ECD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKz_dUFEOnXpNgFGL-NwoICMAE&v=APEucNVU0ErQ14dGCztQ8sKUslOF9gxE6jMOR3t4mbNT_U6RGzeoGy__xKeicC8exBUDRuyCE6ZihetBXL4kLyUVxAUUJPL7yA
Frame ID: F6C680AB4D97AF2E1745CB0970C42548
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 023D8532D0CAD6FB1FDEEE840EA228CB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D051C11D9ACD98CD8AF1419740661454
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 87F79670C0B26D23163764463A428BEF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: E3D1DD322866230A4B3A197AE73DCB87
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 28A5C2801C166DA119CFC9A5D8D0A8E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 1565D0E5C9649076CF6B03A094A1876C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 699B5308DFAEBDABFCCCB62082717FAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: C7B6236BBAC95306BD625DC584496628
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 1B7FF06D2436F3E4CD726D1681BE2FD5
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DC852EC11690227259EB027BD13F75DA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 1E252D16B2E570F727F039FDC30958DC
Requests: 1 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 3D38C4A4546CA32C9E34AF36552D89BB
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 8D695E7447A8BFD703EE9BE1CD405CC8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 10B5B1E94ED39B102A247FD48B4E951E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 1779E09FF074F13FC3C2EDE90D4F754E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Screenshot-2023-10-03-155731 hosted at ImgBB — ImgBB

Page URL History Show full URLs

http://gebehee.top/cndi4858vmefovl/4292614/ HTTP 301
https://gebehee.top/cndi4858vmefovl/4292614/ Page URL
https://gebehee.top/?z=4292614&syncedCookie=true&rhd=false HTTP 302
https://tracking.trackingshub.com/click?pid=3&offer_id=2435398&sub1=794423173906174879&sub2=4292614 HTTP 302
https://ibb.co/YNrVVQ1 Page URL
https://imgbb.com/YNrVVQ1 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

133
Requests

88 %
HTTPS

58 %
IPv6

18
Domains

27
Subdomains

25
IPs

4
Countries

2292 kB
Transfer

5454 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://i.ibb.co/hgqTT94/Screenshot-2023-10-03-155731.png

Search URL Search Domain Scan URL

URL: https://ibb.co/YNrVVQ1
Title: Screenshot-2023-10-03-155731

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gebehee.top/cndi4858vmefovl/4292614/ HTTP 301
https://gebehee.top/cndi4858vmefovl/4292614/ Page URL
https://gebehee.top/?z=4292614&syncedCookie=true&rhd=false HTTP 302
https://tracking.trackingshub.com/click?pid=3&offer_id=2435398&sub1=794423173906174879&sub2=4292614 HTTP 302
https://ibb.co/YNrVVQ1 Page URL
https://imgbb.com/YNrVVQ1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gebehee.top/cndi4858vmefovl/4292614/ HTTP 301
https://gebehee.top/cndi4858vmefovl/4292614/

Request Chain 4

https://gebehee.top/?z=4292614&syncedCookie=true&rhd=false HTTP 302
https://tracking.trackingshub.com/click?pid=3&offer_id=2435398&sub1=794423173906174879&sub2=4292614 HTTP 302
https://ibb.co/YNrVVQ1

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6is7jRvQSkGYBpXKOYuqk&google_cver=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZftPv8AoJWIAABJuAQgAtgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeJrR3UiN4ykO5ZpzyWQDg&google_cver=1

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBZk8sDazSYtosxG3UCB96o&google_cver=1

Request Chain 67

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxNTkxOTc1MjcxMDg2MDk1Ng%3D%3D

Request Chain 77

https://googleads.g.doubleclick.net/pagead/adview?ai=CmRtkvk_7ZbiCMJbvkPIPz42cyA-Vq5TBdueS4Pm2Eqe1mOjaDxABII7MsJABYMmGgIDco8QQoAH6iKr3A8gBCagDAcgDywSqBPoBT9DSFijuTIMUrMJW_oqtmOZ3LCJtG6zFhy6cXP2iJO2dgAyXGeSPtcC7Kuwp29asp6Ksgi13ejNezmrEE5dT26BSX_DdA5oDbMhldwYXBuYEiEqLF7584n5cEPjXhYm0M7nzJeR9KHjWdQstTYPTMwB3DhNX8J9fEDmZfNBZ4mbXW6fGFapfjUhO-DUFpYk4I_BxtE0U7EA3yCHs6YzfRTA5IvaYlIvgn4zPaQ1_qxY37ZrNF_CvMaK805Q2DqMQgmzz3W5cSUDI9k7kHnQV-xR2cUx1uGWf7r6SRiFFnzG_qAQNFSsdiTV1p3tHcW2UyCXi6WS3N0pXhsAEz5ufqd4EiAWx1_WrTqAGLoAH7vbVCKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEEKvTEdIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOlj84MGs34OFA5oJogFodHRwczovL3d3dy5saXR0bWFubi5jb20vM00vZW5fVVMvbGl0dG1hbm4tc3RldGhvc2NvcGVzL2FkdmFudGFnZXMvY29yZS1kaWdpdGFsLXN0ZXRob3Njb3BlLz9oY2JnLWxpdHQtaHdhcmUtZW5fdXMtY29uLWFkdmFuY2VkLW9uYS1kaXNwLW5hLWxlYXJuLXJlc3AtamFuMjQtMDAwMDCACgHICwHaDBAKChCg55_N5sfoml8SAgED2BMD0BUBmBYBgBcBshccChoIABIUcHViLTY3MjE3MDQ5NzI5MTQzNDkYALIYCRICzmEYLiIBAA&sigh=xZJzqNYu0TI&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqJl9bfrwMPzXJ4q3iUc6UFWLaNJRLb-qQoQhI-oBw8Rm9JoQU6jpRzy8bqQiDXC2hemO-zBsVuEGrme-JsajawdNs57frnm-XmIUYAQ&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6496481af38dd35c0000000000000000%22,%222%22:%220x81c5e199f1cdc5660000000000000000%22,%223%22:%220xf029904fe44382c70000000000000000%22,%224%22:%220x30e724b0029e17890000000000000000%22,%225%22:%220x484a97e1386265300000000000000000%22},%22debug_key%22:%226381676591522585885%22,%22debug_reporting%22:true,%22destination%22:%22https://littmann.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055556730%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218421051202078618801%22}&andc=true

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=C8H51vk_7ZceFMM2bur8Pm8CQ8Ai17s3Adumk0puNEtrZHhABII7MsJABYMmGgIDco8QQoAHlwtaiA8gBAqgDAcgDyQSqBMoBT9DDc8YFnPuCjXN3cJUltvipRZbmK36IdjdjtXqkT9ncb6kZaQXmglq015J3Di99xvMhaY76-wioR3pj512_d_0KjMbYOV8W-wIqusNmdGj_mNV2Nw_IecBWxw6GjZUbaK5MJwKsBI4LpJrNyH77Jryhdg9VbSVbqlmWgFMCvMkvPLDEz2qjRat9ejw4OcqgazwIowE-78qhIG7h25WrCJ8EISY-l72YEsrWtB0PYYIq3G12gjKxOko16vrY_TFBJBga2MhlbCTtdcAE3ZbMu8IEiAWOo_CgOJIFBAgEGAGSBQQIBRgEoAYCgAeDvaldqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwHyBwQQi88T0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WNzZwazfg4UDmgkbaHR0cHM6Ly93d3cubWludG1vYmlsZS5jb20vgAoByAsB2gwRCgsQoJrH38vIg-v9ARICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjcyMTcwNDk3MjkxNDM0ORgAshgJEgLraBgCIgEA6BgB&sigh=hj3uPYMQuHA&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtql-cx-zFajszw-KYDupgBalRDrEkDeyMwR8UZHopaZ5wzsIYaEc-bQrapQ844zcPqXtVJBhgkAPoYaKdMuW73wZ6aCBPsQMhiWvQYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa61ff4bee44e66700000000000000000%22,%222%22:%220xf8712ca66921c3c40000000000000000%22,%223%22:%220xe16a1aa4adeda65f0000000000000000%22,%224%22:%220xa275b736a2c53f300000000000000000%22,%225%22:%220x3d83702ea9ba9b7d0000000000000000%22},%22debug_key%22:%226050446052347288653%22,%22debug_reporting%22:true,%22destination%22:%22https://mintmobile.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22878027109%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22956652980321195409%22}&andc=true

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://googleads.g.doubleclick.net/pagead/adview?ai=CSq8Yvk_7ZaHzL6meur8PjoW1mAiSs4vvddy0hKmkENiSzLbeCRABII7MsJABYMmGgIDco8QQoAGnoKbRAsgBAagDAcgDwwSqBMoBT9CGSGlaHZqip3gerfWJwN9zBQl_AKU0_tlOdgW0QaliYs3dkfyospEaS9lXbmHMekd9uMPcCIkET3an6Pi5Y5-7XV8IFJuj3xKt4gzAy3JpMp94pxxK8vvyFp89tok2Ash5OFgPiPYUOqtR5Ea3WjGeTZrtH2XTBN_TPkVWXZXJUOmVh1Uua9G6klld5MDv8mwU7t3zL5ShTw_fBEem8WtnOktNIfGlaAlROHVjONwjKPT3az4XgPtTZgIbJ2fD50iUtuo1RKxtK8AE9NXg_LoCiAXW7oD4GJIFBAgEGAGSBQQIBRgEoAZmgAfB39muAagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEJ69DNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljw18Gs34OFA5oJpgFodHRwczovL3d3dy5maWxlcy5jb20vP3V0bV9jYW1wYWlnbj04NDU1MDM2Mzg5MiZ1dG1fdGVybT0tJnV0bV9zb3VyY2U9YWR3b3JkcyZ1dG1fbWVkaXVtPXBwYyZ1dG1fY29udGVudD02MTQ3OTE4NTMyNDEmZ2NsaWQ9e2djbGlkfSZyYW5kb209MTk0MzM3NTA3MjA1NTMzNjcwOSZ2dF9wb3M9gAoByAsB2gwQCgoQgLeU7-Ly14NbEgIBA9gTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi02NzIxNzA0OTcyOTE0MzQ5GACyGAkSArFfGGYiAQA&sigh=ZZXYu796bQQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq4GMKUz4EjvND8MHzmTn16IrJFy_DVU1_FS_AVROyAbsUu8NVa12HA-5IxAARrfrDslw1dj6KSLv4CwwzbHlNFDuJI9TubmghbhgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7566fc26d45bfae80000000000000000%22,%222%22:%220x61b0aedf17500e970000000000000000%22,%223%22:%220xc8f9a37df861c9400000000000000000%22,%224%22:%220x6a9912d0c590e8660000000000000000%22,%225%22:%220x4d8c242e075490280000000000000000%22},%22debug_key%22:%2217466223293274097284%22,%22debug_reporting%22:true,%22destination%22:%22https://files.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22707366951%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228469154587451113313%22}&andc=true

