www.needcoolshoes.com Open in urlscan Pro
52.204.190.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.needcoolshoes.com/banner?=paae
Submission: On April 01 via manual (April 1st 2021, 1:42:23 am UTC) from US

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 14 domains to perform 73 HTTP transactions. The main IP is 52.204.190.140, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.needcoolshoes.com.

This is the only time www.needcoolshoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	52.204.190.140 52.204.190.140	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	152.199.21.117 152.199.21.117	15133 (EDGECAST) (EDGECAST)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1 2	198.24.170.50 198.24.170.50	19437 (SS-ASH) (SS-ASH)
1 10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400c:c13::5e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	93.184.221.64 93.184.221.64	15133 (EDGECAST) (EDGECAST)
1	54.203.171.101 54.203.171.101	16509 (AMAZON-02) (AMAZON-02)
73	24

15 52.204.190.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-190-140.compute-1.amazonaws.com

www.needcoolshoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.21.117 (United States)

ASN15133 (EDGECAST, US)

ssl.cdne.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.24.170.50 (Ashburn, United States) 1 redirects

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400c:c13::5e (Charleston, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

asf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.64 (London, United Kingdom)

ASN15133 (EDGECAST, US)

playtime.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.171.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-171-101.us-west-2.compute.amazonaws.com

gsght.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	207 KB
15	needcoolshoes.com www.needcoolshoes.com	257 KB
12	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	203 KB
7	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	38 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	163 KB
5	cpmstar.com 1 redirects ssl.cdne.cpmstar.com server.cpmstar.com	236 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	gsght.com gsght.com	360 B
1	tubemogul.com playtime.tubemogul.com	2 MB
1	everesttech.net asf-tm.everesttech.net	3 KB
1	google.com adservice.google.com	553 B
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	645 B
73	14

	Domain	Requested by
15	www.needcoolshoes.com	www.needcoolshoes.com
10	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	www.needcoolshoes.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
3	ssl.cdne.cpmstar.com	www.needcoolshoes.com
3	fonts.googleapis.com	www.needcoolshoes.com googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	server.cpmstar.com	1 redirects www.needcoolshoes.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.needcoolshoes.com www.google-analytics.com
1	gsght.com
1	playtime.tubemogul.com	www.needcoolshoes.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	asf-tm.everesttech.net	imasdk.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.needcoolshoes.com
73	24

This site contains links to these domains. Also see Links.

Domain
server.cpmstar.com

Subject Issuer	Validity	Valid
needcoolshoes.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-26` - `2022-02-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
ssl.cdne.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2021-02-24` - `2022-03-28`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2020-06-30` - `2022-09-18`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-24` - `2021-04-25`	a month	crt.sh
*.tubemogul.com DigiCert SHA2 Secure Server CA	`2020-04-07` - `2022-05-19`	2 years	crt.sh
gsght.com R3	`2021-02-23` - `2021-05-24`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://www.needcoolshoes.com/banner?=paae
Frame ID: C079F4E0E9527384711BA1CF01EBDDCD
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html
Frame ID: 1CC25C99D042A59DCCCF33C7D6F6F502
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132
Frame ID: 55BB59BD865475681C17540263A1B8D4
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323393&bpp=3&bdt=599&idt=133&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lJo5CiQOoO&p=http%3A//www.needcoolshoes.com&dtd=138
Frame ID: D4A608985F61F47E93853937E70F77CD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&adk=2724206178&adf=234374453&lmt=1617241323&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&ea=0&flash=0&pra=7&wgl=1&dt=1617241323435&bpp=2&bdt=642&idt=104&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x280&nras=1&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=110
Frame ID: 3D57D30B98CD2A8D9115DBF5003FA60E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: 827AF5B9AB8B26F27708CFECAE5F018B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4D6FFEA4E361E2F0199D1B4B41EA3197
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

73
Requests

89 %
HTTPS

70 %
IPv6

14
Domains

24
Subdomains

24
IPs

4
Countries

3001 kB
Transfer

3892 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://server.cpmstar.com/click.aspx?poolid=83516&subpoolid=0&campaignid=467325&creativeid=1268290&imptld=needcoolshoes.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 33

http://server.cpmstar.com/view.aspx?poolid=83516&json=nc&rnd=319995&callback=n1j8wa0 HTTP 302
https://server.cpmstar.com/view.aspx?poolid=83516&json=nc&rnd=319995&callback=n1j8wa0

Request Chain 59

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHu-nffRCrARirATIIy-TP4BK3rds HTTP 301
https://tpc.googlesyndication.com/simgad/16723216399289083998

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request banner Show response
www.needcoolshoes.com/ 17 KB
17 KB 244ms
204ms Document
text/html 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.needcoolshoes.com/banner?=paae
Protocol: HTTP/1.1
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 113efbb99ac223538d5141ffdf0192e1767f57e0a02bade849eec6ff33e57a10

Request headers

Host: www.needcoolshoes.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 01 Apr 2021 01:42:02 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Via: 1.1 vegur

GET
H/1.1 200
OK css
fonts.googleapis.com/ 7 KB
1 KB 21ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato|Roboto+Slab:400,700,300&subset=latin,latin-ext

Requested by

Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17cf9c3efcbafef7f15331e9bf1c4e5c8a1b97425245978ac16efb1c21654bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01 Apr 2021 01:42:02 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 01 Apr 2021 01:42:02 GMT

GET
H/1.1 200
OK banner.css
www.needcoolshoes.com/assets/css/ 53 KB
53 KB 406ms
194ms Stylesheet
text/css 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.needcoolshoes.com/assets/css/banner.css
Requested by: Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 25bbd9e1bf7e90508af553d13dbca7531168cd41725dc2a14818b0e799bf4e8d

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "d395-5be0c45e3df40"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54165

GET
H/1.1 200
OK header.png
www.needcoolshoes.com/assets/img/ 8 KB
9 KB 403ms
109ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/header.png
Requested by: Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3b0fc877763d6652ad1957931e9a93eab9c563e2d821e4d27e39c6d8f7bd8c9e

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "215c-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8540

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d83607d271d287418fdb2b503d0d282c0cdf91c6b3c8c574d3dc4e3674d8b6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 01 Apr 2021 01:42:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4916182422922681706
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47643
X-XSS-Protection: 0
Expires: Thu, 01 Apr 2021 01:42:02 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 12:30:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 47522
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 32954
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 31 Mar 2022 12:30:00 GMT

GET
H/1.1 200
OK banner.js Show response
www.needcoolshoes.com/assets/js/ 79 KB
79 KB 241ms
109ms Script
application/javascript 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.needcoolshoes.com/assets/js/banner.js
Requested by: Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f3d32f0e25437c6995f4ed984f3dca542b130b847af8ecc84fda4b9e528fd065

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "13c20-5be0c45e3df40"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80928

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 5216
date: Thu, 01 Apr 2021 00:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 01 Apr 2021 02:15:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bg-top-tile.jpg
www.needcoolshoes.com/assets/img/ 33 KB
34 KB 110ms
109ms Image
image/jpeg 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bg-top-tile.jpg
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7c0c64dd3ebd0301f6970e85cac5656838a6250c95567781828cdaac3e37994a

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "85d8-5be0c45e3df40"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34264

GET
H/1.1 200
OK bg-tile.jpg
www.needcoolshoes.com/assets/img/ 2 KB
2 KB 103ms
103ms Image
image/jpeg 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bg-tile.jpg
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: db74696d286086332e5edd1cfafeba7121af63cf343431286e9c690a9c2efe5e

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "8dd-5be0c45e3df40"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2269

GET
H/1.1 200
OK flourish.png
www.needcoolshoes.com/assets/img/ 12 KB
12 KB 117ms
108ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/flourish.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: eac5c50a09bc54f3114788c089f6a048fbfd0be7b64f56d1e135a8817e33a004

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "30c2-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12482

GET
H/1.1 200
OK bgdiags.png
www.needcoolshoes.com/assets/img/ 279 B
532 B 327ms
108ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bgdiags.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d949ae51099d029b266fbcb868316ec7386ca5284000e5f1fb0bbbac81efa5a1

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "117-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato|Roboto+Slab:400,700,300&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.needcoolshoes.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 27 Mar 2021 06:50:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:46 GMT
Server: sffe
Age: 413516
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 23484
X-XSS-Protection: 0
Expires: Sun, 27 Mar 2022 06:50:07 GMT

GET fontello.woff
www.needcoolshoes.com/assets/vendor/fonts/icon/ 0
0

GET
H/1.1 200
OK white.png
www.needcoolshoes.com/assets/img/bnnr/ 20 KB
21 KB 296ms
109ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bnnr/white.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0c3f8c971306eb98dbc271c6d36058f7b421e04b2bb1c03ad093dc1daedc5347

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "519c-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20892

GET
H/1.1 200
OK bg_base.png
www.needcoolshoes.com/assets/img/bnnr/ 14 KB
15 KB 146ms
114ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bnnr/bg_base.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 30a068e4fb4cb2faa71b8e613d047c02cc7fd691d937e34c8cbcb82dc1fa301d

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "39b8-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14776

GET
H/1.1 200
OK bg.png
www.needcoolshoes.com/assets/img/bnnr/ 196 B
448 B 148ms
104ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bnnr/bg.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: aa2d25309f6f2f59715a0c32c2eb35105d2aee3e9ba13af7a226f5ef7707eeb4

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "c4-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 196

GET
H/1.1 200
OK white.png
www.needcoolshoes.com/assets/img/bnnr/sm/ 6 KB
6 KB 243ms
108ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bnnr/sm/white.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6ce8cb1461f940641cf5409d4946dcbb72d356ad1ce5d913f583a1a7f5b78017

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "173d-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5949

GET
H/1.1 200
OK bg_base_sm.png
www.needcoolshoes.com/assets/img/bnnr/ 782 B
1 KB 246ms
106ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bnnr/bg_base_sm.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3320f52d68d27590415808e51326b1553d18bb515cd1d14d04646fb193e2de76

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "30e-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 782

GET
H/1.1 200
OK black.png
www.needcoolshoes.com/assets/img/bnnr/sm/ 6 KB
6 KB 153ms
106ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/bnnr/sm/black.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b39f453bf8f6d91f551a1306f02bb9d3d05e441bd0a121bf635ce57e2ad613ba

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "17c1-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6081

GET
H/1.1 200
OK BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 39 KB
39 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato|Roboto+Slab:400,700,300&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.needcoolshoes.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 22:19:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Jan 2021 22:03:59 GMT
Server: sffe
Age: 98537
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 39440
X-XSS-Protection: 0
Expires: Wed, 30 Mar 2022 22:19:46 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/ 227 KB
85 KB 49ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86637
x-xss-protection: 0
server: cafe
etag: 7600525576280132900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 01:42:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/ Frame 1CC2 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210329/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.needcoolshoes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.needcoolshoes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 31 Mar 2021 22:40:42 GMT
expires: Wed, 14 Apr 2021 22:40:42 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 10881
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 siteskin_v100.pack.js Show response
ssl.cdne.cpmstar.com/cached/js/ 15 KB
4 KB 84ms
20ms Script
application/javascript 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.cdne.cpmstar.com/cached/js/siteskin_v100.pack.js
Requested by: Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AE4) /
Resource Hash: 876a4fe5aff2bd7035c1ec6ff645b592aeebb2ea9b579ae8f065e011ed3440e4