Request Chain 122

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCb0vi6VRCQARiQATIItFYPU8y28GA HTTP 301
https://tpc.googlesyndication.com/simgad/14721375404797248074

133 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
gebehee.top/cndi4858vmefovl/4292614/
Redirect Chain

http://gebehee.top/cndi4858vmefovl/4292614/
https://gebehee.top/cndi4858vmefovl/4292614/

33 KB
12 KB

359ms
279ms

Document
text/html

104.21.34.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.34.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f18fa63e908ae5587bd4bd776ef9fac6248ed1c4b480c920cfe87cbae773ab20

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8678a9ebaf39b3c1-MIA
content-encoding: br
content-type: text/html; charset=utf8
date: Wed, 20 Mar 2024 21:06:02 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wp%2FzYYYa1b3i3D7j06cj0N9TpfntQAWIwDWkEqu3hI4He7T7w06snPGwlTeS79KY3nL9YjAvODqGfKilXYAdipSPv2BUiXQxj4LX9rLd4eCaTPyLaX8ZBa%2FWXRZZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-trace-id: da29f36720b84925894bfc7eca3da335

Redirect headers

CF-RAY: 8678a9eadd737445-MIA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 20 Mar 2024 21:06:02 GMT
Expires: Wed, 20 Mar 2024 22:06:02 GMT
Location: https://gebehee.top/cndi4858vmefovl/4292614/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2ORRKPaYo2wyU8dsFnac%2F5AVpCxCd79iWkTV5xJOvftbZ4GvVI8dm%2BJgEq7wVw8dthGCWi%2FOoQmdgRRWkx0cuYjBc6qIa9L0CXtohOahDcmJGP5vxD8cq96bzyhOg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

POST
H2 200 sftouch
gebehee.top/ 2 B
329 B 157ms
154ms Ping
text/plain 104.21.34.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gebehee.top/sftouch?userId=008025fd913d4b8cea3aba015eef45b9&z=4292614&p_rid=328d5d62-be4a-4378-829c-be07c367a65d&p_src=sf&branchId=0&rb=DFd1aV03wNOCTlJw0AW6gFGrNOve6GEK7IXsbFEk26-ytbp4jA2E9AKEd0n5r8LfoChcxbnCt8609L2HJlfZQPz3iWAw5qokcW-rg3Kx6NaFpXpqGJQS5Mx3t9ZCu3oYmLUDCQE2ccMXDzdDOX-bYlphHMYnl3BajBswXgR-IbSMrBjtO5P79ALF0VwxMEplB6jj5faLg1e6l6VNNfprJGeD5nX4rn036TSVnUqk6W07h-KA2oIG9uxNF0pUEY17dSojuZjtfHEk77Lh4zVryECNXAyQD5-1Y9Jqx5WqZgKKr_oL

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.34.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gebehee.top/cndi4858vmefovl/4292614/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
x-trace-id: e3be0ca07ba827458f018f1080b9b88a
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://gebehee.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yItQTmDcsBlKNa0KBgQb3XMgjowzdD0q1GMZoC5AjmmtcRGh5kcsRt7DsREE1Egr%2BQG%2FhbDPD12NjFduaZBW%2FkIG6oJWag9WkiRhzYOPSEM1t4mNeNy58%2FTAR9PODQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 8678a9edaa21b3c1-MIA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 422ms
139ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008025fd913d4b8cea3aba015eef45b9&z=4292614&p_rid=328d5d62-be4a-4378-829c-be07c367a65d&p_src=sf

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gebehee.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
464 B 458ms
143ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=328d5d62-be4a-4378-829c-be07c367a65d
Requested by: Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://gebehee.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 20 Mar 2024 21:06:03 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://gebehee.top
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

YNrVVQ1
ibb.co/
Redirect Chain

https://gebehee.top/?z=4292614&syncedCookie=true&rhd=false
https://tracking.trackingshub.com/click?pid=3&offer_id=2435398&sub1=794423173906174879&sub2=4292614
https://ibb.co/YNrVVQ1

20 KB
6 KB

251ms
80ms

Document
text/html

213.174.132.224
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibb.co/YNrVVQ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gebehee.top
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 21:06:04 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY DENY

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Wed, 20 Mar 2024 21:06:04 GMT
location: https://ibb.co/YNrVVQ1
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
2 KB 257ms
102ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: ibb.co
URL: https://ibb.co/YNrVVQ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 21:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:36:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 21:06:04 GMT

GET
H2 200 ibb.css
simgbb.com/5286/ 115 KB
26 KB 187ms
61ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/ibb.css
Requested by: Host: ibb.co
URL: https://ibb.co/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 10:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6247
etag: W/"657c2990-1cc64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m591W4jdJmPpVXuagXjf6RmB9MIdbx7ZyWWV540trSObzFI%2BFqF9dD8%2FL%2FJlMfPQwyPOiOhyPNf1vqYi5wlJUZ7RZ2HU79f6lcgBprq%2F%2FXNG%2F1Y1ZFlUhl4xDq8GIQFYbX8wW8mVTVfR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8678a9fa2ef84958-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga.js
simgbb.com/5286/ 185 B
483 B 249ms
123ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/ga.js?ads=adsense
Requested by: Host: ibb.co
URL: https://ibb.co/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65745f1d-b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8neq8290RIcEa5IkSP7qNN8b6EDII0Z4FwQD5YCFN%2Fwbsz9EIiv6%2BWQ%2B%2BHW3bmwKbZ%2FP15FDK0tmGjERux7snqIDmtLDp5wLHTuvXQkCMmDL%2BS4YyPnfISvKmToi9wprYK%2F8cUWv%2F7w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8678a9fa2efa4958-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 subscribe.js
cdn.usefulcontentsites.com/js/push/ 5 KB
2 KB 146ms
42ms Script
application/javascript 2606:4700:3031::ac43:ba35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Requested by: Host: ibb.co
URL: https://ibb.co/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ba35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc14
date: Wed, 20 Mar 2024 21:06:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6HDGYP4GSZ02MMJA
age: 5420
x-cached-since: 2024-02-27T20:10:47+00:00
x-id-fe: mi1-hw-edge-gc14
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dCHDwhj1xsQuYILIEnRAHKAD83pzb+APONKDwSKEEZRtfj04evlzebEMCC2Q1C0aqkX8IV7RxDwqx5iiFfYY/QawB7do6vdskOE+vMwe6o4=
last-modified: Wed, 30 Mar 2022 12:06:36 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
traceparent: 00-0e58fb624b8f956d52b81c97c4313a49-d59ef15106f112b4-01
etag: W/"531a7e657aea171bbfa47a0c45adfede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJ3rANsOP8TWbaawNBaM%2FZkoptWqz6syEV9R5EbuuV5wkizeQbbDKAXSLJ7jBQR1OUo9O6vtlRCtdsZ3IAvevGanlOJIn0RGQXT5XQW7T1rB2DqQiRU%2BiBqnCxB4k1Xxdiwez8UtBJ4eOCCLbag9QyQzACIwvMAl7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
cf-ray: 8678a9fba8cd7489-MIA

GET /
services.vlitag.com/adv1/ 0
0

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 50ms
48ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: ibb.co
URL: https://ibb.co/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:04 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5807
etag: "65745f1d-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNTw%2Ft5X4o9ZEIZsXpAkUb6JkU1IEgKZoeLhyjQNzhnmhYTSMWnMrAPUfZEkMYA0X3IjmWle8ANFrgpODssEy3m7leszhVzDb9%2F4%2BPlxzgBlU99WEQGpFLexMkNMJrIfKvNG6ANRJ6Uu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8678a9fbf9aa4958-MIA
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 Screenshot-2023-10-03-155731.png
i.ibb.co/zmkttxB/ 67 KB
68 KB 243ms
61ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zmkttxB/Screenshot-2023-10-03-155731.png
Requested by: Host: ibb.co
URL: https://ibb.co/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:04 GMT
last-modified: Tue, 03 Oct 2023 10:27:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 68929
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET jquery2.js
simgbb.com/5286/ 0
0

GET ibb.js
simgbb.com/5286/ 0
0

GET
H2 200 Primary Request YNrVVQ1 Show response
imgbb.com/ 21 KB
6 KB 251ms
142ms Document
text/html 2606:4700:3036::6815:1440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imgbb.com/YNrVVQ1

Requested by

Host: simgbb.com
URL: https://simgbb.com/5286/ga.js?ads=adsense

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07777fc27b729d29ecc2eab3bf5e43ed7d82ea4e9fd62b29b3ac35d9765c538b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8678a9fbb91b4c24-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 21:06:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8KWyQg%2F4sgRpJVIAnmxmaZEXX32FaqtuDQns6nThQKhqc%2FivzPMl9TIfjggHgSHefB%2BU1sNnF4KIgbtAZVJxtlOPUvJ%2FRWb7IYmrdQ5W78%2BX9SN%2B2%2FuH0JnmjNq47dA67No1%2BFcjUw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
2 KB 86ms
85ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aad0aa2c5e2767db2d5e96c288990838d7330a9d09a2620a4533b298bbbf386e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 21:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:39:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 21:06:04 GMT