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:03 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 08:30:19 GMT
server: ECAcc (ama/8AE4)
age: 11418
etag: "809fba186ded61:0"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
content-length: 4166

GET
H/1.1 200
OK grid.png
www.needcoolshoes.com/assets/img/ 335 B
588 B 198ms
102ms Image
image/png 52.204.190.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.needcoolshoes.com/assets/img/grid.png
Requested by: Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-190-140.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8df9592e56bd0616ed6af91c1e33f2d72ea33fe73ae2dea4a5d6dcf382c3e775

Request headers

Referer: https://www.needcoolshoes.com/assets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 01:42:03 GMT
Via: 1.1 vegur
Last-Modified: Sun, 21 Mar 2021 13:53:25 GMT
Server: Apache
Etag: "14f-5be0c45e3df40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 335

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
393 B 45ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=220357635&t=pageview&_s=1&dl=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&ul=en-us&de=UTF-8&dt=Minecraft%20Banners%20%3A%3A%20Miners%20Need%20Cool%20Shoes%20Skin%20Editor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=385723279&gjid=1093369781&cid=1556908268.1617241323&tid=UA-47388331-1&_gid=1348002881.1617241323&_r=1&_slc=1&z=1096161570

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 01:42:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.needcoolshoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
645 B 85ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.needcoolshoes.com&callback=_gfp_s_&client=ca-pub-1740835900918404

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6e519798040149012c57dc0f428acc1cf7469819315d1eaae2a5da3954a69878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.needcoolshoes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 01:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.needcoolshoes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 01:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55BB 81 KB
23 KB 546ms
532ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47e7a5926a799b67b33fcd9ca93cc95889d0554781de1066882de93a16b08c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.needcoolshoes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.needcoolshoes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Apr 2021 01:42:04 GMT
server: cafe
content-length: 23468
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 01:57:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Apr 2021 01:42:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 01 Apr 2021 01:42:03 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4A6 45 KB
10 KB 357ms
357ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323393&bpp=3&bdt=599&idt=133&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lJo5CiQOoO&p=http%3A//www.needcoolshoes.com&dtd=138

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5feffbc29d291e11f299ab87ea52623a1d906d9954dcdc382e97fcf8d7fa8529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323393&bpp=3&bdt=599&idt=133&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lJo5CiQOoO&p=http%3A//www.needcoolshoes.com&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.needcoolshoes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.needcoolshoes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Apr 2021 01:42:03 GMT
server: cafe
content-length: 10048
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 01:57:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Apr 2021 01:42:03 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-47388331-1&cid=1556908268.1617241323&jid=385723279&gjid=1093369781&_gid=1348002881.1617241323&_u=IEBAAAAAAAAAAC~&z=1882735183

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Apr 2021 01:42:03 GMT
content-type: text/plain
access-control-allow-origin: http://www.needcoolshoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D57 54 B
596 B 45ms
45ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&adk=2724206178&adf=234374453&lmt=1617241323&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&ea=0&flash=0&pra=7&wgl=1&dt=1617241323435&bpp=2&bdt=642&idt=104&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x280&nras=1&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=110

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1740835900918404&output=html&adk=2724206178&adf=234374453&lmt=1617241323&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&ea=0&flash=0&pra=7&wgl=1&dt=1617241323435&bpp=2&bdt=642&idt=104&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x280&nras=1&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.needcoolshoes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.needcoolshoes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Apr 2021 01:42:03 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 01:57:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Apr 2021 01:42:03 GMT
cache-control: private

GET
H/1.1

200
OK

view.aspx Show response
server.cpmstar.com/
Redirect Chain

http://server.cpmstar.com/view.aspx?poolid=83516&json=nc&rnd=319995&callback=n1j8wa0
https://server.cpmstar.com/view.aspx?poolid=83516&json=nc&rnd=319995&callback=n1j8wa0

700 B
1 KB

384ms
97ms

Script
application/javascript

198.24.170.50
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=83516&json=nc&rnd=319995&callback=n1j8wa0
Requested by: Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.50 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b1999378153b2f7272cebf1a0dd5a00f449da3c2f7b1bd65065de18f6d48a7b8

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Apr 2021 01:42:03 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://server.cpmstar.com/view.aspx?poolid=83516&json=nc&rnd=319995&callback=n1j8wa0
Cache-Control: no-cache
Content-length: 0