GET
H2 200 ibb.css
simgbb.com/5286/ 115 KB
26 KB 49ms
48ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/ibb.css
Requested by: Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a34f1460a98ed2b7fae6e1ab1fb7af96490a0aaa0aca25f9381a5e179e28327

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 10:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6247
etag: W/"657c2990-1cc64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9uPJSjVS68%2Bkr1S%2FR%2Bz26CEhtwgyb7caNDZDgbBjej365Pi%2FE%2BrZWxonarXmQ9qw37QwQb8nbTGcfZ%2FPaqQ30PBMLPfUyUP4jmqZ8sk8SkaF9PyNRcoOvXtBJZwLKKJfCKFDYNudG5W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8678a9fcbae94958-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 332ms
183ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6721704972914349

Requested by

Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a13e3376c4ddd3c5b2f94d9a00074cf6ec818a33328532b4cc6c47feda213459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Origin: https://imgbb.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51052
x-xss-protection: 0
server: cafe
etag: 12828797951553627977
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 20 Mar 2024 21:06:05 GMT

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 56ms
45ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:05 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5808
etag: "65745f1d-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPdE2CeArXgMsfJeexEhLwSf%2FeJdhM1oB1DsQbZXpEWdToVNvF1%2Fqg8cQOzv6pOmGHSvA4Qhsd2Jm%2BfrTWW7RhyLLKGiITZKnAlbtmqUf2%2BQLWIlv6Mu88wLBNjfuDSv%2BwU7IRrXz3b2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8678a9fd5bb74958-MIA
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 Screenshot-2023-10-03-155731.png
i.ibb.co/zmkttxB/ 67 KB
68 KB 62ms
62ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zmkttxB/Screenshot-2023-10-03-155731.png
Requested by: Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: dbe8166f42122f5fa34fd261699636d231941aabdc6710a58903f0a3804c2d6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:04 GMT
last-modified: Tue, 03 Oct 2023 10:27:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 68929
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery2.js Show response
simgbb.com/5286/ 113 KB
41 KB 64ms
53ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/jquery2.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c855cf592efb8719926ef24f95a225623ceea83bbac08894eb50bae312cf72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 10:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2852
etag: W/"657c299b-1c529"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdPmltahNMfdjlElrEGjxmhVqdQkOO%2BV06hNGNcd%2Fs5q%2FnDs3wehRK8eCPq%2FFbjInKPNXWIbBIPMfkVwh8ItAkMlv1GOtIgaDBXJDiU00Rlml5W%2FhyAT%2FOd36lrRCnxAd9iWVbr86umj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8678a9fd5bba4958-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ibb.js Show response
simgbb.com/5286/ 214 KB
62 KB 61ms
50ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/ibb.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7932b7a63af2f11d40d1d6448260b0fc29bae808b9e4978ed5a326f8cf5ce1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 10:25:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7027
etag: W/"657c2997-3597d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eywWKmS3f9k6Ey7VZPU%2BdN4v%2FfOz%2FQ2BRlrTgDpZh5Evm5VPDqh8fDHltdGZ1fXiBFsTGplfrxx7FEYQKVDqmwUr7kdLqHPq7ufY3LXoF1THwJ0qVbVZVZ4jlnx5dAB0A6ajBjwdNEcg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8678a9fd5bbc4958-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 imgbb.woff2
simgbb.com/fonts/ 8 KB
9 KB 138ms
64ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/fonts/imgbb.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/5286/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer: https://simgbb.com/5286/ibb.css
Origin: https://imgbb.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 965
alt-svc: h3=":443"; ma=86400
content-length: 8468
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
server: cloudflare
etag: "65745f1d-2114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFi9MDk8cy4GMys5M1%2FT7dqAlrrb9UM8%2Bzqa8p%2BjxvM7UuYA5Rkss23UL5NSpqB3uul%2Bw1sKokYAglUr205Sjgq9%2B5ng945sVKMZNAN6auyIS6BGFzLwhV%2FLXcwj5MZOc%2BTkCdhnJWC2"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8678a9fdcb2425b9-MIA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 209ms
66ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgbb.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 06:27:15 GMT
x-content-type-options: nosniff
age: 52730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 06:27:15 GMT

GET
H2 200 Screenshot-2023-10-03-155731.png
i.ibb.co/hgqTT94/ 118 KB
119 KB 83ms
83ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/hgqTT94/Screenshot-2023-10-03-155731.png
Requested by: Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 959665265372d16026d66fe8f17afb8951d97f16a2c1c47ca93c866f0b4f9303

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:05 GMT
last-modified: Tue, 03 Oct 2023 10:27:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 121282
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/ 407 KB
138 KB 292ms
164ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6721704972914349

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc538a3e1815b8904000456842e4060be77d33326d30ee55d077bbb8e0da03b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141386
x-xss-protection: 0
server: cafe
etag: 3094819516650783514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:06:05 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E42B 506 KB
98 KB 1151ms
1008ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&adk=3359615552&adf=3810287254&lmt=1710968766&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765462&bpp=10&bdt=572&idt=515&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5248957039096&frm=20&pv=2&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=564

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

2f54d0ecd2a9c08fcdcc2e5a6acf0770288e46273877efb7d179f1d1a0eff7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 99799
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:07 GMT
expires: Wed, 20 Mar 2024 21:06:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9E0 123 KB
42 KB 759ms
617ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=1707231127&adk=3202445627&adf=1841902683&pi=t.ma~as.1707231127&w=1200&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765473&bpp=16&bdt=584&idt=562&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=573

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1d963a05e5107ce60f32f103f0434e5ebddfabd4ef9b27e7d343ca570ca73727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:07 GMT
expires: Wed, 20 Mar 2024 21:06:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C4C 124 KB
43 KB 596ms
456ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=4370068811&adk=1877126515&adf=4071670924&pi=t.ma~as.4370068811&w=336&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765490&bpp=1&bdt=600&idt=587&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=626

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6e89d87038bd555d4b124f9d7482c7a0b240e4e9dfa897f3ae8e9236434a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43178
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:07 GMT
expires: Wed, 20 Mar 2024 21:06:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F123 102 KB
39 KB 759ms
626ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=4866082202&adk=46905600&adf=2007866562&pi=t.ma~as.4866082202&w=250&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=250x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=602&idt=634&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=693&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=658

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

aedb5fa3282a6d7d18f47d01bedaeb33cb50db9996642a131dfd236ef48c39a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39330
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:07 GMT
expires: Wed, 20 Mar 2024 21:06:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49C8 89 KB
42 KB 708ms
576ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=3553000530&adk=1075946893&adf=2627989341&pi=t.ma~as.3553000530&w=300&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=601&idt=680&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280%2C250x250&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=963&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0a920bcaa94c3d8b5ad5b39a9a0dd55d24780058ebdedf055ce29a17d6f8fdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42944
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:07 GMT
expires: Wed, 20 Mar 2024 21:06:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 5C4C 4 KB
679 B 89ms
89ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=4370068811&adk=1877126515&adf=4071670924&pi=t.ma~as.4370068811&w=336&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765490&bpp=1&bdt=600&idt=587&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=626

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 21:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:31:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 21:06:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 5C4C 2 KB
903 B 306ms
143ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 04:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 04:23:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 5C4C 23 KB
9 KB 338ms
183ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:44:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 5C4C 3 KB
1 KB 336ms
182ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 5C4C 20 KB
9 KB 229ms
75ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5C4C 206 KB
62 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:35:24 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 5C4C 36 KB
15 KB 247ms
78ms Script
text/javascript 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:52:46 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13667592031327345495/ Frame 5C4C 10 KB
11 KB 317ms
164ms Image
image/jpeg 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13667592031327345495/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

59a2f4fc027c205470d006c4a0a6ac24dd838cf80574d60f3b5e9459c50b1c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 13:45:18 GMT
date: Wed, 20 Mar 2024 13:45:18 GMT
x-content-type-options: nosniff
age: 26449
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10441
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 19:42:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C8 42 B
63 B 128ms
126ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjfHgKCSyij2JCPmp96L4HWzbmV17kKbiwFAyuiOf0dnkkUJD2hL90SQDiWEl4tGrSAH2PKNnqdMGt4jlC4VY0HxZk-vDWSZ1dbe6jJtCQD0d7-Qs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=3553000530&adk=1075946893&adf=2627989341&pi=t.ma~as.3553000530&w=300&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=601&idt=680&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280%2C250x250&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=963&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=699

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F6C6 624 B
507 B 149ms
137ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COKz_dUFEOnXpNgFGL-NwoICMAE&v=APEucNVU0ErQ14dGCztQ8sKUslOF9gxE6jMOR3t4mbNT_U6RGzeoGy__xKeicC8exBUDRuyCE6ZihetBXL4kLyUVxAUUJPL7yA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=3553000530&adk=1075946893&adf=2627989341&pi=t.ma~as.3553000530&w=300&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=601&idt=680&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280%2C250x250&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=963&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=699
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:07 GMT
expires: Wed, 20 Mar 2024 21:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 49C8 23 KB
9 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:55:01 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 49C8 8 KB
3 KB 83ms
82ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:47:20 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 49C8 0
0 351ms
137ms Fetch
image/gif 142.251.40.102