GET fontello.ttf
www.needcoolshoes.com/assets/vendor/fonts/icon/ 0
0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame D4A6 17 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323393&bpp=3&bdt=599&idt=133&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lJo5CiQOoO&p=http%3A//www.needcoolshoes.com&dtd=138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 12304503248286081012
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 00:38:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D4A6 8 KB
808 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 00:19:39 GMT
server: ESF
date: Thu, 01 Apr 2021 01:42:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 01:42:03 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210329_RC00/ Frame D4A6 14 KB
3 KB 28ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210329_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 21:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189172
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 19:56:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Mar 2022 21:09:11 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210329_RC00/ Frame D4A6 357 KB
124 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210329_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50305edcc36816fff7528276891504d21fa4eb1f64bf808c650179901d43e2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 21:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189172
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126670
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 19:56:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Mar 2022 21:09:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame D4A6 13 KB
6 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 00:53:44 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D4A6 0
331 B 318ms
112ms Other
image/gif 2607:f8b0:400c:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~kmy7q7yb&c=1357666581189&slotId=678833290594.5&qqid=CKea7bT12-8CFRZW4AodVEYPkw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408&nsei=44714510%2C75259405%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210329_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 01:42:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D4A6 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:37:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 122671
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:37:32 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D4A6 15 KB
16 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 96931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 30 Mar 2022 22:46:33 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D4A6 0
433 B 66ms
53ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvUCm6yRlYOf4IZasgQfUjL2YCYD_kpBckqTFiXbAjbcBEAEgAGCViriCyAeCARdjYS1wdWItMTc0MDgzNTkwMDkxODQwNMgBBagDAcgDAqoEvQFP0H1DOq5UkXPQSNjuEjJoBHGZ6N80FST4T5qIrRRHUzy9jNLTSuPQ0IcbK4gjq_EXrKzl92m--7m_-3wYKWbW00l0kLMS2yNo-e-4muYJy7vc45Nl5zZ1kRs2qcJrueGwEjd-v5MEZwBlOdBo13YTjcH-GRIeLXWwyEg2Bcgg2-u66sBjsqP_fgbx2Ft4PGKY4jtvXMvHmKy-DlDxj6NsYsmu5rfy8mQzKdGTvyS52vfRr3BbNGe0IrSWrEGABvCLk4a2hIPQ4QGgBiqoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB&eventType=clickstring&clientTime=1617241323980&ai=CvUCm6yRlYOf4IZasgQfUjL2YCYD_kpBckqTFiXbAjbcBEAEgAGCViriCyAeCARdjYS1wdWItMTc0MDgzNTkwMDkxODQwNMgBBagDAcgDAqoEvQFP0H1DOq5UkXPQSNjuEjJoBHGZ6N80FST4T5qIrRRHUzy9jNLTSuPQ0IcbK4gjq_EXrKzl92m--7m_-3wYKWbW00l0kLMS2yNo-e-4muYJy7vc45Nl5zZ1kRs2qcJrueGwEjd-v5MEZwBlOdBo13YTjcH-GRIeLXWwyEg2Bcgg2-u66sBjsqP_fgbx2Ft4PGKY4jtvXMvHmKy-DlDxj6NsYsmu5rfy8mQzKdGTvyS52vfRr3BbNGe0IrSWrEGABvCLk4a2hIPQ4QGgBiqoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 01:42:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Bv3KeTF3GPApaJlwOkJM Show response
asf-tm.everesttech.net/vast/ Frame D4A6 12 KB
3 KB 136ms
77ms XHR
text/xml 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-tm.everesttech.net/vast/Bv3KeTF3GPApaJlwOkJM?psId=bwAa72rJ8T867D2KhdC9&price=YGUk6wAIfGcK4FYWAA9GVE9yCtV8zIjaNtiuig&bt=f&bi=B09PLvi0-2oRg6AmjpZdo4QYTAjB_PUBw9abIsDdbrPQUgdl4tJnb_n4bZtyn0zZ6x9xHXgoNRaX46pBS-SCKn465aQD0U6ykRk1dy7eoipq16R-HB08uGPo6x2csxtXZxHFL5QUsdpOj5EjTMRNYy2bQc59WJP53e61cMUyZJG6IBE9AiR7zzCf5LKd3ty153M1876AYYt7RY0w-4RbZG8yJ_OyIh_HGZjaQEHmpKUhdE&PG=F&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&tm_user_cntry=80&win_url=https%3A%2F%2Frtb-lb-event-eu-west-1-tm.everesttech.net%2Frtb%2Fe.png%3Fe%3Dwin%26aid%3DdZs_uJKLEeuT1Aa81hVOuw.1-1.MB%26cp%3D2421433%26slot%3D1%26x_price%3DYGUk6wAIfGcK4FYWAA9GVE9yCtV8zIjaNtiuig%26ets%3D1617241323617%26tz%3DAsia%252FSeoul%26source%3Dgoogle%26fc%3D50%26fci%3D1%26country%3DDE%26region%3D15%26mc%3D48%26ap%3D0%26ut%3D0%26vis%3DUNKNOWN%26site%3DbwAa72rJ8T867D2KhdC9%26bp%3D3703864%26curr%3DUSD%26exr%3D1.0%26fid%3DBv3KeTF3GPApaJlwOkJM%26c%3D4117926542%26ccurr%3DUSD%26cuxr%3D1.0%26a%3D460858%26ca%3D714659%26st%3DINSTREAM%257CINSTREAM_SKIPPABLE%257CUNIVERSAL_VIDEO%26sh%3D280%26sw%3D970%26rid%3D1257%26mp%3D9%26psk%3DbwAa72rJ8T867D2KhdC9%26cfc%3D0%26cfci%3D0%26dur%3D-1%26cityid%3D168268%26metroid%3D-1%26countryid%3D80%26postalid%3D252701%26duration%3D30%26v%3D1%26auth%3DwHxmMFtYziz8U9fkxsZYGCip7ow%26x_r%3DxTL9AQ&auction_id=dZs_uJKLEeuT1Aa81hVOuw.1-1.MB&didtype=UNK&tm_os_group=windows&tm_device_group=unknown&env=site&conn=ethernet&q=H4sIAAAAAAAAAG1Sv2_TUBDGdhvSLJQ0iCoSkglLU2Hn2X6O7RZEkyYxTWpSkpTQLMg_XmtTJ8_4R5MylqXqwFC2IrEhJBBC6lQ6M_EPsCOxdEIVA2JAhLZICHHDnfTp7jt9393Yu6NPA-5g-9WlFzc-j6Tfjiamw00PsWsYr7lI95yANXE3ZziWhXy2YDWRv4H8BnoUoSBM_hyZ_L6QSRU3hBpqVQR1qeDpVbdfX69qU--_PCP41PJGqWW0G03Aqw3tYRP3DK8iP3358c2FYiosVGFJHnQC3JYHK7gqdO62dwlfw48d19VzIgvoqbbTs3A_oO-0aA6wYJYeAnk4Sw_yMEsXPM9FbWTUnDAnChIr5Omp2u2Wtniddp11RKvIXMdZet72cRflZIUFLBSGReLppr6q-87Z1B5BixwnWiYyFGjKpg55KJgm4A1elwDKC4A_JK5YneBBVK0tllHU4gq6zNn36lGf5RiO1YpHhBzf_5ZNpox-QZd4vyq35LxU4mu2Na-kL_YQskyM3cDG6MRRmlLOncTXW8dEyosMhpMgkAVRAUDhZAjgDyJV6Vo8NML7m6q40lGUIl7RFrbIBIqY_tB9htN3yKQfGszpdZhVxw9CIOyS4_-Cr8mRwAnRPhlHoY38HgqPyZuJv4iSsdP29H_4MhOQBUyjVWR4wHMAgqFicYuaS8ROn2T8YPszkaaWm6XM75T9o2uGcrpe8XJlaH55EA636u6S75hIPZlaGtuhYnFinJgk9qgzpkOKTZClcpLkxExCi2zX1qMA9aZHFUWRIH9eLdfn66XyTEyt19XF8hxx9Yn_YRC_NvH8F7UEYK_HAgAA
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210329_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 5fbbfe8c900d988dbe66f8bf00122ff9d788e06cd0581081feecdc9769d264ec