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssRVmwM5yVwMyqLOpVM_vrnV87YNpUS_LLt9gav_FJPdoJrnr0HisYr_zri0haH3HqLBg2SN7TQMBraYUfWfh3CpsEd1j4M0HDTGJusaA-pJQZ8XclJKwkTqBPlAIjJYamZFvInx5-BWvBnb6HH3y_0gV1vRHd1mm84mU9KTHPTqeJSJG0Qx8zeDd740BFzGyItDi2jrnqc5_AELlnT2gxlMLA9ckL9L4PC1PuyTsMq8qn5O1S2IJK4VP_0m8QaKJoZf6NYLAJmoMWY9XSNtHMy-MMqT2KI8o0hQiwBsgHkIN49MI0lpVetzc7ioDQgXucXPjtrnp7OnIqtNO5EyedHCUeRhEe3tM79TJXCITxA21M8Rc9-XhwBjNzdEvkKArEpSqL0v_LsIWBeA6zpp5ewFTyBvMXhcSsC0GDvMFjnQComI9GHbAWxfygppYxP0nXdAaXp_MoU6A5evT2q_C2e4yzZM2ktBd7fWlFPHKXeCJ-ztHnTgFT0h-WFEm9LGUVyNz0e-2trE8fyEMkP2ECcSxeUsODDz3zNGU2--wEQ7A99rcW7lObpIWhu9KY-rZZPOBx1Kj6smzfv_hJPPBLeGwrUThGiRKUPrODvtZxzqyJsMcxCgcHGPVlBh07OqfIv_PnXlhhfOIxyojeFXCx9Ub8gemm8tW2rFN6-J8-8i-ehtHQ0G-Hu8JQvfnD0uHbLw_p_hJTGP9A8GgpsLSzfyEzLhknjKRRaL5GKnbH9-BCjzHhWQXIcvM8kCSIrcwjPsLF-Az0NV_MKf_sYOJKYbJJFDe84FK3IlEAJJL3qG0snbKPJhH6VcK1xN-kULCLhLUKZMoaH7H-lrn7syUDdqWF572DqexafIR0yVmkc4KWmBL89tWaq1fGACYerTGZRR-mjqbesQRVbjlRzQSBp38xu3ekO9EIwwFA39pvK0T9wBYDb9UvOOESPe40bEldxdRQ-k_o2QBY4cHMHZOPTYv0SeWJQwSUb17KH22blo9GxwM6E07z_JCMGFzpOH9_RPJEbC7UZID5BnyixPaK5Gx6wQMS_akgTrh0oz02bFK6pn2YopHC_0tamxo398hgKiuCL6jRdzmhBs_dWiCcGQ8GIJwgkvxuhoktrI3IAXXxygJTi8QivBzvsKLjPn6II-aM7Oo6lEcSOJr_AfmYDYpeutepy7WpZu5gLQLFjs6QYMyM9ZT2O9kCCwt9LpXh9CAtkuyFutcZI4fW-2qqwdKM209t1pIX1rqrriJI0h-ABl3yPTyQvW_ybNqEjdI-k1Sr1BhpplZiIz2cpvHtvdd-N9FaoQ83Uyax6vZ_YoF10DPDARwKMM7n-bs_onc0REW2D97anZMd6SZAwRAZoVfUVIgKpJ3B7MX2mCg__E_sAwRbNXUKf6530gA&sai=AMfl-YQCH_Svz28qGghKwHSFjHp1xB5YFVeZL-CGaWBMkeMdPqAHAMYJspdIUpyYkD5_IvmqvpP_e6j0MhKMgHhiecX_UO7BIj_7vfz9PmIti_kwa4NLwPv2OFiRDxoJM6GoGUlXBmPS8xmUSxxDHXqewiMqCvJnqKGxJga645uo09-RHQiQz2p41IjzQ_ouIkGys--U0WF5sWaX4kVOraL2gDIJHCQg9yQdjitr6pIhxOigWTxbpv5pugl8mZkx9KqlWTMHeSu97C0-dX1qupG-8uWe_J9i8W0lL4ZAyZds7Do8HUoab3aS9jpE-sQN_uAuipOxibE28_vQQ0iFGTVWDiBEOwTBSeSUCdl0eGpjR-QAHlwhw454PK12VBazdjLDTCKG-4sfr46HDbvJde4VjELAa1JKo_6W79Sul3UiUH3diJvx1Vxhc4DPb2EqxiLYqPXi8slAKAVkgzO8TsgdaWDsHRG_higsad2S8KedGzYPiTG-FpShDmhRc3C9BNwqfgYbK4w&sig=Cg0ArKJSzLuGHhf4nLiPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tY2FmZWUuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20240319.33703&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.102 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 21:06:07 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:06:07 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 49C8 41 KB
14 KB 209ms
144ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:52:16 GMT

GET
H2 200 6367269506926685758
s0.2mdn.net/simgad/ Frame 49C8 99 KB
99 KB 279ms
65ms Image
image/jpeg 2607:f8b0:4006:821::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6367269506926685758

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7a9e63f4c5a451335e1de84e67a922dcf879a8efce4667387f65327329d6f092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 09:30:08 GMT
date: Wed, 20 Mar 2024 09:30:08 GMT
x-content-type-options: nosniff
age: 41759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100979
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 21:13:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 84d2527241fb8c00ce4670060c5f1154.js Show response
www.gstatic.com/mysidia/ Frame B9E0 9 KB
4 KB 139ms
69ms Script
text/javascript 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=1707231127&adk=3202445627&adf=1841902683&pi=t.ma~as.1707231127&w=1200&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765473&bpp=16&bdt=584&idt=562&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4075
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 20:34:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:53:44 GMT

GET
H2 200 91a5dcb5f5e4e58e2f3be78975bd6a74.js Show response
www.gstatic.com/mysidia/ Frame B9E0 11 KB
5 KB 140ms
70ms Script
text/javascript 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/91a5dcb5f5e4e58e2f3be78975bd6a74.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3d80a99391eeb3bfe5d8e8fd3deab31804a582b164aaaa20fbc9eb8baf38ba70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4602
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:57:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B9E0 14 KB
1 KB 87ms
87ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 21:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:34:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 21:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 49C8 3 KB
1 KB 192ms
162ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 49C8 20 KB
8 KB 106ms
76ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 49C8 206 KB
62 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:35:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame B9E0 2 KB
856 B 68ms
64ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 04:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 04:23:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame B9E0 23 KB
9 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:44:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame B9E0 3 KB
1 KB 76ms
74ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame B9E0 20 KB
8 KB 92ms
87ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B9E0 206 KB
62 KB 68ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:35:24 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame B9E0 36 KB
15 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:52:46 GMT

GET
H2 200 9458165299265033066
tpc.googlesyndication.com/simgad/ Frame F123 15 KB
16 KB 190ms
188ms Image
image/png 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9458165299265033066?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklwzRswTBtEiXDUICS_QL3WcJ8tA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=4866082202&adk=46905600&adf=2007866562&pi=t.ma~as.4866082202&w=250&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=250x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=602&idt=634&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=693&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

44b9a9035e53fb85ed28f7ed3387b903efb359694b7510eb351bb3d081fc0da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:06:39 GMT
x-content-type-options: nosniff
age: 43168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15847
x-xss-protection: 0
last-modified: Mon, 01 Jan 2024 22:01:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Mar 2025 09:06:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame F123 23 KB
9 KB 184ms
182ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:44:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 023D 143 B
166 B 95ms
88ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=4866082202&adk=46905600&adf=2007866562&pi=t.ma~as.4866082202&w=250&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=3&format=250x250&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765491&bpp=1&bdt=602&idt=634&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C336x280&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=693&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=658
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 20:27:00 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame F123 3 KB
1 KB 157ms
152ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame F123 20 KB
8 KB 142ms
138ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ Frame F123 208 KB
63 KB 74ms
72ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4677b36060f5d3a00059f9e69141d80faa7ec081b77917def1fd60eed6fd9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:59:08 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame F123 36 KB
14 KB 157ms
153ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6d2c308318200321bc194c7dae715236fc4eddaab4188d1a0568a8fa8721024a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14701
x-xss-protection: 0
server: cafe
etag: 289687390770401761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:48:52 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F6C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6is7jRvQSkGYBpXKOYuqk&google_cver=1

43 B
557 B

92ms
87ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6is7jRvQSkGYBpXKOYuqk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKz_dUFEOnXpNgFGL-NwoICMAE&v=APEucNVU0ErQ14dGCztQ8sKUslOF9gxE6jMOR3t4mbNT_U6RGzeoGy__xKeicC8exBUDRuyCE6ZihetBXL4kLyUVxAUUJPL7yA
Protocol: H2
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7E26G3Vjji6qsYP0JXPsrrkHLwWFlxIVs4UvJ6VnNGfd2q4CEiHkOr%2B8r1SVAI9cjs2RfA4SJh2ftUKndFS33YHpkJ33evEedSIwMkyM1spRp%2FJF1qh56IxL3u6HSKAe45ussiqvm%2BPdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8678aa10ac967418-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6is7jRvQSkGYBpXKOYuqk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F6C6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZftPv8AoJWIAABJuAQgAtgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeJrR3UiN4ykO5ZpzyWQDg&google_cver=1

43 B
767 B

85ms
84ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeJrR3UiN4ykO5ZpzyWQDg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKz_dUFEOnXpNgFGL-NwoICMAE&v=APEucNVU0ErQ14dGCztQ8sKUslOF9gxE6jMOR3t4mbNT_U6RGzeoGy__xKeicC8exBUDRuyCE6ZihetBXL4kLyUVxAUUJPL7yA
Protocol: H3
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35hXC8UUTie3ANEHpSbOelLlc57c1QMxbL22GwhWbCw%2BBjwRvZIi7jPlx7FbSBYAZ9dcCCya0oQwJee2aV%2F7aZshP1vp4oGQlM1eSHiP77D7dpc4eEaDwnm2s%2B9zD6CLPQXe%2FcpkHygGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8678aa11de98336d-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENeJrR3UiN4ykO5ZpzyWQDg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F6C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBZk8sDazSYtosxG3UCB96o&google_cver=1

43 B
1 KB

82ms
77ms

Image
image/gif

68.67.160.117

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBZk8sDazSYtosxG3UCB96o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKz_dUFEOnXpNgFGL-NwoICMAE&v=APEucNVU0ErQ14dGCztQ8sKUslOF9gxE6jMOR3t4mbNT_U6RGzeoGy__xKeicC8exBUDRuyCE6ZihetBXL4kLyUVxAUUJPL7yA

Protocol

Server

68.67.160.117 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:08 GMT
an-x-request-uuid: d9c49bd4-5677-4fc2-949a-be6bc0384fe6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.77; 38.132.118.77; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBZk8sDazSYtosxG3UCB96o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F6C6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxNTkxOTc1MjcxMDg2MDk1Ng%3D%3D

170 B
243 B

82ms
82ms

Image
image/png

142.251.32.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxNTkxOTc1MjcxMDg2MDk1Ng%3D%3D