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:04 GMT
content-encoding: gzip
x-pt: P=3089 0=1463
access-control-allow-origin: https://googleads.g.doubleclick.net
x-c: V-S
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-h: rtb-adserver08.adcloud-prod.eu-west-1.private
x-region: EU-East
x-served-by: cache-hhn4051-HHN
x-cache: MISS
pragma: no-cache
server: Jetty(9.4.35.v20201120)
x-timer: S1617241324.085255,VS0,VE54
vary: Accept-Encoding, User-Agent
x-failover: none
via: 1.1 varnish
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame D4A6 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaQ966yRlYOf4IZasgQfUjL2YCYD_kpBckqTFiXbAjbcBEAEgAGCViriCyAeCARdjYS1wdWItMTc0MDgzNTkwMDkxODQwNMgBBagDAcgDAqoEugFP0H1DOq5UkXPQSNjuEjJoBHGZ6N80FST4T5qIrRRHUzy9jNLTSuPQ0IcbK4gjq_EXrKzl92m--7m_-3wYKWbW00l0kLMS2yNo-e-4muYJy7vc45Nl5zZ1kRs2qcJrueGwEjd-v5MEZwBlOdBo13YTjcH-GRIeLXWwyEg2Bcgg2-u66sBjsqP_fgbx2Ft4PGKY4jtvXMvHmKy-DlDxj6NsYsmu5rfy8mQza9OfLfJlIrAQVyT7jwwRsRGABvCLk4a2hIPQ4QGgBiqoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi0xNzQwODM1OTAwOTE4NDA0&sigh=LNTSZunRmN4&vt=10

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323393&bpp=3&bdt=599&idt=133&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=7949411088806&frm=20&pv=1&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lJo5CiQOoO&p=http%3A//www.needcoolshoes.com&dtd=138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Apr 2021 01:42:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Apr 2021 01:42:04 GMT

GET
DATA 200
OK truncated
/ Frame D4A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7f284a0d6babcbdc212bc0b388137dd60fdd5b30066b509b50158b9f8903fdb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 55BB 2 KB
969 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 00:28:24 GMT
server: ESF
date: Thu, 01 Apr 2021 01:42:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 01:42:04 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 55BB 1 KB
980 B 37ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 00:45:31 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame 55BB 17 KB
7 KB 33ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 12304503248286081012
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 00:38:35 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 55BB 2 KB
2 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 01:25:02 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55BB 118 KB
36 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 01:42:04 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 55BB 13 KB
6 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 00:53:44 GMT