Requested by

Protocol

Server

142.251.32.98 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:08 GMT
an-x-request-uuid: 3d90fbf9-f8d9-4a41-b216-87d440147591
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxNTkxOTc1MjcxMDg2MDk1Ng%3D%3D
x-proxy-origin: 38.132.118.77; 38.132.118.77; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5C4C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c381fc08c2f38d0a36b77a9cbbb97dd4f757b9c0e12a9abee8591c7b7f8a941

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 49C8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b9b3537856492cf69dd87e6b20faa2a14cb48df80fcae8b5ea25e5dc6f78e3f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D051 143 B
166 B 68ms
64ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=1707231127&adk=3202445627&adf=1841902683&pi=t.ma~as.1707231127&w=1200&fwrn=4&fwrnh=100&lmt=1710968766&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2FYNrVVQ1&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710968765473&bpp=16&bdt=584&idt=562&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5248957039096&frm=20&pv=1&ga_vid=2024283660.1710968766&ga_sid=1710968766&ga_hid=2116599704&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081827%2C31081903%2C44798934%2C95326317%2C31081572&oid=2&pvsid=282392669480353&tmod=2071265486&uas=0&nvt=1&ref=https%3A%2F%2Fibb.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=573
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 20:27:00 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 87F7 38 KB
13 KB 72ms
48ms Document
text/html 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 47920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 07:47:27 GMT
expires: Thu, 20 Mar 2025 07:47:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 49C8 0
0 143ms
121ms Fetch
image/gif 142.251.40.102

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssRVmwM5yVwMyqLOpVM_vrnV87YNpUS_LLt9gav_FJPdoJrnr0HisYr_zri0haH3HqLBg2SN7TQMBraYUfWfh3CpsEd1j4M0HDTGJusaA-pJQZ8XclJKwkTqBPlAIjJYamZFvInx5-BWvBnb6HH3y_0gV1vRHd1mm84mU9KTHPTqeJSJG0Qx8zeDd740BFzGyItDi2jrnqc5_AELlnT2gxlMLA9ckL9L4PC1PuyTsMq8qn5O1S2IJK4VP_0m8QaKJoZf6NYLAJmoMWY9XSNtHMy-MMqT2KI8o0hQiwBsgHkIN49MI0lpVetzc7ioDQgXucXPjtrnp7OnIqtNO5EyedHCUeRhEe3tM79TJXCITxA21M8Rc9-XhwBjNzdEvkKArEpSqL0v_LsIWBeA6zpp5ewFTyBvMXhcSsC0GDvMFjnQComI9GHbAWxfygppYxP0nXdAaXp_MoU6A5evT2q_C2e4yzZM2ktBd7fWlFPHKXeCJ-ztHnTgFT0h-WFEm9LGUVyNz0e-2trE8fyEMkP2ECcSxeUsODDz3zNGU2--wEQ7A99rcW7lObpIWhu9KY-rZZPOBx1Kj6smzfv_hJPPBLeGwrUThGiRKUPrODvtZxzqyJsMcxCgcHGPVlBh07OqfIv_PnXlhhfOIxyojeFXCx9Ub8gemm8tW2rFN6-J8-8i-ehtHQ0G-Hu8JQvfnD0uHbLw_p_hJTGP9A8GgpsLSzfyEzLhknjKRRaL5GKnbH9-BCjzHhWQXIcvM8kCSIrcwjPsLF-Az0NV_MKf_sYOJKYbJJFDe84FK3IlEAJJL3qG0snbKPJhH6VcK1xN-kULCLhLUKZMoaH7H-lrn7syUDdqWF572DqexafIR0yVmkc4KWmBL89tWaq1fGACYerTGZRR-mjqbesQRVbjlRzQSBp38xu3ekO9EIwwFA39pvK0T9wBYDb9UvOOESPe40bEldxdRQ-k_o2QBY4cHMHZOPTYv0SeWJQwSUb17KH22blo9GxwM6E07z_JCMGFzpOH9_RPJEbC7UZID5BnyixPaK5Gx6wQMS_akgTrh0oz02bFK6pn2YopHC_0tamxo398hgKiuCL6jRdzmhBs_dWiCcGQ8GIJwgkvxuhoktrI3IAXXxygJTi8QivBzvsKLjPn6II-aM7Oo6lEcSOJr_AfmYDYpeutepy7WpZu5gLQLFjs6QYMyM9ZT2O9kCCwt9LpXh9CAtkuyFutcZI4fW-2qqwdKM209t1pIX1rqrriJI0h-ABl3yPTyQvW_ybNqEjdI-k1Sr1BhpplZiIz2cpvHtvdd-N9FaoQ83Uyax6vZ_YoF10DPDARwKMM7n-bs_onc0REW2D97anZMd6SZAwRAZoVfUVIgKpJ3B7MX2mCg__E_sAwRbNXUKf6530gA&sai=AMfl-YQCH_Svz28qGghKwHSFjHp1xB5YFVeZL-CGaWBMkeMdPqAHAMYJspdIUpyYkD5_IvmqvpP_e6j0MhKMgHhiecX_UO7BIj_7vfz9PmIti_kwa4NLwPv2OFiRDxoJM6GoGUlXBmPS8xmUSxxDHXqewiMqCvJnqKGxJga645uo09-RHQiQz2p41IjzQ_ouIkGys--U0WF5sWaX4kVOraL2gDIJHCQg9yQdjitr6pIhxOigWTxbpv5pugl8mZkx9KqlWTMHeSu97C0-dX1qupG-8uWe_J9i8W0lL4ZAyZds7Do8HUoab3aS9jpE-sQN_uAuipOxibE28_vQQ0iFGTVWDiBEOwTBSeSUCdl0eGpjR-QAHlwhw454PK12VBazdjLDTCKG-4sfr46HDbvJde4VjELAa1JKo_6W79Sul3UiUH3diJvx1Vxhc4DPb2EqxiLYqPXi8slAKAVkgzO8TsgdaWDsHRG_higsad2S8KedGzYPiTG-FpShDmhRc3C9BNwqfgYbK4w&sig=Cg0ArKJSzLuGHhf4nLiPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tY2FmZWUuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=544&vt=11&dtpt=541&dett=2&cstd=0&cisv=r20240319.33703&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.102 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Mar 2024 21:06:07 GMT

GET
DATA 200
OK truncated
/ Frame B9E0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a89c59fa653e4484e61477bbdd20efba1603d8d47f1d9c11cb4686fcdb302f22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C4C 16 KB
16 KB 70ms
64ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:13:39 GMT
x-content-type-options: nosniff
age: 42748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:13:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C4C 15 KB
15 KB 65ms
64ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 43775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:56:32 GMT

GET
DATA 200
OK truncated
/ Frame F123 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf44bfff1514ba2221b721e2ac1e1cf8d3bb015b759809f554ff816a54ddb0b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5C4C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CmRtkvk_7ZbiCMJbvkPIPz42cyA-Vq5TBdueS4Pm2Eqe1mOjaDxABII7MsJABYMmGgIDco8QQoAH6iKr3A8gBCagDAcgDywSqBPoBT9DSFijuTIMUrMJW_oqtmOZ3LCJtG6zFhy6cXP2iJO2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6496481af38dd35c0000000000000000%22,%222%22:%220x81c5e199f1cdc5660000000000000000%22,%223%22:%220xf02990...

0
0

315ms
141ms

Fetch
text/css

142.250.80.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6496481af38dd35c0000000000000000%22,%222%22:%220x81c5e199f1cdc5660000000000000000%22,%223%22:%220xf029904fe44382c70000000000000000%22,%224%22:%220x30e724b0029e17890000000000000000%22,%225%22:%220x484a97e1386265300000000000000000%22},%22debug_key%22:%226381676591522585885%22,%22debug_reporting%22:true,%22destination%22:%22https://littmann.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055556730%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218421051202078618801%22}&andc=true

Requested by

Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1

Protocol

Server

142.250.80.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x6496481af38dd35c0000000000000000","2":"0x81c5e199f1cdc5660000000000000000","3":"0xf029904fe44382c70000000000000000","4":"0x30e724b0029e17890000000000000000","5":"0x484a97e1386265300000000000000000"},"debug_key":"6381676591522585885","debug_reporting":true,"destination":"https://littmann.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055556730"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"18421051202078618801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Mar 2024 21:06:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 21:06:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6496481af38dd35c0000000000000000","2":"0x81c5e199f1cdc5660000000000000000","3":"0xf029904fe44382c70000000000000000","4":"0x30e724b0029e17890000000000000000","5":"0x484a97e1386265300000000000000000"},"debug_key":"6381676591522585885","debug_reporting":true,"destination":"https://littmann.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055556730"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"18421051202078618801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame E3D1 52 KB
20 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F123
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8H51vk_7ZceFMM2bur8Pm8CQ8Ai17s3Adumk0puNEtrZHhABII7MsJABYMmGgIDco8QQoAHlwtaiA8gBAqgDAcgDyQSqBMoBT9DDc8YFnPuCjXN3cJUltvipRZbmK36IdjdjtXqkT9ncb6k...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa61ff4bee44e66700000000000000000%22,%222%22:%220xf8712ca66921c3c40000000000000000%22,%223%22:%220xe16a1a...

0
0

316ms
144ms

Fetch
text/css

142.250.80.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa61ff4bee44e66700000000000000000%22,%222%22:%220xf8712ca66921c3c40000000000000000%22,%223%22:%220xe16a1aa4adeda65f0000000000000000%22,%224%22:%220xa275b736a2c53f300000000000000000%22,%225%22:%220x3d83702ea9ba9b7d0000000000000000%22},%22debug_key%22:%226050446052347288653%22,%22debug_reporting%22:true,%22destination%22:%22https://mintmobile.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22878027109%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22956652980321195409%22}&andc=true

Requested by

Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1

Protocol

Server

142.250.80.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa61ff4bee44e66700000000000000000","2":"0xf8712ca66921c3c40000000000000000","3":"0xe16a1aa4adeda65f0000000000000000","4":"0xa275b736a2c53f300000000000000000","5":"0x3d83702ea9ba9b7d0000000000000000"},"debug_key":"6050446052347288653","debug_reporting":true,"destination":"https://mintmobile.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["878027109"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"956652980321195409"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Mar 2024 21:06:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 21:06:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa61ff4bee44e66700000000000000000","2":"0xf8712ca66921c3c40000000000000000","3":"0xe16a1aa4adeda65f0000000000000000","4":"0xa275b736a2c53f300000000000000000","5":"0x3d83702ea9ba9b7d0000000000000000"},"debug_key":"6050446052347288653","debug_reporting":true,"destination":"https://mintmobile.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["878027109"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"956652980321195409"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/ 166 KB
56 KB 149ms
149ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcadf21c2d819037677b99161b2ac022e8b7e68bcf8a4f86d71e0d79f448adf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57439
x-xss-protection: 0
server: cafe
etag: 11424205931809604866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:06:08 GMT

GET
H2 200 ca-pub-6721704972914349 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 305ms
113ms Script
application/javascript 2607:f8b0:4006:816::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6721704972914349?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

b1afd0854f937884ac0693919162128310f2fe4023ddc394161d4a8cb0458410

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MB923Xyi2h4fSI2fKebofw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-MB923Xyi2h4fSI2fKebofw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDcWD-2_VsAi92fV_ABADftTHN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B9E0 33 KB
33 KB 67ms
65ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 18:24:54 GMT
x-content-type-options: nosniff
age: 528074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 18:24:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 023D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

104ms
96ms

Document
text/html

2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:08 GMT
expires: Wed, 20 Mar 2024 21:06:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 28A5 52 KB
20 KB 69ms
69ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 301ms
124ms Preflight
text/html 142.250.80.66

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 21:06:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D051
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

107ms
105ms

Document
text/html

2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:08 GMT
expires: Wed, 20 Mar 2024 21:06:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 21:06:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 87F7 52 KB
20 KB 88ms
83ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 226ms
125ms Preflight
text/html 142.250.80.66

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 21:06:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 1565 9 KB
4 KB 73ms
64ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 72656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:55:13 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 699B 9 KB
4 KB 74ms
71ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 72656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:55:13 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame C7B6 9 KB
4 KB 69ms
67ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 72656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:55:13 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 1B7F 9 KB
4 KB 75ms
73ms Document
text/html 2607:f8b0:4006:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 72656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:55:13 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUcMh_hyJRwQIKdUF837SivkXZVIsJ0JaCeloEas-GQ05zqs9l5pa0752IR66N40eMray7yYXpq0uXs7ZYG26ZJnsz4uIIgpp9n_dOHlzzsjovT93R9I1a84hHGm5nvmPR_XuUw4g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 107ms
99ms Script
application/javascript 2607:f8b0:4006:816::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUcMh_hyJRwQIKdUF837SivkXZVIsJ0JaCeloEas-GQ05zqs9l5pa0752IR66N40eMray7yYXpq0uXs7ZYG26ZJnsz4uIIgpp9n_dOHlzzsjovT93R9I1a84hHGm5nvmPR_XuUw4g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwOTY4NzY5LDczMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2ltZ2JiLmNvbS9ZTnJWVlExIixudWxsLFtbOCwibHJrdTF2eW1jMnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/am=wA/d=1/rs=AJlcJMxBmE6Wco2YVd9vGWk608DN5GI2uQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

3d05426159f53daf83a9689f0705f773a904fba488ab7f958b37a5384e40011c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H5YS7a7XJu0JTBZw-DOqxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-H5YS7a7XJu0JTBZw-DOqxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNcXD-2_VsAjM-7XYAAK-NMR4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F123 42 B
174 B 136ms
132ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR9X-NHFFRFT7Q1UsQcX-5hKLko3jlKJ9OWTRVEk9wsQMjAP7VBAwpD3YYHrio54d76W0jaAddeDxei-BVo3IQvd-sMqwTf-FyOlk8KqPfYb6bereVlhG-5GReDcuOXidcpCUFmh-kDO9NbC_6WIN_3_neqFq4CE8UNELdTud0Iv9nGmsThjVjCnam3A&sai=AMfl-YQ3X-JeDdoVw4WURsqkxEfa5C_wmPeTuGTpPxZFres9OXlubyTjFkNACm4g0vH7td7kJ3jpUGPxHVICkU7fFov2dUHe1c2pcbxn3BuXn-VnV33axFSWaJwxMAFKWOuo-trvRKUdq2LMoYMF5sJ0Ag&sig=Cg0ArKJSzCpWSckpR671EAE&cid=CAQSTwB7FLtql-cx-zFajszw-KYDupgBalRDrEkDeyMwR8UZHopaZ5wzsIYaEc-bQrapQ844zcPqXtVJBhgkAPoYaKdMuW73wZ6aCBPsQMhiWvQYAQ&id=lidar2&mcvt=1039&p=0,0,208,250&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=46905600&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=690156700&rst=1710968766151&rpt=1900&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403130101/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B9E0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSq8Yvk_7ZaHzL6meur8PjoW1mAiSs4vvddy0hKmkENiSzLbeCRABII7MsJABYMmGgIDco8QQoAGnoKbRAsgBAagDAcgDwwSqBMoBT9CGSGlaHZqip3gerfWJwN9zBQl_AKU0_tlOdgW0Qal...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7566fc26d45bfae80000000000000000%22,%222%22:%220x61b0aedf17500e970000000000000000%22,%223%22:%220xc8f9a3...

0
0

133ms
132ms

Fetch
text/css

142.250.80.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7566fc26d45bfae80000000000000000%22,%222%22:%220x61b0aedf17500e970000000000000000%22,%223%22:%220xc8f9a37df861c9400000000000000000%22,%224%22:%220x6a9912d0c590e8660000000000000000%22,%225%22:%220x4d8c242e075490280000000000000000%22},%22debug_key%22:%2217466223293274097284%22,%22debug_reporting%22:true,%22destination%22:%22https://files.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22707366951%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228469154587451113313%22}&andc=true

Requested by

Host: imgbb.com
URL: https://imgbb.com/YNrVVQ1

Protocol

Server

142.250.80.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7566fc26d45bfae80000000000000000","2":"0x61b0aedf17500e970000000000000000","3":"0xc8f9a37df861c9400000000000000000","4":"0x6a9912d0c590e8660000000000000000","5":"0x4d8c242e075490280000000000000000"},"debug_key":"17466223293274097284","debug_reporting":true,"destination":"https://files.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["707366951"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"8469154587451113313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Mar 2024 21:06:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 21:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7566fc26d45bfae80000000000000000","2":"0x61b0aedf17500e970000000000000000","3":"0xc8f9a37df861c9400000000000000000","4":"0x6a9912d0c590e8660000000000000000","5":"0x4d8c242e075490280000000000000000"},"debug_key":"17466223293274097284","debug_reporting":true,"destination":"https://files.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["707366951"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"8469154587451113313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DC85 14 KB
1 KB 115ms
114ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 21:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:38:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 21:06:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame DC85 2 KB
822 B 66ms
65ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 04:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 04:23:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame DC85 23 KB
9 KB 113ms
101ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:44:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame DC85 3 KB
1 KB 77ms
65ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame DC85 20 KB
8 KB 81ms
70ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DC85 206 KB
62 KB 66ms
63ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:35:24 GMT

GET
H3 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame DC85 36 KB
15 KB 69ms
65ms Script
text/javascript 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: gebehee.top
URL: https://gebehee.top/cndi4858vmefovl/4292614/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:52:46 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 1565 15 KB
6 KB 92ms
90ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:54:34 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1565 205 B
229 B 73ms
71ms Image
image/png 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:26 GMT
x-content-type-options: nosniff
age: 47323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 07:57:26 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1565 604 B
628 B 74ms
72ms Image
image/png 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:21 GMT
x-content-type-options: nosniff
age: 47328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 07:57:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 1565 22 KB
9 KB 71ms
69ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:58:18 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E25 52 KB
20 KB 81ms
80ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B7F 4 KB
655 B 93ms
93ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 21:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:31:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 21:06:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 1B7F 2 KB
822 B 68ms
68ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 04:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 04:23:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 1B7F 23 KB
9 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:44:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 1B7F 3 KB
1 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 07:52:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 1B7F 20 KB
8 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 08:00:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1B7F 206 KB
62 KB 70ms
68ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:35:24 GMT

GET
H3 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 1B7F 36 KB
15 KB 69ms
67ms Script
text/javascript 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:52:46 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B7F 27 KB
27 KB 606ms
217ms Image
image/jpeg 2607:f8b0:4006:806::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQQpRJ5NZyK_VFUGKpc2BZuM0JoIUJKX8OIqpSvIe4krb6j8EQlFzpsqfZMNw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b64a441ded115dead7d5677515814ec18bdc8c27561a1cc064f516eba85d20c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:53:30 GMT
x-content-type-options: nosniff
age: 47559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27718
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 06:15:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Mar 2025 07:53:30 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B7F 66 KB
66 KB 531ms
143ms Image
image/jpeg 2607:f8b0:4006:806::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRZmRgUzrxhAHeIJZG0ayviN2Tqmotch_zzqECAwqmd8tJYjapwvfmvGq8xQA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b18f0d4adbc03e908ec198d3039be6d7b2f6e6ebf9dc8b005f3f148cc647bb84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:03:23 GMT
x-content-type-options: nosniff
age: 46966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67084
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 02:45:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Mar 2025 08:03:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B7F 36 KB
37 KB 461ms
74ms Image
image/jpeg 2607:f8b0:4006:806::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTNAkgftMxOA3R88LQdk4EPpW5rYZUt_hmbieVkEXJmhp-D6wRvj4VDDwQtpQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bce6408ea23a25634a345b6cfbed222fdf6fb1fa92cd88a080217dfc8e0445e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:56:52 GMT
x-content-type-options: nosniff
age: 47357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37066
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 04:22:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Mar 2025 07:56:52 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B7F 16 KB
16 KB 533ms
143ms Image
image/jpeg 2607:f8b0:4006:821::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ7Rcu-kCheyVDkJcClQQEGM4dcEbbjffZwYYwY0qrrZsKZRmm_h3tYgrW4fyQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eb3e716e61c4346711c4b0f6fcced40f09e573c61ae851cb01c2b97f48623475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:01:16 GMT
x-content-type-options: nosniff
age: 47093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16736
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 03:46:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Mar 2025 08:01:16 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B7F 39 KB
40 KB 459ms
70ms Image
image/jpeg 2607:f8b0:4006:821::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRgh0XkaEAxr2ubwVAcYwUbAN5JbKOV_WaqjGxhZJ9w7nVFkgc9sIaQi_2z9Lw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