GET
H2 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame 55BB 25 KB
11 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 05:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 591441
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 23 Jun 2021 05:24:43 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55BB 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYj166yRlYMD9IZmQgQfMsIi4D_6X3fVgjeCLn9QLv-EeEAEgtdSlBmCViriCyAegAZWa4JoDyAEJqQJKAE0z56yzPqgDAcgDywSqBMABT9Ai0QvGw9qoGiJ-RIwpGx3CdnwI6hDqSiDeeTgnJbZFO3K1W-dEreCIniv_tVdRqih4eVvLIxRPO58OCBu-0KjqF7blVRA4dqQp8XBqa00V1KlyNoCbF8xcEWSM2nqf1VEosXPGfmaFvK3KnakO7ZUnBggJ9Ym0bYz-kxYorJTmm5EEAQUvCOjcc1tsnGG7PQuKcyH4jlpcZrRAh2aavJOs5HcV3O82tA7Wt7ZiFFzZC27Lk8G4d-NYjPCF6sT_wATOgt2rnwGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0-WfZagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQo8Ag0ggJCIDhgBAQARgfgAoByAsB2BMNiBQFshcaChgIABIUcHViLTE3NDA4MzU5MDA5MTg0MDQ&sigh=26QmGYqwhVI&template_id=494&tpd=AGWhJmuvCf-TW390jyVpYuUnEXLQN_tUiKM5SniNp6ELhNsPkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Apr 2021 01:42:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 55BB 17 KB
18 KB 31ms
6ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQjOyyCTwD0am8xvRHBhYT5AUQ0_WrGFdpsGECKZPay4Wd2tifCWql105aZIQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0e4cb075646a9ae68f458ab7d5c48dd8c5a05d9c803241d454c00a4edc9baf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 15:23:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 13:09:28 GMT
server: sffe
age: 469100
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17742
x-xss-protection: 0
expires: Sat, 26 Mar 2022 15:23:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 55BB 20 KB
20 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQL3h3ohe6U4SOXBjg5QCF5boH0pmZu22kNyFjcPLUcK6705oNZqEV8imPdMHQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975cc9124db825969beca86419bf6623c294d64b675e30df4a8ff7c5c2cbf93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 07:36:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Jun 2020 13:31:45 GMT
server: sffe
age: 497164
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20431
x-xss-protection: 0
expires: Sat, 26 Mar 2022 07:36:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 55BB 18 KB
18 KB 36ms
12ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTSKWHeZbHAis4P8VCaFTqOWQGwbqgg6dWjiF_4dfujKgHKlo_-8EoF6arl-sE&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fffe1665a2ccff7f69a348839b72497bc3c1c5abc6cac66d0e9a7ddb584e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 10:01:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 14:08:46 GMT
server: sffe
age: 56430
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18386
x-xss-protection: 0
expires: Thu, 31 Mar 2022 10:01:34 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 55BB 21 KB
22 KB 30ms
6ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRomEmkW1OYLMF3W0vva-8507IMXkjr3JUJ1HrrOZ2nk9zMEI6UR7P8835y5TA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb424463069af452ee1899943539b581b93def0e01e24ea4a4f63478da5c9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 11:14:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Jun 2020 13:15:49 GMT
server: sffe
age: 397666
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21921
x-xss-protection: 0
expires: Sun, 27 Mar 2022 11:14:18 GMT

GET
H3-Q050

200

16723216399289083998
tpc.googlesyndication.com/simgad/ Frame 55BB
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHu-nffRCrARirATIIy-TP4BK3rds
https://tpc.googlesyndication.com/simgad/16723216399289083998

15 KB
16 KB

8ms
8ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16723216399289083998

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

361e51534f82aa52505365fa2c13b7a5369536b4d62e4a19bd657a3f68238a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 07:13:00 GMT
x-content-type-options: nosniff
age: 498544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15797
x-xss-protection: 0
last-modified: Fri, 20 Sep 2019 12:53:40 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 07:13:00 GMT

Redirect headers

timing-allow-origin: *
date: Wed, 31 Mar 2021 16:42:20 GMT
x-content-type-options: nosniff
server: cafe
age: 32384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16723216399289083998
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Apr 2021 16:42:20 GMT

GET
DATA 200
OK truncated
/ Frame 55BB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d800be3c2155cfaa26bbcd08a1411428c72b6be5dba2feb5baf2504646df964

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 55BB 20 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:34:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 414443
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:34:41 GMT

GET
H2 206 11efe985-d44a-466c-972e-7a883db84da4.mp4
playtime.tubemogul.com/ad_promoted_videos/ Frame D4A6 2 MB
2 MB 72ms
20ms Media
video/mp4 93.184.221.64
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://playtime.tubemogul.com/ad_promoted_videos/11efe985-d44a-466c-972e-7a883db84da4.mp4
Requested by: Host: www.needcoolshoes.com
URL: http://www.needcoolshoes.com/banner?=paae
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.64 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AD2) /
Resource Hash: 218e166613a2da4d0a73974679665cc9abec07ea229ca8fc12918079b818b3c2

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 01 Apr 2021 01:42:04 GMT
last-modified: Wed, 24 Feb 2021 08:42:56 GMT
server: ECAcc (ama/8AD2)
age: 16774
etag: "632906881"
x-cache: HIT
content-type: video/mp4
Content-Range: bytes 0-1852195/1852196
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1852196
expires: Fri, 02 Apr 2021 01:42:04 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 827A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1617241323&rafmt=1&psa=0&format=970x280&url=http%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3Dpaae&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617241323379&bpp=14&bdt=585&idt=110&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7949411088806&frm=20&pv=2&ga_vid=1556908268.1617241323&ga_sid=1617241324&ga_hid=220357635&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=2&pvsid=4290534993100354&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wE41imLKPD&p=http%3A//www.needcoolshoes.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 522221
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:38:23 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210329&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27609c1683b733b6ee9b93a016dbaa1968a3bc438ce5dde5fec4db9d8870267e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 01:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6504
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 01 Apr 2021 01:42:04 GMT

GET
H2 200 9dze1q
gsght.com/imgp/ 43 B
360 B 557ms
187ms Image
image/gif 54.203.171.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsght.com/imgp/9dze1q?network_impression_id=NDY3MzI1XzEyNjgyOTBfODM1MTZfMF80MDAzMzM4NzQxMDQwMDM3NzQwXzE4NS4yMTIuMTcxLjY3XzE2MTcyNDEzMjRfMTBfMTAyX19GMkI5RUQyOQ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.203.171.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-171-101.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 01:42:04 GMT
server: envoy
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 43
expires: 0