94fee7158ebfb491c85e0d60f4d7f716d701821b6d6b9f20991524ee6fce8d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:07:10 GMT
x-content-type-options: nosniff
age: 43139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40098
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 05:50:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Mar 2025 09:07:10 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B7F 19 KB
19 KB 570ms
184ms Image
image/jpeg 2607:f8b0:4006:806::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR2q6gZr0XFhFke_mOfYdXHTg9KqkxO4JlU-Uvi47Ns428C2nkQ6yglLhJlWQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fa37fb30b17de9f54304ed25561ace15fbddf243ad39880e37b30186cbec261e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:13:13 GMT
x-content-type-options: nosniff
age: 46376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19305
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Mar 2025 08:13:13 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B7F 45 KB
45 KB 555ms
166ms Image
image/jpeg 2607:f8b0:4006:821::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSYfp9162P9NadcGutl_WrYBwcRVX5SAhoO4cGmGymotVyOw_xIh9KN10JSeQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0a0d4d475ba1e347c3e0a43bca5d3e1eb9b9faebea696015a71a8e5ed48c403c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:06:55 GMT
x-content-type-options: nosniff
age: 46754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46073
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 05:39:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Mar 2025 08:06:55 GMT

GET
H3

200

14721375404797248074
tpc.googlesyndication.com/simgad/ Frame 1B7F
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCb0vi6VRCQARiQATIItFYPU8y28GA
https://tpc.googlesyndication.com/simgad/14721375404797248074

4 KB
4 KB

73ms
69ms

Image
image/png

2607:f8b0:4006:80a::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14721375404797248074

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Server

2607:f8b0:4006:80a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f8ab2778b292d70e077fc8c3c84526bbe581dc2a826165d72c7a29bec439ebae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:54:20 GMT
date: Wed, 20 Mar 2024 07:54:20 GMT
x-content-type-options: nosniff
age: 47509
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4025
x-xss-protection: 0
last-modified: Fri, 18 May 2018 16:14:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Wed, 20 Mar 2024 05:40:59 GMT
x-content-type-options: nosniff
server: cafe
age: 55510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14721375404797248074
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Apr 2024 05:40:59 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 138ms
121ms Preflight
text/html 142.250.80.66

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 21:06:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C4C 42 B
64 B 132ms
130ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8A8cf-TOgvMgK30ibO88nesliefvnT3rNMSEuGCFtVsYQGYKKihNUPWxjg7ctp7EMEzdD2h5OGmjXitcnP-6-cKHEjYzfUbGE2UXNmwBOWyGkjADWlWXM_2Ag4a6AR5xWMgf1oNlbZsTxMWqhWFJEzwSlhcg9Lv8lXd8Ja9KBh-9K2EaM6ehqQYc77y9t7TYbBzKis04NgjL7cLnqexeO06ck2xa8fRlkxm3sBDANkzltLGl-Wvi4OGBkDuVY4CFMUpoaw2rYoM8TW49tSfNcsI9Z2LM15WMEek3KBd77caaCB5zM-6v5yrVFimSmpwzIj0vpCTvBheLoL_6zIKBN7tc70n5mQrLeHucZykJEfeUAe3MDnJLs6GZW8e70iH2SUl3LfOaBJmOnOj1yUmw0Fgdw0DJeTaUguxDCe_UcFd7hTWyy1BtX5q2_lnIAQ2xI0dKnR0y9jAQybiq17x81bzDY27AhljQzZQmocYqQsL0NEIRF0ukKu-zsb0PEVA7zxoVESHmaR4Tz2WGxUB7hahoHsEj6O9CgI89BKIm0cNYwkriRnCnePDkaLGTPCJcRFIv_2LXGXTD74ILHdgeW684Is2A4ZExSko_Gvfm245K9hEcG8vzYN6SN7tXSHmp3ERcc6WRdevKyEWGs62Go73JL68jrH9NrvJNT0XNMrQoXW2vocZwyo89lwZ_ZsR7DWgv4DzhhkUjLG_msHnoaQo9zD1tku2ltPzvrD0AvFRxNRTJHXl9Pg-q-HIgAGp67VkFt235KYdModN6MsVXl6TCFwMNv60GreI3ydcOHelFv5eFSrDY5Me98uusxWLnMqHzZtAnSvHtXiTBz_9mCDLEmv-qs-q9CqoNxyfB8tX76Q4xFnH7pnVwGTPhRKaL7smGKaSK_W_7kEnUlL26XF2KHPYY6_Fbp9c7dUacYiPlLPz3jlOv_XqsvnpeLK6_gJXR4COw-BWr_C6sdV5nIGeCLWdcdQPp__n5jOaKhAdwKLXTTGIp0Lnwg1d1eWGATSYutgkuQZu2KdeuF7z9Kq_OZEwNycOSoreGdbPTDvRKdcySD_CzNRNrtNXmapxb3No2yjj2fSRLpQgLm60DKkVCOpJFc0gpeEB-74yxnMd58qgRWDLD62GXQuXTyPbAfbguSDgImcfdX18BmYMgT20F98dZ79zazK9TOIzDe0qRj_uwB9VPQ9LbRrvBYJvPaDQImr_XLRGWBC_HruhM__IUPN6_aA2c2O7wgy5-APRm1pEI1IuqgSeaVrZTRJQ6TurauuRkEkYsgX_KHGZfdcExtbjVcMcTy25S_ZOdoRCkWfT3CIArAZZtXJlH0Cw-8cvOiA-O8PIqD6s7LeNVqb6a6d3AybJ3DqBlvUtX5fEbmYlsCr3h5pyv2F27F74BNHvC3aWt2RERvi-nwfpkCrIsgQCGN-tC57t7tfyR55tECRw&sai=AMfl-YQHWHgfwMoMBtyZPqaMFsKgrNIr8H_J6tgtxJyT_hV3qEISUumPzxEz6sUGyTMOMLIQZzX6lSpVPwvQ-RrCjlnSZySlGWTujrrjRIpd0K0nZZnO9yar04tvno0TtFpJsDEl-W2xXoViHyLEF-IinASHDirsuWr9Q2jiiPE&sig=Cg0ArKJSzH2EcSnd1kgJEAE&cid=CAQSTwB7FLtqJl9bfrwMPzXJ4q3iUc6UFWLaNJRLb-qQoQhI-oBw8Rm9JoQU6jpRzy8bqQiDXC2hemO-zBsVuEGrme-JsajawdNs57frnm-XmIUYAQ&id=lidar2&mcvt=1163&p=0,0,280,336&mtos=0,1163,1163,1163,1163&tos=0,1163,0,0,0&v=20240318&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=22&adk=1877126515&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=690156700&rst=1710968766117&rpt=2087&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 3D38 13 KB
13 KB 356ms
66ms Font
application/octet-stream 2607:f8b0:4006:816::201b

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::201b -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:32:35 GMT
age: 2014
x-guploader-uploadid: ABPtcPpd-bI_IVAzwx-mFQQVQUv1o2eq3xkNwnd3KG9ngLFMwkMwRL2F9EaW1weP4aQlpuvMOt3fdGrYTA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 20 Mar 2024 21:32:35 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 3D38 12 KB
13 KB 366ms
76ms Font
application/octet-stream 2607:f8b0:4006:816::201b

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::201b -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:15:13 GMT
age: 3056
x-guploader-uploadid: ABPtcPoUrW_edeX90QQy881m4KgFGFQHZRxxRalFdUs9wohzREYXKu9akevIeUKLc8iRCJv3iLwlizADdg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 20 Mar 2024 21:15:13 GMT

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 8D69 13 KB
13 KB 422ms
133ms Font
application/octet-stream 2607:f8b0:4006:816::201b

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::201b -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:32:35 GMT
age: 2014
x-guploader-uploadid: ABPtcPpd-bI_IVAzwx-mFQQVQUv1o2eq3xkNwnd3KG9ngLFMwkMwRL2F9EaW1weP4aQlpuvMOt3fdGrYTA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 20 Mar 2024 21:32:35 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 8D69 12 KB
12 KB 443ms
154ms Font
application/octet-stream 2607:f8b0:4006:816::201b

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::201b -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:15:13 GMT
age: 3056
x-guploader-uploadid: ABPtcPoUrW_edeX90QQy881m4KgFGFQHZRxxRalFdUs9wohzREYXKu9akevIeUKLc8iRCJv3iLwlizADdg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 20 Mar 2024 21:15:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49C8 42 B
64 B 135ms
134ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBOmSQBCjLWffOFAtox7lwoKX6PKLwDB08RvKi6SNx0NnBt6stS7gwWaYFf1I3q6kmqT_LFQRqRhCFxHnfJHM6Rf6L9vQQdV_SQkZBW2kVtBkDWCFGYY2XeLhaZUMH-1Kl-Z_ebhhaFH22S1i0biWU449i71PNzhE&sai=AMfl-YSSg_tdINq3sZdDusnYiIl5UohDPtw-yVxESVqrsgP5u2TFDtwoWNXml1B8KnroJzgAuWDCNTDibm-8bMbfBMeHdcUXDz1w3MYa8PnLwXpnk5-lYPrlVFKtxzI5Ivcsc9I5a-fTFLvY4JotUWD7&sig=Cg0ArKJSzMw0P4CNc4RTEAE&cid=CAQSTgB7FLtqsEJuGohxEKvWwRCNBXg1pWoOzw7dh3b0bB5B0X20ggZd0tyK8GO3nTmd2OgQcXHxkOOPc_tGLC8ckCKN3na_N3esp81hPJAV5RgB&id=lidar2&mcvt=1095&p=0,0,250,300&mtos=1095,1095,1095,1095,1095&tos=1095,0,0,0,0&v=20240318&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1075946893&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=690156700&rst=1710968766194&rpt=2191&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 21:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVgQVPR9qxhz0djKzbkWlpg-KjAVBWIHXIM8aMVH4zNO8XLauf0JVDePoTUUaexljd81aP1-NtnO9C7oWKWyu9rsHRVrfUfGA_QrCwGtBBKmE0fquh9CTwFCdO-LUkuR8vWx6dAyw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 104ms
103ms Script
application/javascript 2607:f8b0:4006:816::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVgQVPR9qxhz0djKzbkWlpg-KjAVBWIHXIM8aMVH4zNO8XLauf0JVDePoTUUaexljd81aP1-NtnO9C7oWKWyu9rsHRVrfUfGA_QrCwGtBBKmE0fquh9CTwFCdO-LUkuR8vWx6dAyw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwOTY4NzY5LDU3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaW1nYmIuY29tL1lOclZWUTEiLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