GET
H2 200 Splitgate_Arena_Warfare_EN_336x768_V2_Left.jpg
ssl.cdne.cpmstar.com/cached/creatives/1268290/ 115 KB
116 KB 56ms
55ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1268290/Splitgate_Arena_Warfare_EN_336x768_V2_Left.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B66) /
Resource Hash: 5337a86aba77ae149bdb0788c651a5bd6e62534b6b96611e74fb0bda06a7e359

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:04 GMT
last-modified: Wed, 31 Mar 2021 05:17:44 GMT
server: ECAcc (ama/8B66)
age: 73460
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1268290_Splitgate_Arena_Warfare_EN_336x768_V2_Left.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 118102
expires: Fri, 02 Apr 2021 01:42:05 GMT

GET
H2 200 Splitgate_Arena_Warfare_EN_336x768_V2_Right.jpg
ssl.cdne.cpmstar.com/cached/creatives/1268290/ 114 KB
114 KB 20ms
19ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1268290/Splitgate_Arena_Warfare_EN_336x768_V2_Right.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8A8E) /
Resource Hash: 552c2bf7f8bf9a179183b77a238d52af77d316072617e5a85e0ffe00954767fe

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:42:04 GMT
last-modified: Wed, 31 Mar 2021 05:17:44 GMT
server: ECAcc (ama/8A8E)
age: 73460
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1268290_Splitgate_Arena_Warfare_EN_336x768_V2_Right.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 116922
expires: Fri, 02 Apr 2021 01:42:05 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4D6F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.needcoolshoes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.needcoolshoes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 00:27:49 GMT
expires: Fri, 01 Apr 2022 00:27:49 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4455
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D6F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 522221
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:38:23 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210329&jk=4290534993100354&bg=!oqGloeXNAAY56aLOOek7ACkAdvg8WmmyGk1RloNbcLY1cMJH-Lk6nIvIgddvr_MvFLbHR7IUZICv6wIAAACEUgAAAAxoAQcKAC28zDj-bV1GEPVwIMfelvbtcYoeOF_uRmoc7etl4ERdHShr7ianFLokV_DOsQ2ZAeJI6B50LT6g9D36ZbyaLtdSyh--1FB9kWJvvVB69wss-h14rnvFaDxQ6JM5qaeyd4bzRyKSPdt7vmK9gQpYhaj5DXWUqEZUvGrnyy0sQxgvLXSwchwuAjf3U43sT3HR2l93U0tCJkSWv_kFzceYqyFohPT4qI-me25wtaLOeB0BgPMrFBfYsDC7suHuFwvyqsCte9UrNDLPKCu4EW7VGLPsosZJGo4PKWxOw2tOChx0trdtbbyCbi4sL7kh3vkEjA7Iiu8TUN7wF05PfJ0u4fBBPeXrdiBjNwAxRd0b7hZKHYVVTP5NqPrfkKAe3G7onlc5ReG9fwPUAJkvAjErzUFX86zZsKn9CkPBD88ls0o-TbQuHl2KGPEcPVrmLNu8tO0ITj8no0s1_WX4tDWkzArxDlnbXd19mwaB6O594tnpXMk1xVPYQPFpoqj0Mi0Fgcf74AhTv7SaZkH41pGCyJbB6k7uM8wEI4ryEs-5Kt-0D4tKWemmz1HCrao4smnyfR3BXXHxQo85aUR0A9ssLscTpTGTc5nE0OupfG7OhP3TKzF-cTX3HOthFEYlsdMYSahteAR59nHjsxxUABrbahRhj09f4siK3sEnp2aSmeCtlSB8TS49dHGPEnDJviIE-sZGww

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.needcoolshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 01:42:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame D4A6 0
318 B 318ms
112ms Other
image/gif 2607:f8b0:400c:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~kmy7q7yn&c=1357666581189&slotId=678833290594.5&qqid=CKea7bT12-8CFRZW4AodVEYPkw&fb=outstream-lima&gpm_i=2&gpm_c=2&gpm_a=2&smb=1000&br=500&mt=video%2Fmp4&vs=400x300&ulv=1&cll=0&vmfc=2&vhc=0&msm=1&aits=0&webm=1&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=0&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210329_RC00/outstream.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 01:42:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 55BB 42 B
155 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkJ51y7MtTpDXQYJYzaGSRJPkGUMqKa0Edxtwde8KqUnm6apbBQgIapBjls7AmFqEA4939-ESVWw1Qqn3FaTQ2X50WKlWnzqwgh3mU1SzbMdmO6XV7bPL6DEP0sw&sai=AMfl-YRe_KTTFPT8q6YnlmideFZbXlLi87mRpeP53YWwk_eJ_onjlo7wAnSXzPAKK6uPPVPBUpWXCBNZbAXk&sig=Cg0ArKJSzH-4XJwtgnqzEAE&id=osdim&mcvt=1002&p=100,315,380,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2663260536&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1617241323517&dlt=546&rpt=78&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 01:42:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/vendor/fonts/icon/fontello.woff?61275574

Domain: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/vendor/fonts/icon/fontello.ttf?61275574

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:14:02	Name: test_cookie Value: CheckForPermission
.needcoolshoes.com/	1970-01-20 10:45:13	Name: _ga Value: GA1.2.1556908268.1617241323
.needcoolshoes.com/	1970-01-20 02:35:37	Name: __gads Value: ID=df64b61adccb457e-22fa62e240a70072:T=1617241323:RT=1617241323:S=ALNI_MbCunWeOhwY_xRIhdAKU4eDBF8F0Q
.needcoolshoes.com/	1970-01-19 17:15:27	Name: _gid Value: GA1.2.1348002881.1617241323
.doubleclick.net/	1970-01-20 02:35:37	Name: IDE Value: AHWqTUnwnwp5CdS_AqGK6yLgm0SaoEOJ5FdqR_IfOO9L8vNZne1mn7FYFxQUP015bSM
.needcoolshoes.com/	1970-01-19 17:14:01	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
asf-tm.everesttech.net
csi.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gsght.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
playtime.tubemogul.com
server.cpmstar.com
ssl.cdne.cpmstar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
www.gstatic.com
www.needcoolshoes.com
www.needcoolshoes.com
142.250.185.98
151.101.114.49
152.199.21.117
198.24.170.50
2607:f8b0:400c:c13::5e
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:400c:c04::9a
52.204.190.140
54.203.171.101
93.184.221.64
03fffe1665a2ccff7f69a348839b72497bc3c1c5abc6cac66d0e9a7ddb584e25
0c3f8c971306eb98dbc271c6d36058f7b421e04b2bb1c03ad093dc1daedc5347
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
113efbb99ac223538d5141ffdf0192e1767f57e0a02bade849eec6ff33e57a10
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
17cf9c3efcbafef7f15331e9bf1c4e5c8a1b97425245978ac16efb1c21654bb0
218e166613a2da4d0a73974679665cc9abec07ea229ca8fc12918079b818b3c2
25bbd9e1bf7e90508af553d13dbca7531168cd41725dc2a14818b0e799bf4e8d
27609c1683b733b6ee9b93a016dbaa1968a3bc438ce5dde5fec4db9d8870267e
30a068e4fb4cb2faa71b8e613d047c02cc7fd691d937e34c8cbcb82dc1fa301d
311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2
3320f52d68d27590415808e51326b1553d18bb515cd1d14d04646fb193e2de76
361e51534f82aa52505365fa2c13b7a5369536b4d62e4a19bd657a3f68238a3c
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
3b0fc877763d6652ad1957931e9a93eab9c563e2d821e4d27e39c6d8f7bd8c9e
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47e7a5926a799b67b33fcd9ca93cc95889d0554781de1066882de93a16b08c4b
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
50305edcc36816fff7528276891504d21fa4eb1f64bf808c650179901d43e2c5
5337a86aba77ae149bdb0788c651a5bd6e62534b6b96611e74fb0bda06a7e359
552c2bf7f8bf9a179183b77a238d52af77d316072617e5a85e0ffe00954767fe
5fbbfe8c900d988dbe66f8bf00122ff9d788e06cd0581081feecdc9769d264ec
5feffbc29d291e11f299ab87ea52623a1d906d9954dcdc382e97fcf8d7fa8529
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb424463069af452ee1899943539b581b93def0e01e24ea4a4f63478da5c9a2
6ce8cb1461f940641cf5409d4946dcbb72d356ad1ce5d913f583a1a7f5b78017
6e519798040149012c57dc0f428acc1cf7469819315d1eaae2a5da3954a69878
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7c0c64dd3ebd0301f6970e85cac5656838a6250c95567781828cdaac3e37994a
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
876a4fe5aff2bd7035c1ec6ff645b592aeebb2ea9b579ae8f065e011ed3440e4
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8df9592e56bd0616ed6af91c1e33f2d72ea33fe73ae2dea4a5d6dcf382c3e775
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
975cc9124db825969beca86419bf6623c294d64b675e30df4a8ff7c5c2cbf93b
9d800be3c2155cfaa26bbcd08a1411428c72b6be5dba2feb5baf2504646df964
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa2d25309f6f2f59715a0c32c2eb35105d2aee3e9ba13af7a226f5ef7707eeb4
ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1999378153b2f7272cebf1a0dd5a00f449da3c2f7b1bd65065de18f6d48a7b8
b39f453bf8f6d91f551a1306f02bb9d3d05e441bd0a121bf635ce57e2ad613ba
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b7f284a0d6babcbdc212bc0b388137dd60fdd5b30066b509b50158b9f8903fdb
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
d0e4cb075646a9ae68f458ab7d5c48dd8c5a05d9c803241d454c00a4edc9baf5
d83607d271d287418fdb2b503d0d282c0cdf91c6b3c8c574d3dc4e3674d8b6eb
d949ae51099d029b266fbcb868316ec7386ca5284000e5f1fb0bbbac81efa5a1
db74696d286086332e5edd1cfafeba7121af63cf343431286e9c690a9c2efe5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac5c50a09bc54f3114788c089f6a048fbfd0be7b64f56d1e135a8817e33a004
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d32f0e25437c6995f4ed984f3dca542b130b847af8ecc84fda4b9e528fd065
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

www.needcoolshoes.com Open in urlscan Pro 52.204.190.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

73 Requests

89 %HTTPS

70 %IPv6

14 Domains

24 Subdomains

24 IPs

4 Countries

3001 kBTransfer

3892 kBSize

6 Cookies

1 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.needcoolshoes.com Open in urlscan Pro
52.204.190.140 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

89 %
HTTPS

70 %
IPv6

14
Domains

24
Subdomains

24
IPs

4
Countries

3001 kB
Transfer

3892 kB
Size

6
Cookies

73 HTTP transactions
2 data transactions