64433bc6793359c2fee0838ef22fe073193bb7c78d6c0eb0716b7e1be661cf49

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LZYch8pfPGkeBdPPWxfxQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 21:06:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-LZYch8pfPGkeBdPPWxfxQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDcXD-2_VsAif2TtrABADhOzFj"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1B7F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6be27b0977e9a7b8ecac2ba0ef9e4be96e76d88d166524bc148a57310fc5f250

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
pagead2.googlesyndication.com/bg/ Frame 10B5 0
0

GET ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1B7F 0
0

GET adview
googleads.g.doubleclick.net/pagead/ Frame 1B7F 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

GET ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
pagead2.googlesyndication.com/bg/ Frame 1779 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Domain: simgbb.com
URL: https://simgbb.com/5286/jquery2.js

Domain: simgbb.com
URL: https://simgbb.com/5286/ibb.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=C5ERNvk_7Za6-LvXZoPMPjaKtkArFo9rCdofxruG3ELCQHxABII7MsJABYMmGgIDco8QQoAGS-vHaA8gBCagDAcgDywSqBMsBT9A2MMpxyXor1UVRVCC9S8c2Ktm6-a2-t-HoqnL4Ah1R-gFm9Rlk_5McofR5qNueryZcI9MJz6yxWBW6w6FkHwvNs2utUAza2HgapMglInhiwyRdnmT-eHE4VNlHbWq5P-WOUmJ0DBBg6SCZwzeWMaiAmG4L8qcW6FiHH6mKzl9WiXOhuVFYU_0kPvklfW0KJy28Ji8WXG-ZrpMFNlaldhUmlavqCIHKGCYDloZxkDyaiJ_G6kE5wbqrlksVYcHK9fel1GqY422KPp3ABIGkiZ3zA4gFzJr81T-SBQQIBBgBkgUECAUYBKAGLoAHns2gaKgH2baxAqgHr76xAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBCejQjSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYt-rBrN-DhQOaCS5odHRwczovL3d3dy5ldHN5LmNvbS9mZWF0dXJlZC9ldHN5LXRvcC1zZWxsZXJzgAoByAsB2gwRCgsQ4KWO_9jJg7eXARICAQPYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNjcyMTcwNDk3MjkxNDM0ORgAshgJEgL9UBguIgEA&sigh=XBX4METCpLg&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqSWApbT5jowVPQJXcslD6Cc_I_OaPdJv_fJC-h8mxa-AAebJFsx4ZhHbuHji_hIekWOYwPpTWYMq2eaO59630GVvBltAUiA2X2xgB&template_id=494&cbvp=2&vis=1&nis=5

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240314&st=env

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gebehee.top/	1970-01-21 04:01:44	Name: OAID Value: 008025fd913d4b8cea3aba015eef45b9
gebehee.top/	1970-01-21 04:01:44	Name: oaidts Value: 1710968762
my.rtmark.net/	1970-01-21 04:01:44	Name: ID Value: 008025fd913d4b8cea3aba015eef45b9
gebehee.top/	1970-01-20 19:26:13	Name: syncedCookie Value: true
.imgbb.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bofe9ppban3httsprv6gqp6iek

76 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gebehee.top/cndi4858vmefovl/4292614/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbb.com/YNrVVQ1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.usefulcontentsites.com
cm.g.doubleclick.net
datatechone.com
dsum-sec.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gebehee.top
googleads.g.doubleclick.net
i.ibb.co
ib.adnxs.com
ibb.co
imgbb.com
my.rtmark.net
pagead2.googlesyndication.com
s0.2mdn.net
services.vlitag.com
simgbb.com
storage.googleapis.com
tpc.googlesyndication.com
tracking.trackingshub.com
www.google.com
www.googleadservices.com
www.gstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
services.vlitag.com
simgbb.com
104.21.34.74
139.45.195.253
139.45.195.8
142.250.80.66
142.251.32.98
142.251.40.102
169.197.85.95
172.64.151.101
213.174.132.224
2606:4700:3031::ac43:ba35
2606:4700:3032::ac43:83fb
2606:4700:3036::6815:1440
2607:f8b0:4006:806::2002
2607:f8b0:4006:806::200e
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2001
2607:f8b0:4006:80c::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:816::201b
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:821::2006
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2004
35.204.193.90
68.67.160.117
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
07777fc27b729d29ecc2eab3bf5e43ed7d82ea4e9fd62b29b3ac35d9765c538b
0a0d4d475ba1e347c3e0a43bca5d3e1eb9b9faebea696015a71a8e5ed48c403c
0a920bcaa94c3d8b5ad5b39a9a0dd55d24780058ebdedf055ce29a17d6f8fdbf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d963a05e5107ce60f32f103f0434e5ebddfabd4ef9b27e7d343ca570ca73727
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b9b3537856492cf69dd87e6b20faa2a14cb48df80fcae8b5ea25e5dc6f78e3f
2f54d0ecd2a9c08fcdcc2e5a6acf0770288e46273877efb7d179f1d1a0eff7d3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d05426159f53daf83a9689f0705f773a904fba488ab7f958b37a5384e40011c
3d80a99391eeb3bfe5d8e8fd3deab31804a582b164aaaa20fbc9eb8baf38ba70
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44b9a9035e53fb85ed28f7ed3387b903efb359694b7510eb351bb3d081fc0da1
4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
59a2f4fc027c205470d006c4a0a6ac24dd838cf80574d60f3b5e9459c50b1c85
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
64433bc6793359c2fee0838ef22fe073193bb7c78d6c0eb0716b7e1be661cf49
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5
6be27b0977e9a7b8ecac2ba0ef9e4be96e76d88d166524bc148a57310fc5f250
6d2c308318200321bc194c7dae715236fc4eddaab4188d1a0568a8fa8721024a
6e89d87038bd555d4b124f9d7482c7a0b240e4e9dfa897f3ae8e9236434a5182
7a34f1460a98ed2b7fae6e1ab1fb7af96490a0aaa0aca25f9381a5e179e28327
7a9e63f4c5a451335e1de84e67a922dcf879a8efce4667387f65327329d6f092
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
94fee7158ebfb491c85e0d60f4d7f716d701821b6d6b9f20991524ee6fce8d28
959665265372d16026d66fe8f17afb8951d97f16a2c1c47ca93c866f0b4f9303
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9c381fc08c2f38d0a36b77a9cbbb97dd4f757b9c0e12a9abee8591c7b7f8a941
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a13e3376c4ddd3c5b2f94d9a00074cf6ec818a33328532b4cc6c47feda213459
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a89c59fa653e4484e61477bbdd20efba1603d8d47f1d9c11cb4686fcdb302f22
aad0aa2c5e2767db2d5e96c288990838d7330a9d09a2620a4533b298bbbf386e
aedb5fa3282a6d7d18f47d01bedaeb33cb50db9996642a131dfd236ef48c39a5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18f0d4adbc03e908ec198d3039be6d7b2f6e6ebf9dc8b005f3f148cc647bb84
b1afd0854f937884ac0693919162128310f2fe4023ddc394161d4a8cb0458410
b64a441ded115dead7d5677515814ec18bdc8c27561a1cc064f516eba85d20c4
bc538a3e1815b8904000456842e4060be77d33326d30ee55d077bbb8e0da03b0
bcadf21c2d819037677b99161b2ac022e8b7e68bcf8a4f86d71e0d79f448adf3
bce6408ea23a25634a345b6cfbed222fdf6fb1fa92cd88a080217dfc8e0445e0
bf44bfff1514ba2221b721e2ac1e1cf8d3bb015b759809f554ff816a54ddb0b0
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
dbe8166f42122f5fa34fd261699636d231941aabdc6710a58903f0a3804c2d6b
dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4677b36060f5d3a00059f9e69141d80faa7ec081b77917def1fd60eed6fd9ef
eb3e716e61c4346711c4b0f6fcced40f09e573c61ae851cb01c2b97f48623475
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0c855cf592efb8719926ef24f95a225623ceea83bbac08894eb50bae312cf72
f18fa63e908ae5587bd4bd776ef9fac6248ed1c4b480c920cfe87cbae773ab20
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8ab2778b292d70e077fc8c3c84526bbe581dc2a826165d72c7a29bec439ebae
fa37fb30b17de9f54304ed25561ace15fbddf243ad39880e37b30186cbec261e
fc7932b7a63af2f11d40d1d6448260b0fc29bae808b9e4978ed5a326f8cf5ce1

imgbb.com Open in urlscan Pro 2606:4700:3036::6815:1440 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

88 %HTTPS

58 %IPv6

18 Domains

27 Subdomains

25 IPs

4 Countries

2292 kBTransfer

5454 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

imgbb.com Open in urlscan Pro
2606:4700:3036::6815:1440 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

88 %
HTTPS

58 %
IPv6

18
Domains

27
Subdomains

25
IPs

4
Countries

2292 kB
Transfer

5454 kB
Size

5
Cookies

133 HTTP transactions
5 data transactions